Merge pull request #99452 from xiaoanyunfei/bugfix/legacy_user-agent

add user-agent for audit log format legacy
2025-07-30 06:54:01 +00:00 · 2021-04-23 19:27:14 -07:00 · 2021-04-23 19:27:14 -07:00 · 0da2e97ac1
commit 0da2e97ac1
parent 8b057cdfa4 358b33519c
2 changed files with 6 additions and 5 deletions
--- a/staging/src/k8s.io/apiserver/pkg/audit/format.go
+++ b/staging/src/k8s.io/apiserver/pkg/audit/format.go
@ -60,8 +60,8 @@ func EventString(ev *auditinternal.Event) string {
 		ip = ev.SourceIPs[0]
 	}

-	return fmt.Sprintf("%s AUDIT: id=%q stage=%q ip=%q method=%q user=%q groups=%q as=%q asgroups=%q namespace=%q uri=%q response=\"%s\"",
-		ev.RequestReceivedTimestamp.Format(time.RFC3339Nano), ev.AuditID, ev.Stage, ip, ev.Verb, username, groups, asuser, asgroups, namespace, ev.RequestURI, response)
+	return fmt.Sprintf("%s AUDIT: id=%q stage=%q ip=%q method=%q user=%q groups=%q as=%q asgroups=%q user-agent=%q namespace=%q uri=%q response=\"%s\"",
+		ev.RequestReceivedTimestamp.Format(time.RFC3339Nano), ev.AuditID, ev.Stage, ip, ev.Verb, username, groups, asuser, asgroups, ev.UserAgent, namespace, ev.RequestURI, response)
 }

 func auditStringSlice(inList []string) string {
--- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/log/backend_test.go
+++ b/staging/src/k8s.io/apiserver/plugin/pkg/audit/log/backend_test.go
@ -50,7 +50,7 @@ func TestLogEventsLegacy(t *testing.T) {
 			&auditinternal.Event{
 				AuditID: types.UID(uuid.New().String()),
 			},
-			`[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="" ip="<unknown>" method="" user="<none>" groups="<none>" as="<self>" asgroups="<lookup>" namespace="<none>" uri="" response="<deferred>"`,
+			`[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="" ip="<unknown>" method="" user="<none>" groups="<none>" as="<self>" asgroups="<lookup>" user-agent="" namespace="<none>" uri="" response="<deferred>"`,
 		},
 		{
 			&auditinternal.Event{
@ -72,11 +72,12 @@ func TestLogEventsLegacy(t *testing.T) {
 						"system:authenticated",
 					},
 				},
+				UserAgent: "kube-admin",
 				ObjectRef: &auditinternal.ObjectReference{
 					Namespace: "default",
 				},
 			},
-			`[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="RequestReceived" ip="127.0.0.1" method="get" user="admin" groups="\\"system:masters\\",\\"system:authenticated\\"" as="<self>" asgroups="<lookup>" namespace="default" uri="/apis/rbac.authorization.k8s.io/v1/roles" response="200"`,
+			`[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="RequestReceived" ip="127.0.0.1" method="get" user="admin" groups="\\"system:masters\\",\\"system:authenticated\\"" as="<self>" asgroups="<lookup>" user-agent="kube-admin" namespace="default" uri="/apis/rbac.authorization.k8s.io/v1/roles" response="200"`,
 		},
 		{
 			&auditinternal.Event{
@ -88,7 +89,7 @@ func TestLogEventsLegacy(t *testing.T) {
 					Subresource: "bar",
 				},
 			},
-			`[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="" ip="<unknown>" method="" user="<none>" groups="<none>" as="<self>" asgroups="<lookup>" namespace="<none>" uri="" response="<deferred>"`,
+			`[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="" ip="<unknown>" method="" user="<none>" groups="<none>" as="<self>" asgroups="<lookup>" user-agent="" namespace="<none>" uri="" response="<deferred>"`,
 		},
 	} {
 		var buf bytes.Buffer