Add Searchguard OOM config to ElasticSearch
Change-Id: I3c4d0c82882b2f064a6ad3610c0f699d8af50632
Issue-ID: AAI-2203
Signed-off-by: Edwin Lawrance <Edwin.Lawrance@amdocs.com>
diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/bin/init_sg.sh b/kubernetes/aai/charts/aai-elasticsearch/resources/bin/init_sg.sh
new file mode 100644
index 0000000..e859365
--- /dev/null
+++ b/kubernetes/aai/charts/aai-elasticsearch/resources/bin/init_sg.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+/usr/share/elasticsearch/plugins/search-guard-6/tools/sgadmin.sh \
+ -cd /usr/share/elasticsearch/config/sg \
+ -ks /usr/share/elasticsearch/config/sg/auth/{{ .Values.config.adminKeyStore }} \
+ -ts /usr/share/elasticsearch/config/sg/auth/{{ .Values.config.trustStore }} \
+ -kspass {{ .Values.config.adminKeyStorePassword }} \
+ -tspass {{ .Values.config.trustStorePassword}} \
+ -nhnv \
+ -icl \
+ -p {{ .Values.service.internalPort2 }}
\ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/bin/run.sh b/kubernetes/aai/charts/aai-elasticsearch/resources/bin/run.sh
new file mode 100644
index 0000000..a612c74
--- /dev/null
+++ b/kubernetes/aai/charts/aai-elasticsearch/resources/bin/run.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+# Wait for ES to start then initialize SearchGuard
+/usr/local/bin/docker-entrypoint.sh eswrapper &
+/usr/share/elasticsearch/bin/wait_until_started.sh
+/usr/share/elasticsearch/bin/init_sg.sh
+
+wait
\ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/bin/wait_until_started.sh b/kubernetes/aai/charts/aai-elasticsearch/resources/bin/wait_until_started.sh
new file mode 100644
index 0000000..279253b
--- /dev/null
+++ b/kubernetes/aai/charts/aai-elasticsearch/resources/bin/wait_until_started.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+RET=1
+
+while [[ RET -ne 0 ]]; do
+ echo "Waiting for Elasticsearch to become ready before running sgadmin..."
+ curl -XGET -k "https://localhost:{{ .Values.service.internalPort }}/" >/dev/null 2>&1
+ RET=$?
+ sleep 5
+done
\ No newline at end of file