Configurable cluster name

e-flux-platform · Jul 13, 2024 · 3eb0505 · 3eb0505
1 parent 6448f00
commit 3eb0505
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 4 deletions.
diff --git a/internal/auditlog/tail.go b/internal/auditlog/tail.go
@@ -13,7 +13,7 @@ import (
 	"google.golang.org/genproto/googleapis/cloud/audit"
 )
 
-func Tail(ctx context.Context, projectID string, cb func(*audit.AuditLog) error) error {
+func Tail(ctx context.Context, projectID, clusterName string, cb func(*audit.AuditLog) error) error {
 	client, err := logging.NewClient(ctx)
 	if err != nil {
 		return fmt.Errorf("failed to create client: %w", err)
@@ -34,7 +34,7 @@ func Tail(ctx context.Context, projectID string, cb func(*audit.AuditLog) error)
 			[]string{
 				`resource.type="k8s_cluster"`,
 				fmt.Sprintf(`log_name="projects/%s/logs/cloudaudit.googleapis.com%%2Factivity"`, projectID),
-				`resource.labels.cluster_name="platform"`,
+				fmt.Sprintf(`resource.labels.cluster_name="%s"`, clusterName),
 				`protoPayload."@type"="type.googleapis.com/google.cloud.audit.AuditLog"`,
 				`protoPayload.methodName=~"io\.fluxcd\.toolkit\..*\.patch"`,
 				`-protoPayload.authenticationInfo.principalEmail=~"system:.*"`,
@@ -43,7 +43,7 @@ func Tail(ctx context.Context, projectID string, cb func(*audit.AuditLog) error)
 		),
 	}
 	if err = stream.Send(req); err != nil {
-		return fmt.Errorf("stream.Send error: %w", err)
+		return fmt.Errorf("stream send failed: %w", err)
 	}
 
 	return read(ctx, stream, cb)

diff --git a/internal/config/config.go b/internal/config/config.go
@@ -9,6 +9,7 @@ import (
 
 type Config struct {
 	GoogleCloudProjectID string `yaml:"googleCloudProjectId"`
+	GKEClusterName       string `yaml:"gkeClusterName"`
 	BadgerPath           string `yaml:"badgerPath"`
 	KubernetesConfigPath string `yaml:"kubernetesConfigPath,omitempty"`
 	Notification         struct {

diff --git a/internal/watch/watcher.go b/internal/watch/watcher.go
@@ -16,6 +16,7 @@ import (
 
 type Watcher struct {
 	googleCloudProjectID string
+	gkeClusterName       string
 	k8sClient            k8sClient
 	store                store
 	notifier             notifier
@@ -49,7 +50,7 @@ type notifier interface {
 }
 
 func (w *Watcher) Watch(ctx context.Context) error {
-	return auditlog.Tail(ctx, w.googleCloudProjectID, func(logEntry *audit.AuditLog) error {
+	return auditlog.Tail(ctx, w.googleCloudProjectID, w.gkeClusterName, func(logEntry *audit.AuditLog) error {
 		if code := logEntry.GetStatus().GetCode(); code != 0 {
 			slog.Warn("operation appeared to fail", slog.Int("code", int(code)))
 			return nil