From e352a6a1e730ea6b097554e197fa3438eedbd7a6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Th=C3=A9o=20Mathieu?= <tmathieu.github@fastmail.com>
Date: Sun, 5 Dec 2021 08:55:06 +0100
Subject: [PATCH] Fix elasticsearch authentication when initializing (#98)

---
 apiserver/elastic/apply_mappings.py |  6 +++---
 apiserver/elastic/initialize.py     | 18 ++++++++++++++++--
 2 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/apiserver/elastic/apply_mappings.py b/apiserver/elastic/apply_mappings.py
index 8515b3b..f80fffe 100755
--- a/apiserver/elastic/apply_mappings.py
+++ b/apiserver/elastic/apply_mappings.py
@@ -5,7 +5,7 @@ Apply elasticsearch mappings to given hosts.
 import argparse
 import json
 from pathlib import Path
-from typing import Optional, Sequence
+from typing import Optional, Sequence, Tuple
 
 from elasticsearch import Elasticsearch
 
@@ -13,7 +13,7 @@ HERE = Path(__file__).resolve().parent
 
 
 def apply_mappings_to_cluster(
-    hosts: Sequence, key: Optional[str] = None, es_args: dict = None
+    hosts: Sequence, key: Optional[str] = None, es_args: dict = None, http_auth: Tuple = None
 ):
     """Hosts maybe a sequence of strings or dicts in the form {"host": <host>, "port": <port>}"""
 
@@ -30,7 +30,7 @@ def apply_mappings_to_cluster(
     else:
         files = p.glob("**/*.json")
 
-    es = Elasticsearch(hosts=hosts, **(es_args or {}))
+    es = Elasticsearch(hosts=hosts, http_auth=http_auth, **(es_args or {}))
     return [_send_template(f) for f in files]
 
 
diff --git a/apiserver/elastic/initialize.py b/apiserver/elastic/initialize.py
index a1c3ae9..80a8b16 100644
--- a/apiserver/elastic/initialize.py
+++ b/apiserver/elastic/initialize.py
@@ -82,7 +82,16 @@ def check_elastic_empty() -> bool:
         es_logger.addFilter(log_filter)
         for retry in range(max_retries):
             try:
-                es = Elasticsearch(hosts=cluster_conf.get("hosts"))
+                hosts = cluster_conf.get("hosts", None)
+                http_auth = (
+                    es_factory.get_credentials("events")
+                    if cluster_conf.get("secure", True)
+                    else None
+                )
+                args = cluster_conf.get("args", {})
+                es = Elasticsearch(
+                    hosts=hosts, http_auth=http_auth, **args
+                )
                 return not es.indices.get_template(name="events*")
             except exceptions.NotFoundError as ex:
                 log.error(ex)
@@ -109,5 +118,10 @@ def init_es_data():
 
         log.info(f"Applying mappings to ES host: {hosts_config}")
         args = cluster_conf.get("args", {})
-        res = apply_mappings_to_cluster(hosts_config, name, es_args=args)
+        http_auth = (
+            es_factory.get_credentials(name)
+            if cluster_conf.get("secure", True)
+            else None
+        )
+        res = apply_mappings_to_cluster(hosts_config, name, es_args=args, http_auth=http_auth)
         log.info(res)