Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
1.20.0
-
None
-
None
-
None
-
Important
Description
When deploying stateless NiFi in an environment like k8s, we have the stateless.properties file as a configMap. We need to pass in the keystore password, retrieved by the k8s secret (or environment variable). According to the stateless documentation, this should be supported; however, it looks like the ssl properties specifically don't allow for override. For example, I'm trying to pass this in when running stateless from my deployment.yaml:
command:
["/bin/sh", "-c", "/opt/nifi/nifi-current/bin/nifi-stateless.sh -c -p \"nifi.stateless.security.keystorePasswd=${KEYSTORE_PASSWORD}\""]
Similarly to how the env-flow-config.properties file can reference environment variables with env{VAR_NAME}, the stateless.properties file should be able to do the same.
The expected behavior would be that the nifi.stateless.security.keystorePasswd property in stateless.properties would be updated by environment variables.
Documentation referenced here (https://github.com/apache/nifi/blob/main/nifi-stateless/nifi-stateless-assembly/README.md#passing-parameters)
Chatted briefly w/ Joe Gresock to verify and requested a ticket be submitted.