github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-03 09:22:44 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #99452 from xiaoanyunfei/bugfix/legacy_user-agent

Browse Source 
add user-agent for audit log format legacy
This commit is contained in:
Kubernetes Prow Robot 2021-04-23 19:27:14 -07:00 committed by GitHub
commit 0da2e97ac1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
staging/src/k8s.io/apiserver/pkg/audit/format.go
View File

@ -60,8 +60,8 @@ func EventString(ev *auditinternal.Event) string {
ip = ev.SourceIPs[0] ip = ev.SourceIPs[0]
} }
return fmt.Sprintf("%s AUDIT: id=%q stage=%q ip=%q method=%q user=%q groups=%q as=%q asgroups=%q namespace=%q uri=%q response=\"%s\"", return fmt.Sprintf("%s AUDIT: id=%q stage=%q ip=%q method=%q user=%q groups=%q as=%q asgroups=%q user-agent=%q namespace=%q uri=%q response=\"%s\"",
ev.RequestReceivedTimestamp.Format(time.RFC3339Nano), ev.AuditID, ev.Stage, ip, ev.Verb, username, groups, asuser, asgroups, namespace, ev.RequestURI, response) ev.RequestReceivedTimestamp.Format(time.RFC3339Nano), ev.AuditID, ev.Stage, ip, ev.Verb, username, groups, asuser, asgroups, ev.UserAgent, namespace, ev.RequestURI, response)
} }
func auditStringSlice(inList []string) string { func auditStringSlice(inList []string) string {

7
staging/src/k8s.io/apiserver/plugin/pkg/audit/log/backend_test.go
View File

@ -50,7 +50,7 @@ func TestLogEventsLegacy(t *testing.T) {
&auditinternal.Event{ &auditinternal.Event{
AuditID: types.UID(uuid.New().String()), AuditID: types.UID(uuid.New().String()),
}, },
`[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="" ip="<unknown>" method="" user="<none>" groups="<none>" as="<self>" asgroups="<lookup>" namespace="<none>" uri="" response="<deferred>"`, `[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="" ip="<unknown>" method="" user="<none>" groups="<none>" as="<self>" asgroups="<lookup>" user-agent="" namespace="<none>" uri="" response="<deferred>"`,
}, },
{ {
&auditinternal.Event{ &auditinternal.Event{
@ -72,11 +72,12 @@ func TestLogEventsLegacy(t *testing.T) {
"system:authenticated", "system:authenticated",
}, },
}, },
UserAgent: "kube-admin",
ObjectRef: &auditinternal.ObjectReference{ ObjectRef: &auditinternal.ObjectReference{
Namespace: "default", Namespace: "default",
}, },
}, },
`[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="RequestReceived" ip="127.0.0.1" method="get" user="admin" groups="\\"system:masters\\",\\"system:authenticated\\"" as="<self>" asgroups="<lookup>" namespace="default" uri="/apis/rbac.authorization.k8s.io/v1/roles" response="200"`, `[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="RequestReceived" ip="127.0.0.1" method="get" user="admin" groups="\\"system:masters\\",\\"system:authenticated\\"" as="<self>" asgroups="<lookup>" user-agent="kube-admin" namespace="default" uri="/apis/rbac.authorization.k8s.io/v1/roles" response="200"`,
}, },
{ {
&auditinternal.Event{ &auditinternal.Event{
@ -88,7 +89,7 @@ func TestLogEventsLegacy(t *testing.T) {
Subresource: "bar", Subresource: "bar",
}, },
}, },
`[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="" ip="<unknown>" method="" user="<none>" groups="<none>" as="<self>" asgroups="<lookup>" namespace="<none>" uri="" response="<deferred>"`, `[\d\:\-\.\+TZ]+ AUDIT: id="[\w-]+" stage="" ip="<unknown>" method="" user="<none>" groups="<none>" as="<self>" asgroups="<lookup>" user-agent="" namespace="<none>" uri="" response="<deferred>"`,
}, },
} { } {
var buf bytes.Buffer var buf bytes.Buffer