Skip to content

KNOX-3310: Fix redundant ALIAS_PASSPHRASE assignment and improve logging#1216

Merged
smolnar82 merged 1 commit intoapache:masterfrom
smolnar82:KNOX-3310
Apr 28, 2026
Merged

KNOX-3310: Fix redundant ALIAS_PASSPHRASE assignment and improve logging#1216
smolnar82 merged 1 commit intoapache:masterfrom
smolnar82:KNOX-3310

Conversation

@smolnar82
Copy link
Copy Markdown
Contributor

@smolnar82 smolnar82 commented Apr 28, 2026

KNOX-3310 - Fixing ALIAS_PASSPHRASE issues while importing custom certs.

What changes were proposed in this pull request?

This PR fixes a bug in the Docker entrypoint script and improves logging during the security initialization phase.

Changes

  • Bug Fix: Removed the redundant ALIAS_PASSPHRASE assignment within importMultipleCerts. This prevents the script from exiting prematurely (due to set -e) when a keystore password file is not provided.
  • Logging Improvements:
    • Added explicit logging to show which file is being used to set the ALIAS_PASSPHRASE.
    • Added logging to indicate when the script falls back to using the MASTER_SECRET.
  • Documentation: Added a comment to the importMultipleCerts function to clarify its dependency on the pre-initialized ALIAS_PASSPHRASE variable.

Impact

  • Stability: Prevents startup failures in default configurations where KEYSTORE_PASSWORD_FILE is not used.
  • Observability: Makes it much easier to debug keystore/truststore password issues by looking at the container logs.

How was this patch tested?

Still needed to be tested in k8s clusters.

Integration Tests

N/A

UI changes

N/A

@smolnar82 smolnar82 requested review from hanicz and moresandeep April 28, 2026 07:15
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 28, 2026

Test Results

21 tests   21 ✅  1s ⏱️
 1 suites   0 💤
 1 files     0 ❌

Results for commit 6ed928c.

moresandeep
moresandeep approved these changes Apr 28, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@moresandeep moresandeep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good.

@smolnar82 smolnar82 merged commit 762593a into apache:master Apr 28, 2026
3 checks passed
@smolnar82 smolnar82 deleted the KNOX-3310 branch April 28, 2026 09:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@moresandeep moresandeep moresandeep approved these changes

@hanicz hanicz hanicz approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@smolnar82 @moresandeep @hanicz