@@ -25,12 +25,20 @@ function update_kafka_outputs() {
2525 # Make sure SSL configuration is included in policy updates for Kafka output. SSL is configured in so-elastic-fleet-setup
2626 if kafka_policy=$( curl -K /opt/so/conf/elasticsearch/curl.config -L " http://localhost:5601/api/fleet/outputs/so-manager_kafka" 2> /dev/null) ; then
2727 SSL_CONFIG=$( echo " $kafka_policy " | jq -r ' .item.ssl' )
28- SECRETS=$( echo " $kafka_policy " | jq -r ' .item.secrets' )
29- JSON_STRING=$( jq -n \
30- --arg UPDATEDLIST " $NEW_LIST_JSON "
31- --argjson SSL_CONFIG " $SSL_CONFIG "
32- --argjson SECRETS " $SECRETS "
33- ' {"name": "grid-kafka","type": "kafka","hosts": $UPDATEDLIST,"is_default": true,"is_default_monitoring": true,"config_yaml": "","ssl": $SSL_CONFIG,"secrets": $SECRETS}' )
28+ if SECRETS=$( echo " $kafka_policy " | jq -er ' .item.secrets' 2> /dev/null) ; then
29+ # Update policy when fleet has secrets enabled
30+ JSON_STRING=$( jq -n \
31+ --arg UPDATEDLIST " $NEW_LIST_JSON "
32+ --argjson SSL_CONFIG " $SSL_CONFIG "
33+ --argjson SECRETS " $SECRETS "
34+ ' {"name": "grid-kafka","type": "kafka","hosts": $UPDATEDLIST,"is_default": true,"is_default_monitoring": true,"config_yaml": "","ssl": $SSL_CONFIG,"secrets": $SECRETS}' )
35+ else
36+ # Update policy when fleet has secrets disabled or policy hasn't been force updated
37+ JSON_STRING=$( jq -n \
38+ --arg UPDATEDLIST " $NEW_LIST_JSON "
39+ --argjson SSL_CONFIG " $SSL_CONFIG "
40+ ' {"name": "grid-kafka","type": "kafka","hosts": $UPDATEDLIST,"is_default": true,"is_default_monitoring": true,"config_yaml": "","ssl": $SSL_CONFIG}' )
41+ fi
3442 # Update Kafka outputs
3543 curl -K /opt/so/conf/elasticsearch/curl.config -L -X PUT " localhost:5601/api/fleet/outputs/so-manager_kafka" ' kbn-xsrf: true' ' Content-Type: application/json' " $JSON_STRING " | jq
3644 else
0 commit comments