Unable to run migration scripts if no Elasticsearch user is configured

[KevinGimbel]

We removed the user and password from the config/local.json because our Elasticsearch doesn't use user and password for authentication. When we tried to run migration scripts it failed with issues regarding to authorization headers.

migration error log

Elasticsearch DEBUG: 2019-11-05T16:57:10Z
  Request complete
{ Error: Authorization Exception

at respond (/srv/vuestorefront/vue-storefront-api/node_modules/elasticsearch/src/lib/transport.js:308:15)

at checkRespForFailure (/srv/vuestorefront/vue-storefront-api/node_modules/elasticsearch/src/lib/transport.js:267:7)

at HttpConnector. (/srv/vuestorefront/vue-storefront-api/node_modules/elasticsearch/src/lib/connectors/http.js:166:7)

at IncomingMessage.wrapper (/srv/vuestorefront/vue-storefront-api/node_modules/lodash/lodash.js:4929:19)

at IncomingMessage.emit (events.js:203:15)

at endReadableNT (_stream_readable.js:1143:12)

at process._tickCallback (internal/process/next_tick.js:63:19)

status: 403,

displayName: 'AuthorizationException',

message: 'Authorization Exception',

path: '/vue_storefront_catalog',

query: {},

body:

{ message:

'Authorization header requires 'Credential' parameter. Authorization header requires 'Signature' parameter. Authorization header requires 'SignedHeaders' parameter. Authorization=Basic XXX },

statusCode: 403,

response:

'{"message":"Authorization header requires 'Credential' parameter. Authorization header requires 'Signature' parameter. Authorization header requires 'SignedHeaders' parameter. Authorization=Basic XXX"}',

toString: [Function],

toJSON: [Function] }

error : Authorization Exception :: {"path":"/vue_storefront_catalog","query":{},"body":"{"settings":{"analysis":{"tokenizer":{"comma":{"type":"pattern","pattern":","}},"analyzer":{"comma":{"type":"custom","tokenizer":"comma"}}}}}","statusCode":403,"response":"{"message":"Authorization header requires 'Credential' parameter. Authorization header requires 'Signature' parameter. Authorization header requires 'SignedHeaders' parameter. Authorization=Basic XXX"}"}

Once we investigated we found out that the default config is used (user: elastic, password: changeme), even if we removed it from our configuration.

In the following line https://github.com/DivanteLtd/vue-storefront-api/blob/2e6b49b472ad411059caa1faf839559beb4ca498/migrations/.common.js#L14 it is checked if username is set and if it is set, auth info is added. This check will never fail as far as I can tell because it will fallback to the default config which defines a value for elasticsearch.user here
https://github.com/DivanteLtd/vue-storefront-api/blob/2e6b49b472ad411059caa1faf839559beb4ca498/config/default.json#L17-L18

[pkarw]

Good point! It shouldn't be defined in the default.json in the first place. @lukeromanowicz @andrzejewsky

@KevinGimbel please feel free to propose a PR with the change

[KevinGimbel]

@pkarw I created a pull request, see #360