Skip to content

Commit

Permalink
merge with main
Browse files Browse the repository at this point in the history
  • Loading branch information
QuantumEnigmaa committed Oct 2, 2023
2 parents bd8c99c + 7bf454e commit fa90915
Show file tree
Hide file tree
Showing 6 changed files with 43 additions and 1 deletion.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Added

- Audit logs in promtail config.
- Add condition for PSP installation in helm chart.

## [0.0.6] - 2023-09-28

Expand Down
4 changes: 4 additions & 0 deletions helm/logging-operator/templates/psp.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
{{- if not .Values.global.podSecurityStandards.enforced }}
{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
Expand Down Expand Up @@ -26,3 +28,5 @@ spec:
hostNetwork: false
hostIPC: false
hostPID: false
{{- end }}
{{- end }}
4 changes: 4 additions & 0 deletions helm/logging-operator/templates/rbac.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -150,6 +150,8 @@ roleRef:
name: {{ include "resource.default.name" . }}
apiGroup: rbac.authorization.k8s.io
---
{{- if not .Values.global.podSecurityStandards.enforced }}
{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
Expand Down Expand Up @@ -181,3 +183,5 @@ roleRef:
kind: ClusterRole
name: {{ include "resource.psp.name" . }}
apiGroup: rbac.authorization.k8s.io
{{- end }}
{{- end }}
30 changes: 30 additions & 0 deletions helm/logging-operator/values.schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,19 @@
}
}
},
"global": {
"type": "object",
"properties": {
"podSecurityStandards": {
"type": "object",
"properties": {
"enforced": {
"type": "boolean"
}
}
}
}
},
"image": {
"type": "object",
"properties": {
Expand All @@ -21,6 +34,20 @@
}
}
},
"loggingOperator": {
"type": "object",
"properties": {
"installationName": {
"type": "string"
},
"loggingEnabled": {
"type": "boolean"
},
"vintageMode": {
"type": "boolean"
}
}
},
"registry": {
"type": "object",
"properties": {
Expand Down Expand Up @@ -84,6 +111,9 @@
}
}
},
"readOnlyRootFilesystem": {
"type": "boolean"
},
"seccompProfile": {
"type": "object",
"properties": {
Expand Down
4 changes: 4 additions & 0 deletions helm/logging-operator/values.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
global:
podSecurityStandards:
enforced: false

image:
name: "giantswarm/logging-operator"
tag: ""
Expand Down
1 change: 0 additions & 1 deletion pkg/resource/promtail-config/promtail-config.go
Original file line number Diff line number Diff line change
Expand Up @@ -149,7 +149,6 @@ func GeneratePromtailConfig(lc loggedcluster.Interface) (v1.ConfigMap, error) {
labels:
kind: audit-logs
__path__: /var/log/apiserver/*.log
nodename: ${NODENAME}
`,
ExtraRelabelConfigs: extraRelabelConfigs,
},
Expand Down

0 comments on commit fa90915

Please sign in to comment.