-
-
Notifications
You must be signed in to change notification settings - Fork 492
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(elasticsearch): add option to skip cert retrieval #2530
feat(elasticsearch): add option to skip cert retrieval #2530
Conversation
✅ Deploy Preview for testcontainers-go ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @ImFlog thanks for opening this PR and my apologies for the radio silence. May has been a month with PTO and full focus on an eventual v1 release of testcontainers-go, so please forgive me if this review took that long.
Back to the PR, I do not see any harm in adding it, although it seems a way to bypass the errors getting the certificate, right? Could you elaborate a bit more on this, please?
In some edge cases
If you relate to https://github.com/ImFlog/repro-testcontainer-es/blob/e2647d980919911fa8d652ac42186cdaebdb8e74/main.go#L22, I see that the code is binding the data
dir, which lives next to the config
(the location of the certs: why then are the certs affected by that binding?
As I said, this PR LGTM, but first I'd like to understand more why the certs are not available in that repro code.
Cheers!
Co-authored-by: Manuel de la Peña <[email protected]>
Hello @mdelapenya, no worries for the delay, I am using testcontainers without the module in the meantime :) The tricky part is I don't understand why the cert is impacted by the fact that I map a data dir. This doesn't really make sense to me and after some debugging I couldn't find anything in the base image that could provoke this behavior. In #2207 It seems that another case to trigger this is when xpack is disabled (which makes more sense). As I don't really care about certificates in my integration tests I thought that we could explicitly bypass the cert retrieval (even if it's not the cleanliest). |
Could you add a test where you're able to preload the index? That will help me debug and review it more in depth Thanks! |
In the base issue I created a repository that reproduce the issue : https://github.com/ImFlog/repro-testcontainer-es |
Hi @ImFlog I noticed the repro version uses testcontainers-go In the repro, apart from bumping to the latest and greatest release, add this functional option to the RunContainer func: testcontainers.WithEnv(map[string]string{
"xpack.security.enabled": "false",
}), And I think this is more Elasticsearch-idiomatic, as whoever knowing about Elastic configuration will understand properly what's going on here (ex-Elastic here 🙋 😉) So if you agree, I think we should close this one. |
I just tried and indeed it works as expected. I don't understand why I didn't saw this other related issue. |
What does this PR do?
Add a new option to skip certificate retrieval.
Why is it important?
In some edge cases, it seems that the certificates are not available on the container and even if elasticsearch is working, the containers throw an error.
Related issues
Link related issues below. Insert the issue link or reference after the word "Closes" if merging this should automatically close it.
How to test this PR
There should be no impact because the default behavior is still to retrieve the certs. One can use the
WithoutCertRetrieval
function in theRunContainer
method.