[bitnami/mongodb] replicaSetConfigurationSettings.sh script always has usernameAndPassword empty because we inject rootPassword from Vault

[soufianebenali]

Name and Version

bitnami/mongodb 15.1.7

What architecture are you using?

None

What steps will reproduce the bug?

Description:

We are experiencing an issue with our setup where we use HashiCorp Vault to manage and store our secrets. These secrets are mounted directly onto the pods. As a result, we do not define the .Values.auth.rootPassword in our configuration. This approach is leading to problems with the replicaSetConfigurationSettings.sh script.

https://github.com/bitnami/charts/blob/main/bitnami/mongodb/templates/replicaset/scripts-configmap.yaml#L225

Problem:

Due to the absence of the .Values.auth.rootPassword, the usernameAndPassword variable in the script replicaSetConfigurationSettings.sh is always set to an empty string (usernameAndPassword=""). This is causing the application to encounter the following error:

not yet able to read rs.conf settings from the currently running rs (after 7 attempts) 
MongoServerError: Command replSetGetConfig requires authentication

Are you using any custom parameters or values?

architecture: replicaset
replicaCount: 3
auth:
  enable: true
  existingSecret: "mongodb-vault"
image:
  registry: docker.io
  repository: bitnami/mongodb
  tag: 7.0.9-debian-12-r0
  digest: ""
tls:
  enabled: true
  existingSecret: "mongodb-ca-vault"
  mode: preferTLS
extraFlags:
 - "--tlsAllowConnectionsWithoutCertificates"
priorityClassName: "our-secops-050"
persistence:
  storageClass: "our-nfs-retained-storage"
  size: 3Gi
systemLogVerbosity: 0
externalAccess:
  enabled: true
  service:
    type: ClusterIP
extraVolumeMounts:
  - name: mongodb-vault
    mountPath: '/etc/mongodb/userconfig/vault-secrets'
    readOnly: true
metrics:
  enabled: false
  prometheusRule:
    enabled: false

What is the expected behavior?

On the Configmap mongodb-scripts to have the following variable set like this:

usernameAndPassword="-u ${MONGODB_ROOT_USER} -p ${MONGODB_ROOT_PASSWORD}"

Maybe adding an OR to the condition in this line like the following:

{{- if and .Values.auth.enabled (or .Values.auth.rootPassword .Values.auth.existingSecret) }}

What do you see instead?

we have the following variable set to:

usernameAndPassword=""

[carrodher]

Thank you for bringing this issue to our attention. We appreciate your involvement! If you're interested in contributing a solution, we welcome you to create a pull request. The Bitnami team is excited to review your submission and offer feedback. You can find the contributing guidelines here.

Your contribution will greatly benefit the community. Feel free to reach out if you have any questions or need assistance.