Additional Certificates causing jira to not launch
Bug
Description
Describe the problem, what were you doing when you noticed the bug?
When updating from jira helm version 1.19.0-bb.5 to 1.20.0-bb.2 (also present on bb.0) the container "import-certs" would crash with the error
cp: cannot stat '/lib/security/cacerts': No such file or directory
This would cause jira to ultimately not launch
Provide any steps possible used to reproduce the error (ideally in an isolated fashion).
The issue lies when setting values.jira.additionalCertificates.secretName to import a custom cert it runs a command, specifically
set -e; cp $JAVA_HOME/lib/security/cacerts /var/ssl/cacerts; chmod 664 /var/ssl/cacerts; for crt in /tmp/crt/*.*; do echo "Adding $crt to keystore"; keytool -import -keystore /var/ssl/cacerts -storepass changeit -noprompt -alias $(echo $(basename $crt)) -file $crt; done;
This command utilisies $JAVA_HOME in the path.
registry1.dso.mil/ironbank/atlassian/jira-data-center/jira-node-lts:9.12.10 has changed the base image that it is built on from one containing java(9.12.7), to another that doesn't contain java but instead has it installed after. The installation does not set the $JAVA_HOME variable making the above command fail.
2 possible solutions are have the java install in the image corrected to set the variable,
or change the command used from
cp $JAVA_HOME/lib/security/cacerts /var/ssl/cacerts
to
cp /etc/pki/java/cacerts /var/ssl/cacerts
The path /etc/pki/java/cacerts is ultimately where the previous few versions i checked ended up pointing at consistently so is probably safe to implement as the default command.
BigBang Version
What version of BigBang were you running? 2.29.0