Kibana not accessible via Ingress

[pomland-94]

Kibana version:
Kibana-8.10.4 (Bitnami Helm Chart)

Elasticsearch version:
Elastisearch 8.11.1 (Bitnami Helm Chart)

Server OS version:
Debian-12.2 Bookworm / Kubernetes-1.27.7

Browser version:
Safari-17.1.2 / Chrome-119.0.6045.199

Browser OS version:

MacOS Sonoma 14.1.2

Original install method (e.g. download page, yum, from source, etc.):

Helm Chart (Bitnami)
https://github.com/bitnami/charts/tree/main/bitnami/kibana
https://github.com/bitnami/charts/tree/main/bitnami/elasticsearch

Describe the bug:

When I try to login to Kibana and I enter my credentials and click on login it loads and send me Back to the login screen (Loop), when I open UP the Developer Tools inside my Browser I get the following error:

Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.

Steps to reproduce:

1. helm install --namespace elasticsearch elasticsearch bitnami/kibana -f values.yaml
2. I use the following Values.yaml file for my Deployment:

kibana:
  replicaCount: 3
  extraConfiguration:
    "server.publicBaseUrl": "https://kibana-dashboard.domain.tld"
    "xpack.security.sameSiteCookies": None
    "telemetry.allowChangingOptInStatus": false
    "telemetry.optIn": false
  persistence:
    enabled: true
    storageClass: "rook-cephfs"
    accessModes:
      - ReadWriteMany
    size: 10Gi
  ingress:
    enabled: true
    hostname: kibana-dashboard.domain.tld
    annotations:
      cert-manager.io/cluster-issuer: default-clusterissuer
      cert-manager.io/private-key-algorithm: "RSA"
      cert-manager.io/private-key-size: "4096"
      kubernetes.io/tls-acme: "true"
      nginx.ingress.kubernetes.io/proxy-ssl-verify: "false"
      nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
    tls: true
    selfSigned: false
    ingressClassName: "nginx"
  containerSecurityContext:
    enabled: true
    runAsUser: 1001
    runAsNonRoot: true
    privileged: false
    readOnlyRootFilesystem: false
    allowPrivilegeEscalation: false
    capabilities:
      drop: ["ALL"]
    seccompProfile:
      type: "RuntimeDefault"
  metrics:
    enabled: true
    containerSecurityContext:
      enabled: true
      runAsUser: 1001
      runAsNonRoot: true
      privileged: false
      readOnlyRootFilesystem: false
      allowPrivilegeEscalation: false
      capabilities:
        drop: ["ALL"]
      seccompProfile:
        type: "RuntimeDefault"
    serviceMonitor:
      enabled: false
  tls:
    enabled: true
    autoGenerated: true
  elasticsearch:
    hosts:
      - '{{ include "elasticsearch.service.name" . }}'
    port: '{{ include "elasticsearch.service.ports.restAPI" . }}'
    security:
      auth:
        enabled: true
        kibanaPassword: "PASSWORD"
        createSystemUser: true
        elasticsearchPasswordSecret: "elasticsearch"
      tls:
        enabled: true
        existingSecret: "elasticsearch-coordinating-crt"
        usePemCerts: true 

[jsanz]

Hi, thanks for reporting, but this should be forwarded to the Helm chart maintainers unless there's a more specific behavior to share.

The reported browser error has nothing to do with your issue.

Alternatively, you may want to open a topic in our discussion forum so maybe other users of that Helm chart may be able to assist you.

https://discuss.elastic.co/