From 12e4916fcd9797a09669c35fc86529984f42313b Mon Sep 17 00:00:00 2001 From: Ivo Gosemann Date: Wed, 4 Sep 2024 09:27:33 +0200 Subject: [PATCH] feat(logshipper): add config to send audit logs --- charts/greenhouse/Chart.yaml | 2 +- .../templates/pluginconfig-logshipping.yaml | 44 ++++++++++++++++++- 2 files changed, 43 insertions(+), 3 deletions(-) diff --git a/charts/greenhouse/Chart.yaml b/charts/greenhouse/Chart.yaml index 963459921..6772fbb88 100644 --- a/charts/greenhouse/Chart.yaml +++ b/charts/greenhouse/Chart.yaml @@ -5,7 +5,7 @@ apiVersion: v2 name: greenhouse description: A Helm chart for deploying greenhouse type: application -version: 0.2.1 +version: 0.2.2 appVersion: "0.1.0" dependencies: diff --git a/charts/greenhouse/templates/pluginconfig-logshipping.yaml b/charts/greenhouse/templates/pluginconfig-logshipping.yaml index da2d97949..2915cce96 100644 --- a/charts/greenhouse/templates/pluginconfig-logshipping.yaml +++ b/charts/greenhouse/templates/pluginconfig-logshipping.yaml @@ -8,7 +8,7 @@ apiVersion: greenhouse.sap/v1alpha1 kind: Plugin metadata: name: logshipper-greenhouse - namespace: {{ .Chart.Name }} + namespace: {{ .Release.Namespace }} spec: pluginDefinition: logshipper disabled: false @@ -41,5 +41,45 @@ spec: value: {{ index .Values "logshipping" "fluent-bit" "hotReload" "image" "repository" }} - name: fluent-bit.filter.additionalValues value: - {{- index .Values "logshipping" "fluent-bit" "additionalValues" | toYaml | nindent 8 }} + {{- index .Values "logshipping" "fluent-bit" "additionalValues" | toYaml | nindent 8 -}} +{{ if .Values.logshipping.octobus }} + - name: fluent-bit.config.inputs: |- + [INPUT] + Name tail + Path /var/log/containers/greenhouse-controller-manager*.log + Parser cri + Tag audit.* + Refresh_Interval 5 + Mem_Buf_Limit 50MB + Skip_Long_Lines Off + Ignore_Older 1m + DB /var/log/fluent-bit-audit-tail.pos.db + - name: fluent-bit.config.filters: |- + [FILTER] + Name grep + Match audit.* + Regex AdmissionRequest + + [FILTER] + Name record_modifier + Match * + Record sap.cc.audit_source greenhouse + Record sap.cc.cluster {{ index .Values "global" "cluster" }} + Record sap.cc.region {{ index .Values "global" "region" }} + - name: fluent-bit.config.outputs: |- + [OUTPUT] + Name http + Match audit.* + Host {{ index .Values "fluent-bit" "backend" "octobus" "host"}} + Port 443 + URI {{ index .Values "fluent-bit" "backend" "octobus" "uri"}} + Format json_lines + tls true + tls.verify true + tls.ca_file /etc/ssl/certs/ca-certificates.crt + - name: fluent-bit.backend.octobus.host + value: {{ index .Values "logshipping" "octobus" "host" }} + - name: fluent-bit.backend.octobus.uri + value: {{ index .Values "logshipping" "octobus" "uri" }} +{{- end -}} {{- end -}}