From 358b33519cdcb3561b41a665558306967cc1d1b9 Mon Sep 17 00:00:00 2001
From: "xiaofei.sun" <sunxiaofei@kuaishou.com>
Date: Thu, 25 Feb 2021 20:23:51 +0800
Subject: [PATCH] add user-agent for audit log format legacy

---
 staging/src/k8s.io/apiserver/pkg/audit/format.go           | 4 ++--
 .../k8s.io/apiserver/plugin/pkg/audit/log/backend_test.go  | 7 ++++---
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/staging/src/k8s.io/apiserver/pkg/audit/format.go b/staging/src/k8s.io/apiserver/pkg/audit/format.go
index bf805f52573..9c0784a3168 100644
--- a/staging/src/k8s.io/apiserver/pkg/audit/format.go
+++ b/staging/src/k8s.io/apiserver/pkg/audit/format.go
@@ -60,8 +60,8 @@ func EventString(ev *auditinternal.Event) string {
 		ip = ev.SourceIPs[0]
 	}
 
-	return fmt.Sprintf("%s AUDIT: id=%q stage=%q ip=%q method=%q user=%q groups=%q as=%q asgroups=%q namespace=%q uri=%q response=\"%s\"",
-		ev.RequestReceivedTimestamp.Format(time.RFC3339Nano), ev.AuditID, ev.Stage, ip, ev.Verb, username, groups, asuser, asgroups, namespace, ev.RequestURI, response)
+	return fmt.Sprintf("%s AUDIT: id=%q stage=%q ip=%q method=%q user=%q groups=%q as=%q asgroups=%q user-agent=%q namespace=%q uri=%q response=\"%s\"",
+		ev.RequestReceivedTimestamp.Format(time.RFC3339Nano), ev.AuditID, ev.Stage, ip, ev.Verb, username, groups, asuser, asgroups, ev.UserAgent, namespace, ev.RequestURI, response)
 }
 
 func auditStringSlice(inList []string) string {
diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/audit/log/backend_test.go b/staging/src/k8s.io/apiserver/plugin/pkg/audit/log/backend_test.go
index b839d96c9e9..9151deb4698 100644
--- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/log/backend_test.go
+++ b/staging/src/k8s.io/apiserver/plugin/pkg/audit/log/backend_test.go
@@ -50,7 +50,7 @@ func TestLogEventsLegacy(t *testing.T) {
 			&auditinternal.Event{
 				AuditID: types.UID(uuid.New().String()),
 			},
-			`[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="" ip="<unknown>" method="" user="<none>" groups="<none>" as="<self>" asgroups="<lookup>" namespace="<none>" uri="" response="<deferred>"`,
+			`[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="" ip="<unknown>" method="" user="<none>" groups="<none>" as="<self>" asgroups="<lookup>" user-agent="" namespace="<none>" uri="" response="<deferred>"`,
 		},
 		{
 			&auditinternal.Event{
@@ -72,11 +72,12 @@ func TestLogEventsLegacy(t *testing.T) {
 						"system:authenticated",
 					},
 				},
+				UserAgent: "kube-admin",
 				ObjectRef: &auditinternal.ObjectReference{
 					Namespace: "default",
 				},
 			},
-			`[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="RequestReceived" ip="127.0.0.1" method="get" user="admin" groups="\\"system:masters\\",\\"system:authenticated\\"" as="<self>" asgroups="<lookup>" namespace="default" uri="/apis/rbac.authorization.k8s.io/v1/roles" response="200"`,
+			`[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="RequestReceived" ip="127.0.0.1" method="get" user="admin" groups="\\"system:masters\\",\\"system:authenticated\\"" as="<self>" asgroups="<lookup>" user-agent="kube-admin" namespace="default" uri="/apis/rbac.authorization.k8s.io/v1/roles" response="200"`,
 		},
 		{
 			&auditinternal.Event{
@@ -88,7 +89,7 @@ func TestLogEventsLegacy(t *testing.T) {
 					Subresource: "bar",
 				},
 			},
-			`[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="" ip="<unknown>" method="" user="<none>" groups="<none>" as="<self>" asgroups="<lookup>" namespace="<none>" uri="" response="<deferred>"`,
+			`[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="" ip="<unknown>" method="" user="<none>" groups="<none>" as="<self>" asgroups="<lookup>" user-agent="" namespace="<none>" uri="" response="<deferred>"`,
 		},
 	} {
 		var buf bytes.Buffer