From 1372b8586f2c672fa3c678a9637ba5c53a97c094 Mon Sep 17 00:00:00 2001 From: Ganesh S Date: Sun, 10 Sep 2023 22:45:42 -0700 Subject: [PATCH] Manual backport of #2905 into release/1.2.x (#2923) * Create 2905.txt * Update server-config-configmap.yaml * Update server-config-configmap.bats * Update server-config-configmap.bats --- .changelog/2905.txt | 3 +++ .../templates/server-config-configmap.yaml | 11 +------- .../test/unit/server-config-configmap.bats | 27 +++++++++++++++++-- 3 files changed, 29 insertions(+), 12 deletions(-) create mode 100644 .changelog/2905.txt diff --git a/.changelog/2905.txt b/.changelog/2905.txt new file mode 100644 index 0000000000..c40135215b --- /dev/null +++ b/.changelog/2905.txt @@ -0,0 +1,3 @@ +```release-note:bug +audit-log: fix parsing error for some audit log configuration fields fail with uncovertible string to integer errors. +``` diff --git a/charts/consul/templates/server-config-configmap.yaml b/charts/consul/templates/server-config-configmap.yaml index 9ed7c0e9ec..9ebfbd2571 100644 --- a/charts/consul/templates/server-config-configmap.yaml +++ b/charts/consul/templates/server-config-configmap.yaml @@ -201,16 +201,7 @@ data: "sink": { {{- range $index, $element := .Values.server.auditLogs.sinks }} {{- if ne $index 0 }},{{end}} - "{{ $element.name }}": { - {{- $firstKeyValuePair := false }} - {{- range $k, $v := $element }} - {{- if ne $k "name" }} - {{- if ne $firstKeyValuePair false }},{{end}} - {{- $firstKeyValuePair = true }} - "{{ $k }}": "{{ $v }}" - {{- end }} - {{- end }} - } + "{{ get $element "name" }}": {{ omit $element "name" | toJson }} {{- end }} } } diff --git a/charts/consul/test/unit/server-config-configmap.bats b/charts/consul/test/unit/server-config-configmap.bats index 3efc18c3ce..e074c3b1ae 100755 --- a/charts/consul/test/unit/server-config-configmap.bats +++ b/charts/consul/test/unit/server-config-configmap.bats @@ -1189,6 +1189,8 @@ load _helpers --set 'server.auditLogs.sinks[0].format=json' \ --set 'server.auditLogs.sinks[0].delivery_guarantee=best-effort' \ --set 'server.auditLogs.sinks[0].rotate_duration=24h' \ + --set 'server.auditLogs.sinks[0].rotate_max_files=20' \ + --set 'server.auditLogs.sinks[0].rotate_bytes=12455355' \ --set 'server.auditLogs.sinks[0].path=/tmp/audit.json' \ . | tee /dev/stderr | yq -r '.data["audit-logging.json"]' | tee /dev/stderr) @@ -1201,6 +1203,12 @@ load _helpers local actual=$(echo $object | jq -r .audit.sink.MySink.rotate_duration | tee /dev/stderr) [ "${actual}" = "24h" ] + + local actual=$(echo $object | jq -r .audit.sink.MySink.rotate_max_files | tee /dev/stderr) + [ ${actual} = 20 ] + + local actual=$(echo $object | jq -r .audit.sink.MySink.rotate_bytes | tee /dev/stderr) + [ ${actual} = 12455355 ] } @test "server/ConfigMap: server.auditLogs is enabled with 1 sink input object and it does not contain the name attribute" { @@ -1214,6 +1222,8 @@ load _helpers --set 'server.auditLogs.sinks[0].format=json' \ --set 'server.auditLogs.sinks[0].delivery_guarantee=best-effort' \ --set 'server.auditLogs.sinks[0].rotate_duration=24h' \ + --set 'server.auditLogs.sinks[0].rotate_max_files=20' \ + --set 'server.auditLogs.sinks[0].rotate_bytes=12455355' \ --set 'server.auditLogs.sinks[0].path=/tmp/audit.json' \ . | tee /dev/stderr | yq -r '.data["audit-logging.json"]' | jq -r .audit.sink.name | tee /dev/stderr) @@ -1232,19 +1242,23 @@ load _helpers --set 'server.auditLogs.sinks[0].format=json' \ --set 'server.auditLogs.sinks[0].delivery_guarantee=best-effort' \ --set 'server.auditLogs.sinks[0].rotate_duration=24h' \ + --set 'server.auditLogs.sinks[0].rotate_max_files=15' \ + --set 'server.auditLogs.sinks[0].rotate_bytes=12445' \ --set 'server.auditLogs.sinks[0].path=/tmp/audit.json' \ --set 'server.auditLogs.sinks[1].name=MySink2' \ --set 'server.auditLogs.sinks[1].type=file' \ --set 'server.auditLogs.sinks[1].format=json' \ --set 'server.auditLogs.sinks[1].delivery_guarantee=best-effort' \ - --set 'server.auditLogs.sinks[1].rotate_max_files=15' \ --set 'server.auditLogs.sinks[1].rotate_duration=24h' \ + --set 'server.auditLogs.sinks[1].rotate_max_files=25' \ + --set 'server.auditLogs.sinks[1].rotate_bytes=152445' \ --set 'server.auditLogs.sinks[1].path=/tmp/audit-2.json' \ --set 'server.auditLogs.sinks[2].name=MySink3' \ --set 'server.auditLogs.sinks[2].type=file' \ --set 'server.auditLogs.sinks[2].format=json' \ --set 'server.auditLogs.sinks[2].delivery_guarantee=best-effort' \ --set 'server.auditLogs.sinks[2].rotate_max_files=20' \ + --set 'server.auditLogs.sinks[2].rotate_bytes=12445' \ --set 'server.auditLogs.sinks[2].rotate_duration=18h' \ --set 'server.auditLogs.sinks[2].path=/tmp/audit-3.json' \ . | tee /dev/stderr | @@ -1256,6 +1270,9 @@ load _helpers local actual=$(echo $object | jq -r .audit.sink.MySink3.path | tee /dev/stderr) [ "${actual}" = "/tmp/audit-3.json" ] + local actual=$(echo $object | jq -r .audit.sink.MySink1.rotate_max_files | tee /dev/stderr) + [ ${actual} = 15 ] + local actual=$(echo $object | jq -r .audit.sink.MySink2.path | tee /dev/stderr) [ "${actual}" = "/tmp/audit-2.json" ] @@ -1268,11 +1285,17 @@ load _helpers local actual=$(echo $object | jq -r .audit.sink.MySink2.rotate_duration | tee /dev/stderr) [ "${actual}" = "24h" ] + local actual=$(echo $object | jq -r .audit.sink.MySink2.rotate_bytes | tee /dev/stderr) + [ ${actual} = 152445 ] + local actual=$(echo $object | jq -r .audit.sink.MySink1.format | tee /dev/stderr) [ "${actual}" = "json" ] local actual=$(echo $object | jq -r .audit.sink.MySink3.type | tee /dev/stderr) [ "${actual}" = "file" ] + + local actual=$(echo $object | jq -r .audit.sink.MySink3.rotate_max_files | tee /dev/stderr) + [ ${actual} = 20 ] } @test "server/ConfigMap: server.logLevel is empty" { @@ -1294,4 +1317,4 @@ load _helpers yq -r '.data["server.json"]' | jq -r .log_level | tee /dev/stderr) [ "${configmap}" = "DEBUG" ] -} \ No newline at end of file +}