[bitnami/kibana] Release 7.17.11-debian-11-r5 (#41018)

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
2026-03-21 15:29:05 +08:00 · 2023-07-14 03:44:36 +02:00
parent f3e276264d
commit fe5e88e9f8
7 changed files with 521 additions and 422 deletions
--- a/bitnami/kibana/7/debian-11/Dockerfile
+++ b/bitnami/kibana/7/debian-11/Dockerfile
@@ -6,10 +6,10 @@ FROM docker.io/bitnami/minideb:bullseye
 ARG TARGETARCH
 LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \
-      org.opencontainers.image.created="2023-07-10T23:20:24Z" \
+      org.opencontainers.image.created="2023-07-14T00:09:44Z" \
      org.opencontainers.image.description="Application packaged by VMware, Inc" \
      org.opencontainers.image.licenses="Apache-2.0" \
-      org.opencontainers.image.ref.name="7.17.11-debian-11-r4" \
+      org.opencontainers.image.ref.name="7.17.11-debian-11-r5" \
      org.opencontainers.image.title="kibana" \
      org.opencontainers.image.vendor="VMware, Inc." \
      org.opencontainers.image.version="7.17.11"
@@ -26,7 +26,7 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 RUN install_packages ca-certificates curl libgcc-s1 libnss3 libstdc++6 procps
 RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \
    COMPONENTS=( \
-      "yq-4.34.1-6-linux-${OS_ARCH}-debian-11" \
+      "yq-4.34.2-0-linux-${OS_ARCH}-debian-11" \
      "kibana-7.17.11-0-linux-${OS_ARCH}-debian-11" \
    ) && \
    for COMPONENT in "${COMPONENTS[@]}"; do \
--- a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
+++ b/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
@@ -9,6 +9,6 @@
        "arch": "amd64",
        "distro": "debian-11",
        "type": "NAMI",
-        "version": "4.34.1-6"
+        "version": "4.34.2-0"
    }
 }
--- a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana-env.sh
+++ b/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana-env.sh
@@ -41,17 +41,19 @@ kibana_env_vars=(
    KIBANA_SERVER_KEY_LOCATION
    KIBANA_SERVER_KEY_PASSWORD
    KIBANA_PASSWORD
    KIBANA_CREATE_USER
    KIBANA_ELASTICSEARCH_PASSWORD
    KIBANA_ELASTICSEARCH_ENABLE_TLS
    KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE
    KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION
    KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD
    KIBANA_ELASTICSEARCH_TLS_USE_PEM
    KIBANA_ELASTICSEARCH_CA_CERT_LOCATION
    KIBANA_DISABLE_STRICT_CSP
    KIBANA_CREATE_USER
    KIBANA_ELASTICSEARCH_PASSWORD
    ELASTICSEARCH_URL
    KIBANA_ELASTICSEARCH_PORT_NUMBER
    KIBANA_ELASTICSEARCH_PORT
-    ELASTICSEARCH_PORT_NUMBER
+    KIBANA_PORT_NUMBER
    KIBANA_INITSCRIPTS_MAX_RETRIES
 )
 for env_var in "${kibana_env_vars[@]}"; do
@@ -66,61 +68,101 @@ for env_var in "${kibana_env_vars[@]}"; do
    fi
 done
 unset kibana_env_vars
 export SERVER_FLAVOR="kibana"
 # Paths
 export BITNAMI_VOLUME_DIR="/bitnami"
 export KIBANA_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/kibana"
 export SERVER_VOLUME_DIR="$KIBANA_VOLUME_DIR"
 export KIBANA_BASE_DIR="${BITNAMI_ROOT_DIR}/kibana"
-export KIBANA_CONF_DIR="${KIBANA_BASE_DIR}/config"
+export SERVER_BASE_DIR="$KIBANA_BASE_DIR"
-export KIBANA_LOGS_DIR="${KIBANA_BASE_DIR}/logs"
+export KIBANA_CONF_DIR="${SERVER_BASE_DIR}/config"
-export KIBANA_TMP_DIR="${KIBANA_BASE_DIR}/tmp"
+export SERVER_CONF_DIR="$KIBANA_CONF_DIR"
-export KIBANA_BIN_DIR="${KIBANA_BASE_DIR}/bin"
+export KIBANA_LOGS_DIR="${SERVER_BASE_DIR}/logs"
-export KIBANA_PLUGINS_DIR="${KIBANA_BASE_DIR}/plugins"
+export SERVER_LOGS_DIR="$KIBANA_LOGS_DIR"
-export KIBANA_OPTIMIZE_DIR="${KIBANA_BASE_DIR}/optimize"
+export KIBANA_TMP_DIR="${SERVER_BASE_DIR}/tmp"
-export KIBANA_DATA_DIR="${KIBANA_VOLUME_DIR}/data"
+export SERVER_TMP_DIR="$KIBANA_TMP_DIR"
-export KIBANA_MOUNTED_CONF_DIR="${KIBANA_VOLUME_DIR}/conf"
+export KIBANA_BIN_DIR="${SERVER_BASE_DIR}/bin"
-export KIBANA_CONF_FILE="${KIBANA_CONF_DIR}/kibana.yml"
+export SERVER_BIN_DIR="$KIBANA_BIN_DIR"
-export KIBANA_LOG_FILE="${KIBANA_LOGS_DIR}/kibana.log"
+export KIBANA_PLUGINS_DIR="${SERVER_BASE_DIR}/plugins"
-export KIBANA_PID_FILE="${KIBANA_TMP_DIR}/kibana.pid"
+export SERVER_PLUGINS_DIR="$KIBANA_PLUGINS_DIR"
 export KIBANA_DATA_DIR="${SERVER_VOLUME_DIR}/data"
 export SERVER_DATA_DIR="$KIBANA_DATA_DIR"
 export KIBANA_MOUNTED_CONF_DIR="${SERVER_VOLUME_DIR}/conf"
 export SERVER_MOUNTED_CONF_DIR="$KIBANA_MOUNTED_CONF_DIR"
 export KIBANA_CONF_FILE="${SERVER_CONF_DIR}/kibana.yml"
 export SERVER_CONF_FILE="$KIBANA_CONF_FILE"
 export KIBANA_LOG_FILE="${SERVER_LOGS_DIR}/kibana.log"
 export SERVER_LOG_FILE="$KIBANA_LOG_FILE"
 export KIBANA_PID_FILE="${SERVER_TMP_DIR}/kibana.pid"
 export SERVER_PID_FILE="$KIBANA_PID_FILE"
 export KIBANA_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d"
 export SERVER_INITSCRIPTS_DIR="$KIBANA_INITSCRIPTS_DIR"
 # System users (when running with a privileged user)
 export KIBANA_DAEMON_USER="kibana"
 export SERVER_DAEMON_USER="$KIBANA_DAEMON_USER"
 export KIBANA_DAEMON_GROUP="kibana"
 export SERVER_DAEMON_GROUP="$KIBANA_DAEMON_GROUP"
 # Kibana configuration
 KIBANA_ELASTICSEARCH_URL="${KIBANA_ELASTICSEARCH_URL:-"${ELASTICSEARCH_URL:-}"}"
 export KIBANA_ELASTICSEARCH_URL="${KIBANA_ELASTICSEARCH_URL:-elasticsearch}"
 export SERVER_DB_URL="$KIBANA_ELASTICSEARCH_URL"
 KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-"${KIBANA_ELASTICSEARCH_PORT_NUMBER:-}"}"
 KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-"${KIBANA_ELASTICSEARCH_PORT:-}"}"
-KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-"${ELASTICSEARCH_PORT_NUMBER:-}"}"
+KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-"${KIBANA_PORT_NUMBER:-}"}"
 export KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-9200}"
 export SERVER_DB_PORT_NUMBER="$KIBANA_ELASTICSEARCH_PORT_NUMBER"
 export KIBANA_HOST="${KIBANA_HOST:-0.0.0.0}"
 export SERVER_HOST="$KIBANA_HOST"
 export KIBANA_PORT_NUMBER="${KIBANA_PORT_NUMBER:-5601}"
 export SERVER_PORT_NUMBER="$KIBANA_PORT_NUMBER"
 KIBANA_WAIT_READY_MAX_RETRIES="${KIBANA_WAIT_READY_MAX_RETRIES:-"${KIBANA_INITSCRIPTS_MAX_RETRIES:-}"}"
 export KIBANA_WAIT_READY_MAX_RETRIES="${KIBANA_WAIT_READY_MAX_RETRIES:-30}"
 export SERVER_WAIT_READY_MAX_RETRIES="$KIBANA_WAIT_READY_MAX_RETRIES"
 export KIBANA_INITSCRIPTS_START_SERVER="${KIBANA_INITSCRIPTS_START_SERVER:-yes}"
 export SERVER_INITSCRIPTS_START_SERVER="$KIBANA_INITSCRIPTS_START_SERVER"
 export KIBANA_FORCE_INITSCRIPTS="${KIBANA_FORCE_INITSCRIPTS:-no}"
 export SERVER_FORCE_INITSCRIPTS="$KIBANA_FORCE_INITSCRIPTS"
 export KIBANA_DISABLE_STRICT_CSP="${KIBANA_DISABLE_STRICT_CSP:-no}"
 export SERVER_DISABLE_STRICT_CSP="$KIBANA_DISABLE_STRICT_CSP"
 # Kibana server SSL/TLS configuration
-export KIBANA_CERTS_DIR="${KIBANA_CERTS_DIR:-${KIBANA_CONF_DIR}/certs}"
+export KIBANA_CERTS_DIR="${KIBANA_CERTS_DIR:-${SERVER_CONF_DIR}/certs}"
 export SERVER_CERTS_DIR="$KIBANA_CERTS_DIR"
 export KIBANA_SERVER_ENABLE_TLS="${KIBANA_SERVER_ENABLE_TLS:-false}"
-export KIBANA_SERVER_KEYSTORE_LOCATION="${KIBANA_SERVER_KEYSTORE_LOCATION:-${KIBANA_CERTS_DIR}/server/kibana.keystore.p12}"
+export SERVER_ENABLE_TLS="$KIBANA_SERVER_ENABLE_TLS"
 export KIBANA_SERVER_KEYSTORE_LOCATION="${KIBANA_SERVER_KEYSTORE_LOCATION:-${SERVER_CERTS_DIR}/server/kibana.keystore.p12}"
 export SERVER_KEYSTORE_LOCATION="$KIBANA_SERVER_KEYSTORE_LOCATION"
 export KIBANA_SERVER_KEYSTORE_PASSWORD="${KIBANA_SERVER_KEYSTORE_PASSWORD:-}"
 export SERVER_KEYSTORE_PASSWORD="$KIBANA_SERVER_KEYSTORE_PASSWORD"
 export KIBANA_SERVER_TLS_USE_PEM="${KIBANA_SERVER_TLS_USE_PEM:-false}"
-export KIBANA_SERVER_CERT_LOCATION="${KIBANA_SERVER_CERT_LOCATION:-${KIBANA_CERTS_DIR}/server/tls.crt}"
+export SERVER_TLS_USE_PEM="$KIBANA_SERVER_TLS_USE_PEM"
-export KIBANA_SERVER_KEY_LOCATION="${KIBANA_SERVER_KEY_LOCATION:-${KIBANA_CERTS_DIR}/server/tls.key}"
+export KIBANA_SERVER_CERT_LOCATION="${KIBANA_SERVER_CERT_LOCATION:-${SERVER_CERTS_DIR}/server/tls.crt}"
 export SERVER_CERT_LOCATION="$KIBANA_SERVER_CERT_LOCATION"
 export KIBANA_SERVER_KEY_LOCATION="${KIBANA_SERVER_KEY_LOCATION:-${SERVER_CERTS_DIR}/server/tls.key}"
 export SERVER_KEY_LOCATION="$KIBANA_SERVER_KEY_LOCATION"
 export KIBANA_SERVER_KEY_PASSWORD="${KIBANA_SERVER_KEY_PASSWORD:-}"
 export SERVER_KEY_PASSWORD="$KIBANA_SERVER_KEY_PASSWORD"
-# Elasticsearch X-Pack configuration
+# Elasticsearch Security configuration
 export KIBANA_PASSWORD="${KIBANA_PASSWORD:-}"
 export SERVER_PASSWORD="$KIBANA_PASSWORD"
 export KIBANA_ELASTICSEARCH_ENABLE_TLS="${KIBANA_ELASTICSEARCH_ENABLE_TLS:-false}"
 export SERVER_DB_ENABLE_TLS="$KIBANA_ELASTICSEARCH_ENABLE_TLS"
 export KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE="${KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE:-full}"
 export SERVER_DB_TLS_VERIFICATION_MODE="$KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE"
 export KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION="${KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION:-${SERVER_CERTS_DIR}/elasticsearch/elasticsearch.truststore.p12}"
 export SERVER_DB_TRUSTSTORE_LOCATION="$KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION"
 export KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD="${KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD:-}"
 export SERVER_DB_TRUSTSTORE_PASSWORD="$KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD"
 export KIBANA_ELASTICSEARCH_TLS_USE_PEM="${KIBANA_ELASTICSEARCH_TLS_USE_PEM:-false}"
 export SERVER_DB_TLS_USE_PEM="$KIBANA_ELASTICSEARCH_TLS_USE_PEM"
 export KIBANA_ELASTICSEARCH_CA_CERT_LOCATION="${KIBANA_ELASTICSEARCH_CA_CERT_LOCATION:-${SERVER_CERTS_DIR}/elasticsearch/ca.crt}"
 export SERVER_DB_CA_CERT_LOCATION="$KIBANA_ELASTICSEARCH_CA_CERT_LOCATION"
 export KIBANA_DISABLE_STRICT_CSP="${KIBANA_DISABLE_STRICT_CSP:-no}"
 export KIBANA_CREATE_USER="${KIBANA_CREATE_USER:-false}"
 export KIBANA_ELASTICSEARCH_PASSWORD="${KIBANA_ELASTICSEARCH_PASSWORD:-}"
 export KIBANA_ELASTICSEARCH_ENABLE_TLS="${KIBANA_ELASTICSEARCH_ENABLE_TLS:-false}"
 export KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE="${KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE:-full}"
 export KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION="${KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION:-${KIBANA_CERTS_DIR}/elasticsearch/elasticsearch.trustore.p12}"
 export KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD="${KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD:-}"
 export KIBANA_ELASTICSEARCH_TLS_USE_PEM="${KIBANA_ELASTICSEARCH_TLS_USE_PEM:-false}"
 export KIBANA_ELASTICSEARCH_CA_CERT_LOCATION="${KIBANA_ELASTICSEARCH_CA_CERT_LOCATION:-${KIBANA_CERTS_DIR}/elasticsearch/ca.crt}"
 # Custom environment variables may be defined below
--- a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/postunpack.sh
+++ b/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/postunpack.sh
@@ -16,14 +16,11 @@ set -o pipefail
 # Load environment
 . /opt/bitnami/scripts/kibana-env.sh
-for dir in "$KIBANA_TMP_DIR" "$KIBANA_LOGS_DIR" "$KIBANA_CONF_DIR" "$KIBANA_PLUGINS_DIR" "$KIBANA_VOLUME_DIR" "$KIBANA_DATA_DIR" "$KIBANA_INITSCRIPTS_DIR"; do
+for dir in "$SERVER_TMP_DIR" "$SERVER_LOGS_DIR" "$SERVER_CONF_DIR" "$SERVER_PLUGINS_DIR" "$SERVER_VOLUME_DIR" "$SERVER_DATA_DIR" "$SERVER_INITSCRIPTS_DIR"; do
    ensure_dir_exists "$dir"
    chmod -R ug+rwX "$dir"
 done
-# Optimize feature for Kibana 6
+kibana_conf_set "path.data" "$SERVER_DATA_DIR"
 [[ -d "$KIBANA_OPTIMIZE_DIR" ]] && chmod -R ug+rwX "$KIBANA_OPTIMIZE_DIR"
 kibana_conf_set "path.data" "$KIBANA_DATA_DIR"
 # For backwards compatibility, create a symlink to the default path
-! is_dir_empty "${KIBANA_BASE_DIR}/data" || rm -rf "${KIBANA_BASE_DIR}/data" && ln -s "$KIBANA_DATA_DIR" "${KIBANA_BASE_DIR}/data"
+! is_dir_empty "${SERVER_BASE_DIR}/data" || rm -rf "${SERVER_BASE_DIR}/data" && ln -s "$SERVER_DATA_DIR" "${SERVER_BASE_DIR}/data"
--- a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/run.sh
+++ b/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/run.sh
@@ -18,9 +18,9 @@ set -o pipefail
 . /opt/bitnami/scripts/kibana-env.sh
 info "** Starting Kibana **"
-start_command=("${KIBANA_BIN_DIR}/kibana" "serve")
+start_command=("${SERVER_BIN_DIR}/kibana" "serve")
 if am_i_root; then
-    exec_as_user "$KIBANA_DAEMON_USER" "${start_command[@]}"
+    exec_as_user "$SERVER_DAEMON_USER" "${start_command[@]}"
 else
    exec "${start_command[@]}"
 fi
--- a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/setup.sh
+++ b/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/setup.sh
@@ -20,7 +20,7 @@ set -o pipefail
 kibana_validate
 # Ensure 'daemon' user exists when running as 'root'
-am_i_root && ensure_user_exists "$KIBANA_DAEMON_USER" --group "$KIBANA_DAEMON_GROUP"
+am_i_root && ensure_user_exists "$SERVER_DAEMON_USER" --group "$SERVER_DAEMON_GROUP"
 # Ensure kibana is initialized
 kibana_initialize
--- a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/libkibana.sh
+++ b/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/libkibana.sh
@@ -16,204 +16,6 @@
 # Functions
 ########################
 # Validate settings in KIBANA_* env vars
 # Globals:
 #   KIBANA_*
 # Arguments:
 #   None
 # Returns:
 #   0 if the validation succeeded, 1 otherwise
 #########################
 kibana_validate() {
    debug "Validating settings in KIBANA_* environment variables..."
    local error_code=0
    # Auxiliary functions
    print_validation_error() {
        error "$1"
        error_code=1
    }
    check_multi_value() {
        if [[ " ${2} " != *" ${!1} "* ]]; then
            print_validation_error "The allowed values for ${1} are: ${2}"
        fi
    }
    check_empty_value() {
        if is_empty_value "${!1}"; then
            print_validation_error "${1} must be set"
        fi
    }
    # Warn users in case the configuration file is not writable
    is_file_writable "$KIBANA_CONF_FILE" || warn "The Kibana configuration file '${KIBANA_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied for this file."
    if is_boolean_yes "$KIBANA_CREATE_USER"; then
        if is_empty_value "$KIBANA_PASSWORD"; then
            print_validation_error "The variable KIBANA_CREATE_USER is set but no KIBANA_PASSWORD provided for the kibana_system user."
        fi
        if is_empty_value "$KIBANA_ELASTICSEARCH_PASSWORD"; then
            print_validation_error "Password for the 'elastic' user is required in order to create the kibana_system user. Please provide it using the variable KIBANA_ELASTICSEARCH_PASSWORD."
        fi
    fi
    # User inputs
    check_empty_value "KIBANA_ELASTICSEARCH_URL"
    check_empty_value "KIBANA_HOST"
    for var in "KIBANA_ELASTICSEARCH_PORT_NUMBER" "KIBANA_PORT_NUMBER"; do
        if ! err=$(validate_port "${!var}"); then
            print_validation_error "An invalid port was specified in the environment variable $var: $err"
        fi
    done
    if is_boolean_yes "$KIBANA_SERVER_ENABLE_TLS"; then
        if is_boolean_yes "$KIBANA_SERVER_TLS_USE_PEM"; then
            if [[ ! -f "$KIBANA_SERVER_CERT_LOCATION" ]] || [[ ! -f "$KIBANA_SERVER_KEY_LOCATION" ]]; then
                print_validation_error "In order to configure the TLS encryption for Kibana server using PEM certs you must provide your a valid key and certificate."
            fi
        elif [[ ! -f "$KIBANA_SERVER_KEYSTORE_LOCATION" ]]; then
            print_validation_error "In order to configure the TLS encryption for Kibana server using PKCS12 certs you must mount a valid keystore."
        fi
    fi
    if is_boolean_yes "$KIBANA_ELASTICSEARCH_ENABLE_TLS"; then
        check_multi_value "KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE" "full certificate none"
        if [[ "$KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE" != "none" ]];then
            if is_boolean_yes "$KIBANA_ELASTICSEARCH_TLS_USE_PEM"; then
                if [[ ! -f "$KIBANA_ELASTICSEARCH_CA_CERT_LOCATION" ]]; then
                    print_validation_error "In order to connect to Elasticsearch via HTTPS, a valid CA certificate is required."
                fi
            elif [[ ! -f "$KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION" ]]; then
                print_validation_error "In order to connect to Elasticsearch via HTTPS, a valid PKCS12 truststore is required."
            fi
        fi
    fi
    [[ "$error_code" -eq 0 ]] || exit "$error_code"
 }
 ########################
 # Configure/initialize Kibana
 # Globals:
 #   KIBANA_*
 # Arguments:
 #   None
 # Returns:
 #   None
 #########################
 kibana_initialize() {
    info "Configuring/Initializing Kibana..."
    debug "Ensuring expected directories/files exist..."
    for dir in "$KIBANA_TMP_DIR" "$KIBANA_LOGS_DIR" "$KIBANA_CONF_DIR" "$KIBANA_DATA_DIR"; do
        ensure_dir_exists "$dir"
        am_i_root && chown -R "$KIBANA_DAEMON_USER:$KIBANA_DAEMON_GROUP" "$dir"
    done
    # Optimize feature for Kibana 6
    am_i_root && [[ -d "$KIBANA_OPTIMIZE_DIR" ]] && chown -R "$KIBANA_DAEMON_USER:$KIBANA_DAEMON_GROUP" "$KIBANA_OPTIMIZE_DIR"
    if is_file_writable "$KIBANA_CONF_FILE"; then
        if is_mounted_dir_empty "$KIBANA_MOUNTED_CONF_DIR"; then
            info "Setting default configuration"
            kibana_conf_set "pid.file" "$KIBANA_PID_FILE"
            kibana_conf_set "server.host" "$KIBANA_HOST"
            kibana_conf_set "server.port" "$KIBANA_PORT_NUMBER" "int"
            kibana_conf_set "elasticsearch.hosts" "$(kibana_sanitize_elasticsearch_hosts "${KIBANA_ELASTICSEARCH_URL}" "${KIBANA_ELASTICSEARCH_PORT_NUMBER}")"
        else
            info "Found mounted configuration directory"
            if ! cp -Lr "$KIBANA_MOUNTED_CONF_DIR"/* "$KIBANA_CONF_DIR"; then
                error "Issue copying mounted configuration files from $KIBANA_MOUNTED_CONF_DIR to $KIBANA_CONF_DIR. Make sure you are not mounting configuration files in $KIBANA_CONF_DIR and $KIBANA_MOUNTED_CONF_DIR at the same time"
                exit 1
            fi
        fi
        # Override configuration
        if ! is_empty_value "$KIBANA_PASSWORD"; then
            kibana_conf_set "elasticsearch.username" "kibana_system"
            kibana_conf_set "elasticsearch.password" "$KIBANA_PASSWORD"
        fi
        if is_boolean_yes "$KIBANA_DISABLE_STRICT_CSP"; then
            kibana_conf_set "csp.strict" "false" "bool"
        fi
        if is_boolean_yes "$KIBANA_SERVER_ENABLE_TLS"; then
            kibana_conf_set "server.ssl.enabled" "true" "bool"
            if "$KIBANA_SERVER_TLS_USE_PEM"; then
                kibana_conf_set "server.ssl.certificate" "$KIBANA_SERVER_CERT_LOCATION"
                kibana_conf_set "server.ssl.key" "$KIBANA_SERVER_KEY_LOCATION"
                ! is_empty_value "$KIBANA_SERVER_KEY_PASSWORD" && kibana_set_key_value "server.ssl.keyPassphrase" "$KIBANA_SERVER_KEY_PASSWORD"
            else
                kibana_conf_set "server.ssl.keystore.path" "$KIBANA_SERVER_KEYSTORE_LOCATION"
                ! is_empty_value "$KIBANA_SERVER_KEYSTORE_PASSWORD" && kibana_set_key_value "server.ssl.keystore.password" "$KIBANA_SERVER_KEYSTORE_PASSWORD"
            fi
        fi
        if is_boolean_yes "$KIBANA_ELASTICSEARCH_ENABLE_TLS"; then
            kibana_conf_set "elasticsearch.ssl.verificationMode" "$KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE"
            if [[ "$KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE" != "none" ]];then
                if "$KIBANA_ELASTICSEARCH_TLS_USE_PEM"; then
                    kibana_conf_set "elasticsearch.ssl.certificateAuthorities" "$KIBANA_ELASTICSEARCH_CA_CERT_LOCATION"
                else
                    ! is_empty_value "$KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD" && kibana_set_key_value "elasticsearch.ssl.truststore.password" "$KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD"
                    kibana_conf_set "elasticsearch.ssl.truststore.path" "$KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION"
                fi
            fi
        fi
    fi
 }
 ########################
 # Write a configuration setting value
 # Globals:
 #   KIBANA_CONF_FILE
 # Arguments:
 #   $1 - key
 #   $2 - value
 #   $3 - YAML type (string, int or bool)
 # Returns:
 #   None
 #########################
 kibana_conf_set() {
    local -r key="${1:?Missing key}"
    local -r value="${2:-}"
    local -r type="${3:-string}"
    local -r tempfile=$(mktemp)
    case "$type" in
    string)
        yq eval "(.${key}) |= \"${value}\"" "$KIBANA_CONF_FILE" >"$tempfile"
        ;;
    int)
        yq eval "(.${key}) |= ${value}" "$KIBANA_CONF_FILE" >"$tempfile"
        ;;
    bool)
        yq eval "(.${key}) |= (\"${value}\" | test(\"true\"))" "$KIBANA_CONF_FILE" >"$tempfile"
        ;;
    *)
        error "Type unknown: ${type}"
        return 1
        ;;
    esac
    cp "$tempfile" "$KIBANA_CONF_FILE"
 }
 ########################
 # Read a configuration setting value
 # Globals:
 #   KIBANA_CONF_FILE
 # Arguments:
 #   $1 - key
 # Returns:
 #   Outputs the key to stdout (Empty response if key is not set)
 #########################
 kibana_conf_get() {
    local key="${1:?missing key}"
    if [[ -r "$KIBANA_CONF_FILE" ]]; then
        local -r res="$(yq eval ".${key}" "$KIBANA_CONF_FILE")"
        if [[ ! "$res" = "null" ]]; then
            echo "$res"
        fi
    fi
 }
 ########################
 # Set Elasticsearch keystore values
 # Globals:
@@ -231,191 +33,6 @@ kibana_set_key_value() {
    kibana-keystore add --stdin --force "$key" <<<"$value"
 }
 ########################
 # Configure/initialize Kibana
 # For backwards compatibility, it is allowed to specify the host and port in
 # different env-vars and this function will build the correct url.
 # Globals:
 #   KIBANA_*
 # Arguments:
 #   $1 - hostUrl
 #   $2 - port
 # Returns:
 #   None
 #########################
 kibana_sanitize_elasticsearch_hosts() {
    local -r hostUrl="${1:?missing hostUrl}"
    local -r port="${2:?missing port}"
    local scheme
    if is_boolean_yes "$KIBANA_ELASTICSEARCH_ENABLE_TLS"; then
        scheme="https"
    else
        scheme="http"
    fi
    if grep -q -E "^https?://[^:]+:[0-9]+$" <<<"$hostUrl"; then # i.e. http://localhost:9200
        echo "${hostUrl}"
    elif grep -q -E "^https?://[^:]+$" <<<"$hostUrl"; then # i.e. http://localhost
        echo "${hostUrl}:${port}"
    elif grep -q -E "^[^:]+:[0-9]+$" <<<"$hostUrl"; then # i.e. localhost:9200
        echo "${scheme}://${hostUrl}"
    else # i.e. localhost
        echo "${scheme}://${hostUrl}:${port}"
    fi
 }
 ########################
 # Check if Kibana is running
 # Globals:
 #   KIBANA_*
 # Arguments:
 #   None
 # Returns:
 #   Boolean
 #########################
 is_kibana_running() {
    local pid
    pid="$(get_pid_from_file "${KIBANA_PID_FILE}")"
    if [[ -z "$pid" ]]; then
        false
    else
        is_service_running "$pid"
    fi
 }
 ########################
 # Check if Kibana is not running
 # Globals:
 #   KIBANA_*
 # Arguments:
 #   None
 # Returns:
 #   Boolean
 #########################
 is_kibana_not_running() {
    ! is_kibana_running
 }
 ########################
 # Check if Kibana is ready
 # Globals:
 #   KIBANA_*
 # Arguments:
 #   None
 # Returns:
 #   Boolean
 #########################
 is_kibana_ready() {
    local basePath
    local rewriteBasePath
    rewriteBasePath=$(kibana_conf_get "server.rewriteBasePath")
    # The default value for is 'server.rewriteBasePath' is 'true' when ommited.'
    # Therefore, we must check the value is not 'true'
    [[ ! "$rewriteBasePath" = "false" ]] && basePath=$(kibana_conf_get "server.basePath")
    if is_kibana_running; then
        # Kibana 7 expects .status.overall.state to be 'green', while 8 expects .status.overall.level to be 'available'
        local -r status="$(yq eval '.status.overall | pick(["state", "level"]) | .[]' - <<<"$(curl -s "127.0.0.1:${KIBANA_PORT_NUMBER}${basePath:-}/api/status")")"
        [[ "$status" = "green" || "$status" = "available" ]] && return
    else
        false
    fi
 }
 ########################
 # Wait until Kibana is ready
 # Globals:
 #   KIBANA_*
 # Arguments:
 #   None
 # Returns:
 #   Boolean
 #########################
 wait_for_kibana_ready() {
    info "Waiting for Kibana to be started and ready"
    retries="$KIBANA_WAIT_READY_MAX_RETRIES"
    until is_kibana_ready || [[ "$retries" -eq 0 ]]; do
        debug "Waiting for Kibana server: $((retries--)) remaining attempts..."
        sleep 2
    done
    if [[ "$retries" -eq 0 ]]; then
        error "Kibana is not available after ${KIBANA_WAIT_READY_MAX_RETRIES} retries"
        if [[ -r "${KIBANA_LOGS_DIR}/init_scripts_start.log" ]]; then
            info "Dumping ${KIBANA_LOGS_DIR}/init_scripts_start.log for additional diagnostics..."
            cat "${KIBANA_LOGS_DIR}/init_scripts_start.log"
        fi
        exit 1
    fi
 }
 ########################
 # Start Kibana in background mode
 # Globals:
 #   KIBANA_*
 # Arguments:
 #   Extra arguments to pass to the command (optional array)
 # Returns:
 #   None
 #########################
 kibana_start_bg() {
    local extra_args=("${@}")
    info "Starting Kibana in background"
    local start_command=("${KIBANA_BIN_DIR}/kibana" "serve" "${extra_args[@]}")
    am_i_root && start_command=("run_as_user" "$KIBANA_DAEMON_USER" "${start_command[@]}")
    debug_execute "${start_command[@]}" &
 }
 ########################
 # Run custom initialization scripts
 # Globals:
 #   KIBANA_*
 # Arguments:
 #   None
 # Returns:
 #   None
 #########################
 kibana_custom_init_scripts() {
    read -r -a init_scripts <<<"$(find "$KIBANA_INITSCRIPTS_DIR" -type f -name "*.sh" -print0 | xargs -0)"
    if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "$KIBANA_VOLUME_DIR"/.user_scripts_initialized ]] || is_boolean_yes "$KIBANA_FORCE_INITSCRIPTS"; then
        if is_boolean_yes "$KIBANA_FORCE_INITSCRIPTS"; then
            info "Forcing execution of user files"
        fi
        if is_boolean_yes "${KIBANA_INITSCRIPTS_START_SERVER}"; then
            # Binding to localhost to not give false positives for external connections
            kibana_start_bg "--host" "127.0.0.1" "--log-file" "${KIBANA_LOGS_DIR}/init_scripts_start.log"
            wait_for_kibana_ready
        fi
        info "Loading user's custom files from $KIBANA_INITSCRIPTS_DIR"
        for f in "${init_scripts[@]}"; do
            debug "Executing $f"
            case "$f" in
            *.sh)
                if [[ -x "$f" ]]; then
                    if ! "$f"; then
                        error "Failed executing $f"
                        return 1
                    fi
                else
                    warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail"
                    . "$f"
                fi
                ;;
            *)
                warn "Skipping $f, supported formats are: .sh"
                ;;
            esac
        done
        touch "$KIBANA_VOLUME_DIR"/.user_scripts_initialized
        is_kibana_running && stop_service_using_pid "$KIBANA_PID_FILE"
        retry_while "is_kibana_not_running"
    fi
 }
 ########################
 # Waits for Elasticsearch to be available and creates the user 'kibana_user', if it doesn't exists
 # Globals:
@@ -461,3 +78,446 @@ kibana_create_system_user() {
        info "Skipping 'kibana_system' user creation. User already exists. Status code: ${status_code}"
    fi
 }
 #!/bin/bash
 # Copyright VMware, Inc.
 # SPDX-License-Identifier: APACHE-2.0
 #
 # Bitnami Kibana/Opensearch Dashboards common library
 # shellcheck disable=SC1090
 # shellcheck disable=SC1091
 # Load Generic Libraries
 . /opt/bitnami/scripts/libfs.sh
 . /opt/bitnami/scripts/libfile.sh
 . /opt/bitnami/scripts/liblog.sh
 . /opt/bitnami/scripts/libos.sh
 . /opt/bitnami/scripts/libservice.sh
 . /opt/bitnami/scripts/libvalidations.sh
 # Functions
 ########################
 # Validate settings in SERVER_* env vars
 # Globals:
 #   SERVER_*
 # Arguments:
 #   None
 # Returns:
 #   0 if the validation succeeded, 1 otherwise
 #########################
 kibana_validate() {
    debug "Validating settings in SERVER_* environment variables..."
    local error_code=0
    # Auxiliary functions
    print_validation_error() {
        error "$1"
        error_code=1
    }
    check_multi_value() {
        if [[ " ${2} " != *" ${!1} "* ]]; then
            print_validation_error "The allowed values for ${1} are: ${2}"
        fi
    }
    check_empty_value() {
        if is_empty_value "${!1}"; then
            print_validation_error "${1} must be set"
        fi
    }
    # Warn users in case the configuration file is not writable
    is_file_writable "$SERVER_CONF_FILE" || warn "The ${SERVER_FLAVOR^} configuration file '${SERVER_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied for this file."
    if [[ "$SERVER_FLAVOR" = "kibana" ]]; then
        if is_boolean_yes "$KIBANA_CREATE_USER"; then
            if is_empty_value "$KIBANA_PASSWORD"; then
                print_validation_error "The variable KIBANA_CREATE_USER is set but no KIBANA_PASSWORD provided for the kibana_system user."
            fi
            if is_empty_value "$KIBANA_ELASTICSEARCH_PASSWORD"; then
                print_validation_error "Password for the 'elastic' user is required in order to create the kibana_system user. Please provide it using the variable KIBANA_ELASTICSEARCH_PASSWORD."
            fi
        fi
    fi
    # User inputs
    check_empty_value "SERVER_DB_URL"
    check_empty_value "SERVER_HOST"
    for var in "SERVER_DB_PORT_NUMBER" "SERVER_PORT_NUMBER"; do
        if ! err=$(validate_port "${!var}"); then
            print_validation_error "An invalid port was specified in the environment variable $var: $err"
        fi
    done
    if is_boolean_yes "$SERVER_ENABLE_TLS"; then
        if is_boolean_yes "$SERVER_TLS_USE_PEM"; then
            if [[ ! -f "$SERVER_CERT_LOCATION" ]] || [[ ! -f "$SERVER_KEY_LOCATION" ]]; then
                print_validation_error "In order to configure the TLS encryption for ${SERVER_FLAVOR^} server using PEM certs you must provide your a valid key and certificate."
            fi
        elif [[ ! -f "$SERVER_KEYSTORE_LOCATION" ]]; then
            print_validation_error "In order to configure the TLS encryption for ${SERVER_FLAVOR^} server using PKCS12 certs you must mount a valid keystore."
        fi
    fi
    if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then
        check_multi_value "SERVER_DB_TLS_VERIFICATION_MODE" "full certificate none"
        if [[ "$SERVER_DB_TLS_VERIFICATION_MODE" != "none" ]];then
            if is_boolean_yes "$SERVER_DB_TLS_USE_PEM"; then
                if [[ ! -f "$SERVER_DB_CA_CERT_LOCATION" ]]; then
                    print_validation_error "In order to connect to Elasticsearch via HTTPS, a valid CA certificate is required."
                fi
            elif [[ ! -f "$SERVER_DB_TRUSTSTORE_LOCATION" ]]; then
                print_validation_error "In order to connect to Elasticsearch via HTTPS, a valid PKCS12 truststore is required."
            fi
        fi
    fi
    [[ "$error_code" -eq 0 ]] || exit "$error_code"
 }
 ########################
 # Configure/initialize Kibana/Dashboards
 # Globals:
 #   SERVER_*
 # Arguments:
 #   None
 # Returns:
 #   None
 #########################
 kibana_initialize() {
    info "Configuring/Initializing ${SERVER_FLAVOR^}..."
    debug "Ensuring expected directories/files exist..."
    for dir in "$SERVER_TMP_DIR" "$SERVER_LOGS_DIR" "$SERVER_CONF_DIR" "$SERVER_DATA_DIR"; do
        ensure_dir_exists "$dir"
        am_i_root && chown -R "$SERVER_DAEMON_USER:$SERVER_DAEMON_GROUP" "$dir"
    done
    if is_file_writable "$SERVER_CONF_FILE"; then
        local dbFlavor="elasticsearch"
        [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && dbFlavor="opensearch"
        if is_mounted_dir_empty "$SERVER_MOUNTED_CONF_DIR"; then
            info "Setting default configuration"
            kibana_conf_set "pid.file" "$SERVER_PID_FILE"
            kibana_conf_set "server.host" "$SERVER_HOST"
            kibana_conf_set "server.port" "$SERVER_PORT_NUMBER" "int"
            kibana_conf_set "${dbFlavor}.hosts" "$(kibana_sanitize_elasticsearch_hosts "${SERVER_DB_URL}" "${SERVER_DB_PORT_NUMBER}")"
        else
            info "Found mounted configuration directory"
            if ! cp -Lr "$SERVER_MOUNTED_CONF_DIR"/* "$SERVER_CONF_DIR"; then
                error "Issue copying mounted configuration files from $SERVER_MOUNTED_CONF_DIR to $SERVER_CONF_DIR. Make sure you are not mounting configuration files in $SERVER_CONF_DIR and $SERVER_MOUNTED_CONF_DIR at the same time"
                exit 1
            fi
        fi
        # Override configuration
        if [[ "$SERVER_FLAVOR" = "kibana" ]] && is_boolean_yes "$KIBANA_DISABLE_STRICT_CSP"; then
            kibana_conf_set "csp.strict" "false" "bool"
        fi
        # Configure Elasticsearch/Opensearch authentication
        if ! is_empty_value "$SERVER_PASSWORD"; then
            local user="kibana_system"
            [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && user="kibanaserver"
            kibana_conf_set "${dbFlavor}.username" "$user"
            kibana_conf_set "${dbFlavor}.password" "$SERVER_PASSWORD"
        elif [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then
            info "Security settings not provided, removing plugin"
            opensearch-dashboards-plugin remove securityDashboards
            replace_in_file "$SERVER_CONF_FILE" "^opensearch_security\." "#opensearch_security."
        fi
        # Configure Webserver TLS settings (Client -> Kibana/Dashboards)
        if is_boolean_yes "$SERVER_ENABLE_TLS"; then
            kibana_conf_set "server.ssl.enabled" "true" "bool"
            [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && kibana_conf_set "opensearch_security.cookie.secure" "true" "bool"
            if is_boolean_yes "$SERVER_TLS_USE_PEM"; then
                kibana_conf_set "server.ssl.certificate" "$SERVER_CERT_LOCATION"
                kibana_conf_set "server.ssl.key" "$SERVER_KEY_LOCATION"
                if ! is_empty_value "$SERVER_KEY_PASSWORD"; then
                    if [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then
                        kibana_conf_set "server.ssl.keyPassphrase" "$SERVER_KEY_PASSWORD"
                    else
                        kibana_set_key_value "server.ssl.keyPassphrase" "$SERVER_KEY_PASSWORD"
                    fi
                fi
            else
                kibana_conf_set "server.ssl.keystore.path" "$SERVER_KEYSTORE_LOCATION"
                if ! is_empty_value "$SERVER_KEYSTORE_PASSWORD"; then
                    if [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then
                        kibana_conf_set "server.ssl.keystore.password" "$SERVER_KEY_PASSWORD"
                    else
                        kibana_set_key_value "server.ssl.keystore.password" "$SERVER_KEY_PASSWORD"
                    fi
                fi
            fi
        fi
        # Configure Database TLS settings (Kibana/Dashboards -> Elasticsearch/Opensearch)
        if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then
            kibana_conf_set "${dbFlavor}.ssl.verificationMode" "$SERVER_DB_TLS_VERIFICATION_MODE"
            if [[ "$SERVER_DB_TLS_VERIFICATION_MODE" != "none" ]];then
                if is_boolean_yes "$SERVER_DB_TLS_USE_PEM"; then
                    kibana_conf_set "${dbFlavor}.ssl.certificateAuthorities" "$SERVER_DB_CA_CERT_LOCATION"
                else
                    kibana_conf_set "${dbFlavor}.ssl.truststore.path" "$SERVER_DB_TRUSTSTORE_LOCATION"
                    if ! is_empty_value "$SERVER_DB_TRUSTSTORE_PASSWORD"; then
                        if [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then
                            kibana_conf_set "${dbFlavor}.ssl.truststore.password" "$SERVER_DB_TRUSTSTORE_PASSWORD"
                        else
                            kibana_set_key_value "${dbFlavor}.ssl.truststore.password" "$SERVER_DB_TRUSTSTORE_PASSWORD"
                        fi
                    fi
                fi
            fi
        fi
    fi
 }
 ########################
 # Write a configuration setting value
 # Globals:
 #   SERVER_CONF_FILE
 # Arguments:
 #   $1 - key
 #   $2 - value
 #   $3 - YAML type (string, int or bool)
 # Returns:
 #   None
 #########################
 kibana_conf_set() {
    local -r key="${1:?Missing key}"
    local -r value="${2:-}"
    local -r type="${3:-string}"
    local -r tempfile=$(mktemp)
    case "$type" in
    string)
        yq eval "(.${key}) |= \"${value}\"" "$SERVER_CONF_FILE" >"$tempfile"
        ;;
    int)
        yq eval "(.${key}) |= ${value}" "$SERVER_CONF_FILE" >"$tempfile"
        ;;
    bool)
        yq eval "(.${key}) |= (\"${value}\" | test(\"true\"))" "$SERVER_CONF_FILE" >"$tempfile"
        ;;
    *)
        error "Type unknown: ${type}"
        return 1
        ;;
    esac
    cp "$tempfile" "$SERVER_CONF_FILE"
 }
 ########################
 # Read a configuration setting value
 # Globals:
 #   SERVER_CONF_FILE
 # Arguments:
 #   $1 - key
 # Returns:
 #   Outputs the key to stdout (Empty response if key is not set)
 #########################
 kibana_conf_get() {
    local key="${1:?missing key}"
    if [[ -r "$SERVER_CONF_FILE" ]]; then
        local -r res="$(yq eval ".${key}" "$SERVER_CONF_FILE")"
        if [[ ! "$res" = "null" ]]; then
            echo "$res"
        fi
    fi
 }
 ########################
 # Configure/initialize Kibana/Dashboards
 # For backwards compatibility, it is allowed to specify the host and port in
 # different env-vars and this function will build the correct url.
 # Globals:
 #   SERVER_*
 # Arguments:
 #   $1 - hostUrl
 #   $2 - port
 # Returns:
 #   None
 #########################
 kibana_sanitize_elasticsearch_hosts() {
    local -r hostUrl="${1:?missing hostUrl}"
    local -r port="${2:?missing port}"
    local scheme
    if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then
        scheme="https"
    else
        scheme="http"
    fi
    if grep -q -E "^https?://[^:]+:[0-9]+$" <<<"$hostUrl"; then # i.e. http://localhost:9200
        echo "${hostUrl}"
    elif grep -q -E "^https?://[^:]+$" <<<"$hostUrl"; then # i.e. http://localhost
        echo "${hostUrl}:${port}"
    elif grep -q -E "^[^:]+:[0-9]+$" <<<"$hostUrl"; then # i.e. localhost:9200
        echo "${scheme}://${hostUrl}"
    else # i.e. localhost
        echo "${scheme}://${hostUrl}:${port}"
    fi
 }
 ########################
 # Check if Kibana/Dashboards is running
 # Globals:
 #   SERVER_*
 # Arguments:
 #   None
 # Returns:
 #   Boolean
 #########################
 is_kibana_running() {
    local pid
    pid="$(get_pid_from_file "${SERVER_PID_FILE}")"
    if [[ -z "$pid" ]]; then
        false
    else
        is_service_running "$pid"
    fi
 }
 ########################
 # Check if Kibana/Dashboards is not running
 # Globals:
 #   SERVER_*
 # Arguments:
 #   None
 # Returns:
 #   Boolean
 #########################
 is_kibana_not_running() {
    ! is_kibana_running
 }
 ########################
 # Check if Kibana/Dashboards is ready
 # Globals:
 #   SERVER_*
 # Arguments:
 #   None
 # Returns:
 #   Boolean
 #########################
 is_kibana_ready() {
    local basePath
    local rewriteBasePath
    local scheme="http"
    local opts=()
    rewriteBasePath=$(kibana_conf_get "server.rewriteBasePath")
    # The default value for is 'server.rewriteBasePath' is 'true' when ommited.'
    # Therefore, we must check the value is not 'true'
    ! is_boolean_yes "$rewriteBasePath" && basePath=$(kibana_conf_get "server.basePath")
    [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && ! is_empty_value "$SERVER_PASSWORD" && opts+=("-u" "kibanaserver:${SERVER_PASSWORD}")
    if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then
        scheme="https"
        opts+=("-k")
    fi
    if is_kibana_running; then
        # Kibana 7 and Opensearch expects .status.overall.state to be 'green', while 8 expects .status.overall.level to be 'available'
        local -r status="$(yq eval '.status.overall | pick(["state", "level"]) | .[]' - <<<"$(curl -s "${opts[@]}" "${scheme}://127.0.0.1:${SERVER_PORT_NUMBER}${basePath}/api/status")")"
        [[ "$status" = "green" || "$status" = "available" ]] && return
    else
        false
    fi
 }
 ########################
 # Wait until Kibana/Dashboards is ready
 # Globals:
 #   SERVER_*
 # Arguments:
 #   None
 # Returns:
 #   Boolean
 #########################
 wait_for_kibana_ready() {
    info "Waiting for ${SERVER_FLAVOR^} to be started and ready"
    retries="$SERVER_WAIT_READY_MAX_RETRIES"
    until is_kibana_ready || [[ "$retries" -eq 0 ]]; do
        debug "Waiting for ${SERVER_FLAVOR^} server: $((retries--)) remaining attempts..."
        sleep 2
    done
    if [[ "$retries" -eq 0 ]]; then
        error "${SERVER_FLAVOR^} is not available after ${SERVER_WAIT_READY_MAX_RETRIES} retries"
        if [[ -r "${SERVER_LOGS_DIR}/init_scripts_start.log" ]]; then
            info "Dumping ${SERVER_LOGS_DIR}/init_scripts_start.log for additional diagnostics..."
            cat "${SERVER_LOGS_DIR}/init_scripts_start.log"
        fi
        exit 1
    fi
 }
 ########################
 # Start Kibana/Dashboards in background mode
 # Globals:
 #   SERVER_*
 # Arguments:
 #   Extra arguments to pass to the command (optional array)
 # Returns:
 #   None
 #########################
 kibana_start_bg() {
    local extra_args=("${@}")
    info "Starting ${SERVER_FLAVOR^} in background"
    local start_command=("${SERVER_BIN_DIR}/${SERVER_FLAVOR}" "serve" "${extra_args[@]}")
    am_i_root && start_command=("run_as_user" "$SERVER_DAEMON_USER" "${start_command[@]}")
    debug_execute "${start_command[@]}" &
 }
 ########################
 # Run custom initialization scripts
 # Globals:
 #   SERVER_*
 # Arguments:
 #   None
 # Returns:
 #   None
 #########################
 kibana_custom_init_scripts() {
    read -r -a init_scripts <<<"$(find "$SERVER_INITSCRIPTS_DIR" -type f -name "*.sh" -print0 | xargs -0)"
    if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "$SERVER_VOLUME_DIR"/.user_scripts_initialized ]] || is_boolean_yes "$SERVER_FORCE_INITSCRIPTS"; then
        if is_boolean_yes "$SERVER_FORCE_INITSCRIPTS"; then
            info "Forcing execution of user files"
        fi
        if is_boolean_yes "${SERVER_INITSCRIPTS_START_SERVER}"; then
            # Binding to localhost to not give false positives for external connections
            kibana_start_bg "--host" "127.0.0.1" "--log-file" "${SERVER_LOGS_DIR}/init_scripts_start.log"
            wait_for_kibana_ready
        fi
        info "Loading user's custom files from $SERVER_INITSCRIPTS_DIR"
        for f in "${init_scripts[@]}"; do
            debug "Executing $f"
            case "$f" in
            *.sh)
                if [[ -x "$f" ]]; then
                    if ! "$f"; then
                        error "Failed executing $f"
                        return 1
                    fi
                else
                    warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail"
                    . "$f"
                fi
                ;;
            *)
                warn "Skipping $f, supported formats are: .sh"
                ;;
            esac
        done
        touch "$SERVER_VOLUME_DIR"/.user_scripts_initialized
        is_kibana_running && stop_service_using_pid "$SERVER_PID_FILE"
        retry_while "is_kibana_not_running"
    fi
 }