in controllers/util/solr_security_util.go [179:206]
func enableSecureProbesOnSolrCloudStatefulSet(solrCloud *solr.SolrCloud, stateful *appsv1.StatefulSet) {
mainContainer := &stateful.Spec.Template.Spec.Containers[0]
// if probes require auth or Solr wants client auth (mTLS), need to invoke a command on the Solr pod for the probes
// but only Basic auth is supported for now
mountPath := ""
if solrCloud.Spec.SolrSecurity != nil && solrCloud.Spec.SolrSecurity.ProbesRequireAuth && solrCloud.Spec.SolrSecurity.AuthenticationType == solr.Basic {
vol, volMount := secureProbeVolumeAndMount(solrCloud.BasicAuthSecretName())
if vol != nil {
stateful.Spec.Template.Spec.Volumes = append(stateful.Spec.Template.Spec.Volumes, *vol)
}
if volMount != nil {
mainContainer.VolumeMounts = append(mainContainer.VolumeMounts, *volMount)
mountPath = volMount.MountPath
}
}
// update the probes if they are using HTTPGet to use an Exec to call Solr with TLS and/or Basic Auth creds
if mainContainer.LivenessProbe.HTTPGet != nil {
useSecureProbe(solrCloud, mainContainer.LivenessProbe, mountPath)
}
if mainContainer.ReadinessProbe.HTTPGet != nil {
useSecureProbe(solrCloud, mainContainer.ReadinessProbe, mountPath)
}
if mainContainer.StartupProbe != nil && mainContainer.StartupProbe.HTTPGet != nil {
useSecureProbe(solrCloud, mainContainer.StartupProbe, mountPath)
}
}