Kibana not accessible via Ingress

[pomland-94]

Kibana version: Kibana-8.10.4 (Bitnami Helm Chart)

Elasticsearch version: Elastisearch 8.11.1 (Bitnami Helm Chart)

Server OS version: Debian-12.2 Bookworm / Kubernetes-1.27.7

Browser version: Safari-17.1.2 / Chrome-119.0.6045.199

Browser OS version:

MacOS Sonoma 14.1.2

Original install method (e.g. download page, yum, from source, etc.):

Helm Chart (Bitnami) https://github.com/bitnami/charts/tree/main/bitnami/kibana https://github.com/bitnami/charts/tree/main/bitnami/elasticsearch

Describe the bug:

When I try to login to Kibana and I enter my credentials and click on login it loads and send me Back to the login screen (Loop), when I open UP the Developer Tools inside my Browser I get the following error:

Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.

Steps to reproduce:

1. helm install --namespace elasticsearch elasticsearch bitnami/kibana -f values.yaml
2. I use the following Values.yaml file for my Deployment:

   
   kibana:
   replicaCount: 3
   extraConfiguration:
   "server.publicBaseUrl": "https://kibana-dashboard.domain.tld"
   "xpack.security.sameSiteCookies": None
   "telemetry.allowChangingOptInStatus": false
   "telemetry.optIn": false
   persistence:
   enabled: true
   storageClass: "rook-cephfs"
   accessModes:
     - ReadWriteMany
   size: 10Gi
   ingress:
   enabled: true
   hostname: kibana-dashboard.domain.tld
   annotations:
     cert-manager.io/cluster-issuer: default-clusterissuer
     cert-manager.io/private-key-algorithm: "RSA"
     cert-manager.io/private-key-size: "4096"
     kubernetes.io/tls-acme: "true"
     nginx.ingress.kubernetes.io/proxy-ssl-verify: "false"
     nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
   tls: true
   selfSigned: false
   ingressClassName: "nginx"
   containerSecurityContext:
   enabled: true
   runAsUser: 1001
   runAsNonRoot: true
   privileged: false
   readOnlyRootFilesystem: false
   allowPrivilegeEscalation: false
   capabilities:
     drop: ["ALL"]
   seccompProfile:
     type: "RuntimeDefault"
   metrics:
   enabled: true
   containerSecurityContext:
     enabled: true
     runAsUser: 1001
     runAsNonRoot: true
     privileged: false
     readOnlyRootFilesystem: false
     allowPrivilegeEscalation: false
     capabilities:
       drop: ["ALL"]
     seccompProfile:
       type: "RuntimeDefault"
   serviceMonitor:
     enabled: false
   tls:
   enabled: true
   autoGenerated: true
   elasticsearch:
   hosts:
     - '{{ include "elasticsearch.service.name" . }}'
   port: '{{ include "elasticsearch.service.ports.restAPI" . }}'
   security:
     auth:
       enabled: true
       kibanaPassword: "PASSWORD"
       createSystemUser: true
       elasticsearchPasswordSecret: "elasticsearch"
     tls:
       enabled: true
       existingSecret: "elasticsearch-coordinating-crt"
       usePemCerts: true 

[jsanz]

Hi, thanks for reporting, but this should be forwarded to the Helm chart maintainers unless there's a more specific behavior to share.

The reported browser error has nothing to do with your issue.

Alternatively, you may want to open a topic in our discussion forum so maybe other users of that Helm chart may be able to assist you.

https://discuss.elastic.co/