basic auth not being enforced for config example

[ryandawsonuk]

Am following the config example to set basic auth. Have cloned the repo and am following it exactly except for this one change:

extraEnvs:
  - name: ELASTIC_PASSWORD
    valueFrom:
      secretKeyRef:
        name: elastic-config-credentials
        key: password
  - name: ELASTIC_USERNAME
    valueFrom:
      secretKeyRef:
        name: elastic-config-credentials
        key: username

Had to change this from the example which says elastic-credentials but it must mean elastic-config-credentials as that is the name of the secret. Otherwise I get Error: secret "elastic-credentials" not found.

With that change I can install everything.

The example curl of curl -u elastic:changeme http://localhost:9200/_cat/indices does indeed give a 200 response. But so does curl http://localhost:9200/_cat/indices. It doesn't force me to supply the user and password.

[jmlrt]

Hi @ryandawsonuk, thanks for reporting this => #1012 should fix it

[ryandawsonuk]

@jmlrt that will get past the secret not found error and I made that change locally. But even with that change I get a 200 from curl http://localhost:9200/_cat/indices. If basic auth is being enforced then that should be unauthorized.

[ryandawsonuk]

@jmlrt found the problem, the missing ingredient is the xpack.security.enabled flag:

esConfig:
  elasticsearch.yml: |
    xpack.security.enabled: true
    path.data: /usr/share/elasticsearch/data

Realised this after trying the security example (which does work)