8000 [bitnami/scylladb]: Incorrect indentation in scylla.yaml file when encryption enabled · Issue #80659 · bitnami/containers · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

[bitnami/scylladb]: Incorrect indentation in scylla.yaml file when encryption enabled #80659

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
onebitshort opened this issue Apr 30, 2025 · 1 comment
Open

[bitnami/scylladb]: Incorrect indentation in scylla.yaml file when encryption enabled #80659

onebitshort opened this issue Apr 30, 2025 · 1 comment
Assignees
@carrodher
Labels
scylladb tech-issues The user has a technical issue about an application triage Triage is needed

Comments

@onebitshort
Copy link
onebitshort commented Apr 30, 2025
edited by carrodher
Loading

Name and Version

bitnami/scylladb:6.2.3-debian-12-r5

What architecture are you using?

amd64

What steps will reproduce the bug?

docker compose up and inspect "/opt/bitnami/scylladb/etc/scylla/scylla.yaml" using the following docker-compose file:

docker-compose.yaml

services:
  scylladb: 
    image: bitnami/scylladb:6.2.3-debian-12-r5
    command: [ "/opt/bitnami/scripts/scylladb/run.sh", "--smp", "1", "--memory", "1G" ]
    restart: on-failure
    environment:
      - SCYLLADB_CLIENT_ENCRYPTION=true
    volumes:
      - type: bind
        source: ./tls.key
        target: /bitnami/scylladb/certs/tls.key
      - type: bind
        source: ./tls.crt
        target: /bitnami/scylladb/certs/tls.crt

What is the expected behavior?

I expect to see the respective parts of the scylla.yaml file is indented correctly.

 server_encryption_options:
   internode_encryption: 'none'
   certificate: '/bitnami/scylladb/certs/tls.crt'
   keyfile: '/bitnami/scylladb/certs/tls.key'
 
 client_encryption_options:
   enabled: false
   certificate: '/bitnami/scylladb/certs/tls.crt'
   keyfile: '/bitnami/scylladb/certs/tls.key'

What do you see instead?

Take a look at the "/opt/bitnami/scylladb/etc/scylla/scylla.yaml" file within the container when started up with the SCYLLADB_CLIENT_ENCRYPTION env variable set to true.

The client encryption section is not correctly indented. I believe this is the case for the server_encryption_options too.

The relevant section of the scylla.yaml file:

# Enable or disable inter-node encryption. 

# You must also generate keys and provide the appropriate key and trust store locations and passwords. 

#

# The available internode options are : all, none, dc, rack

# If set to dc scylla  will encrypt the traffic between the DCs

# If set to rack scylla  will encrypt the traffic between the racks

#

# SSL/TLS algorithm and ciphers used can be controlled by 

# the priority_string parameter. Info on priority string

# syntax and values is available at:

#   https://gnutls.org/manual/html_node/Priority-Strings.html

#

# The require_client_auth parameter allows you to 

# restrict access to service based on certificate 

# validation. Client must provide a certificate 

# accepted by the used trust store to connect.

# 

server_encryption_options:

internode_encryption: 'none'

certificate: '/bitnami/scylladb/certs/tls.crt'

keyfile: '/bitnami/scylladb/certs/tls.key'

#    truststore: <not set, use system trust>

#    certficate_revocation_list: <not set>

#    require_client_auth: False

#    priority_string: <not set, use default>



# enable or disable client/server encryption.

client_encryption_options:

   enabled: false

certificate: '/bitnami/scylladb/certs/tls.crt'

keyfile: '/bitnami/scylladb/certs/tls.key'

#    truststore: <not set, use system trust>

#    certficate_revocation_list: <not set>

#    require_client_auth: False

#    priority_string: <not set, use default>
@onebitshort onebitshort added the tech-issues The user has a technical issue about an application label Apr 30, 2025
@github-actions github-actions bot added the triage Triage is needed label Apr 30, 2025
@carrodher
Copy link
Member

Thank you for bringing this issue to our attention. We appreciate your involvement! If you're interested in contributing a solution, we welcome you to create a pull request. The Bitnami team is excited to review your submission and offer feedback. You can find the contributing guidelines here.

Your contribution will greatly benefit the community. Feel free to reach out if you have any questions or need assistance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@carrodher carrodher

Labels
scylladb tech-issues The user has a technical issue about an application triage Triage is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@carrodher @onebitshort
0