Describe how to add a plugin in Dockerfile #31340
Conversation
When installing a plugin, people need to add the `--batch` option. It's better to document it as it could be a common use case.
dadoonet
added
>docs
|
Pinging @elastic/es-core-infra |
|
I am not comfortable with the change. One of the reasons that we made the change that leads to the batch flag being necessary is that previously we were blindly installing plugins without giving the user the opportunity to decide if they accepted the additional security permissions or not. Adding a line like this to our docs has the same effect. We want users to be making a deliberate choice here, not having us choose on their behalf (as we use to do silently or would be doing implicitly here if they copy and paste from the docs). |
|
Makes sense. Should I add a link to the plugin manager documentation instead with a text like a FAQ: If you have problems installing plugins with Docker, please checkout the Plugins documentation... Something along those lines? I'm also fine of closing the PR but I feel like that others will hit that problem as well. |
|
I would prefer a change that communicates something along the lines of: some plugins require additional security permissions. You have to explicitly accept them either by attaching a tty when you run the Docker image and accepting yes at the prompts, or inspecting the security permissions separately and if you are comfortable with them adding the |
| @@ -287,6 +279,13 @@ docker build --tag=elasticsearch-custom . | |||
| docker run -ti -v /usr/share/elasticsearch/data elasticsearch-custom | |||
| -------------------------------------------- | |||
|
|
|||
| Some plugins require additional security permissions. You have to explicitly accept | |||
| them either by attaching a tty when you run the Docker image and accepting yes at | |||
There was a problem hiding this comment.
Maybe tty but I don't feel strongly.
When installing a plugin, people need to add the `--batch` option. It's better to document it as it could be a common use case. Backport of #31340 in 6.x branch
When installing a plugin, people need to add the `--batch` option. It's better to document it as it could be a common use case. Backport of #31340 in 6.3 branch
|
Backported in 6.x and 6.3 branch |
* master: 992c788 Uncouple persistent task state and status (#31031) 8c6ee7d Describe how to add a plugin in Dockerfile (#31340) 1c5cec0 Remove http status code maps (#31350) 87a676e Do not set vm.max_map_count when unnecessary (#31285) e5b7137 TEST: getCapturedRequestsAndClear should be atomic (#31312) 0324103 Painless: Fix bug for static method calls on interfaces (#31348) d6d0727 QA: Fix resolution of default distribution (#31351) fcf1e41 Extract common http logic to server (#31311) 6dd81ea Build: Fix the license in the pom zip and tar (#31336) 8f886cd Treat ack timeout more like a publish timeout (#31303) 9b29327 [ML] Add description to ML filters (#31330) f7a0caf SQL: Fix build on Java 10 375d09c [TEST] Fix RemoteClusterClientTests#testEnsureWeReconnect 4877cec More detailed tracing when writing metadata (#31319) bbfe1ec [Tests] Mutualize fixtures code in BaseHttpFixture (#31210)
* 6.x: 6d711fa (origin/6.x, 6.x) Uncouple persistent task state and status (#31031) f0f16b7 [TEST] Make SSL restrictions update atomic (#31050) 652193f Describe how to add a plugin in Dockerfile (#31340) bb568ab TEST: getCapturedRequestsAndClear should be atomic (#31312) 6f94914 Do not set vm.max_map_count when unnecessary (#31285) c12f3c7 Painless: Fix bug for static method calls on interfaces (#31348) 21128e2 QA: Fix resolution of default distribution (#31351) df17a83 Build: Fix the license in the pom zip and tar (#31336) 3e76b15 Treat ack timeout more like a publish timeout (#31303)
When installing a plugin, people need to add the
--batchoption.It's better to document it as it could be a common use case.