diff --git a/.changelog/2905.txt b/.changelog/2905.txt new file mode 100644 index 0000000000..c40135215b --- /dev/null +++ b/.changelog/2905.txt @@ -0,0 +1,3 @@ +```release-note:bug +audit-log: fix parsing error for some audit log configuration fields fail with uncovertible string to integer errors. +``` diff --git a/charts/consul/templates/server-config-configmap.yaml b/charts/consul/templates/server-config-configmap.yaml index 6c102f0ae3..1e2f7f8d00 100644 --- a/charts/consul/templates/server-config-configmap.yaml +++ b/charts/consul/templates/server-config-configmap.yaml @@ -198,16 +198,7 @@ data: "sink": { {{- range $index, $element := .Values.server.auditLogs.sinks }} {{- if ne $index 0 }},{{end}} - "{{ $element.name }}": { - {{- $firstKeyValuePair := false }} - {{- range $k, $v := $element }} - {{- if ne $k "name" }} - {{- if ne $firstKeyValuePair false }},{{end}} - {{- $firstKeyValuePair = true }} - "{{ $k }}": "{{ $v }}" - {{- end }} - {{- end }} - } + "{{ get $element "name" }}": {{ omit $element "name" | toJson }} {{- end }} } } diff --git a/charts/consul/test/unit/server-config-configmap.bats b/charts/consul/test/unit/server-config-configmap.bats index 52a5c4d4c1..fb9df05cbb 100755 --- a/charts/consul/test/unit/server-config-configmap.bats +++ b/charts/consul/test/unit/server-config-configmap.bats @@ -1112,6 +1112,8 @@ load _helpers --set 'server.auditLogs.sinks[0].format=json' \ --set 'server.auditLogs.sinks[0].delivery_guarantee=best-effort' \ --set 'server.auditLogs.sinks[0].rotate_duration=24h' \ + --set 'server.auditLogs.sinks[0].rotate_max_files=20' \ + --set 'server.auditLogs.sinks[0].rotate_bytes=12455355' \ --set 'server.auditLogs.sinks[0].path=/tmp/audit.json' \ . | tee /dev/stderr | yq -r '.data["audit-logging.json"]' | tee /dev/stderr) @@ -1124,6 +1126,12 @@ load _helpers local actual=$(echo $object | jq -r .audit.sink.MySink.rotate_duration | tee /dev/stderr) [ "${actual}" = "24h" ] + + local actual=$(echo $object | jq -r .audit.sink.MySink.rotate_max_files | tee /dev/stderr) + [ ${actual} = 20 ] + + local actual=$(echo $object | jq -r .audit.sink.MySink.rotate_bytes | tee /dev/stderr) + [ ${actual} = 12455355 ] } @test "server/ConfigMap: server.auditLogs is enabled with 1 sink input object and it does not contain the name attribute" { @@ -1137,6 +1145,8 @@ load _helpers --set 'server.auditLogs.sinks[0].format=json' \ --set 'server.auditLogs.sinks[0].delivery_guarantee=best-effort' \ --set 'server.auditLogs.sinks[0].rotate_duration=24h' \ + --set 'server.auditLogs.sinks[0].rotate_max_files=20' \ + --set 'server.auditLogs.sinks[0].rotate_bytes=12455355' \ --set 'server.auditLogs.sinks[0].path=/tmp/audit.json' \ . | tee /dev/stderr | yq -r '.data["audit-logging.json"]' | jq -r .audit.sink.name | tee /dev/stderr) @@ -1155,19 +1165,23 @@ load _helpers --set 'server.auditLogs.sinks[0].format=json' \ --set 'server.auditLogs.sinks[0].delivery_guarantee=best-effort' \ --set 'server.auditLogs.sinks[0].rotate_duration=24h' \ + --set 'server.auditLogs.sinks[0].rotate_max_files=15' \ + --set 'server.auditLogs.sinks[0].rotate_bytes=12445' \ --set 'server.auditLogs.sinks[0].path=/tmp/audit.json' \ --set 'server.auditLogs.sinks[1].name=MySink2' \ --set 'server.auditLogs.sinks[1].type=file' \ --set 'server.auditLogs.sinks[1].format=json' \ --set 'server.auditLogs.sinks[1].delivery_guarantee=best-effort' \ - --set 'server.auditLogs.sinks[1].rotate_max_files=15' \ --set 'server.auditLogs.sinks[1].rotate_duration=24h' \ + --set 'server.auditLogs.sinks[1].rotate_max_files=25' \ + --set 'server.auditLogs.sinks[1].rotate_bytes=152445' \ --set 'server.auditLogs.sinks[1].path=/tmp/audit-2.json' \ --set 'server.auditLogs.sinks[2].name=MySink3' \ --set 'server.auditLogs.sinks[2].type=file' \ --set 'server.auditLogs.sinks[2].format=json' \ --set 'server.auditLogs.sinks[2].delivery_guarantee=best-effort' \ --set 'server.auditLogs.sinks[2].rotate_max_files=20' \ + --set 'server.auditLogs.sinks[2].rotate_bytes=12445' \ --set 'server.auditLogs.sinks[2].rotate_duration=18h' \ --set 'server.auditLogs.sinks[2].path=/tmp/audit-3.json' \ . | tee /dev/stderr | @@ -1179,6 +1193,9 @@ load _helpers local actual=$(echo $object | jq -r .audit.sink.MySink3.path | tee /dev/stderr) [ "${actual}" = "/tmp/audit-3.json" ] + local actual=$(echo $object | jq -r .audit.sink.MySink1.rotate_max_files | tee /dev/stderr) + [ ${actual} = 15 ] + local actual=$(echo $object | jq -r .audit.sink.MySink2.path | tee /dev/stderr) [ "${actual}" = "/tmp/audit-2.json" ] @@ -1191,11 +1208,17 @@ load _helpers local actual=$(echo $object | jq -r .audit.sink.MySink2.rotate_duration | tee /dev/stderr) [ "${actual}" = "24h" ] + local actual=$(echo $object | jq -r .audit.sink.MySink2.rotate_bytes | tee /dev/stderr) + [ ${actual} = 152445 ] + local actual=$(echo $object | jq -r .audit.sink.MySink1.format | tee /dev/stderr) [ "${actual}" = "json" ] local actual=$(echo $object | jq -r .audit.sink.MySink3.type | tee /dev/stderr) [ "${actual}" = "file" ] + + local actual=$(echo $object | jq -r .audit.sink.MySink3.rotate_max_files | tee /dev/stderr) + [ ${actual} = 20 ] } @test "server/ConfigMap: server.logLevel is empty" { @@ -1217,4 +1240,4 @@ load _helpers yq -r '.data["server.json"]' | jq -r .log_level | tee /dev/stderr) [ "${configmap}" = "DEBUG" ] -} \ No newline at end of file +}