From b6b2a30e830cc362c41ec1014ed9f3ef3535f93b Mon Sep 17 00:00:00 2001
From: Cao Shufeng <caosf.fnst@cn.fujitsu.com>
Date: Thu, 1 Jun 2017 17:25:10 +0800
Subject: [PATCH] empty audit policy file is legal configuration

Empty audit policy file or policy file contains only comments means
using default audit level for all requests.
---
 staging/src/k8s.io/apiserver/pkg/audit/policy/BUILD     | 1 +
 staging/src/k8s.io/apiserver/pkg/audit/policy/reader.go | 8 +++++---
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/staging/src/k8s.io/apiserver/pkg/audit/policy/BUILD b/staging/src/k8s.io/apiserver/pkg/audit/policy/BUILD
index 3ceb86a349c..c737a6bc6bb 100644
--- a/staging/src/k8s.io/apiserver/pkg/audit/policy/BUILD
+++ b/staging/src/k8s.io/apiserver/pkg/audit/policy/BUILD
@@ -34,6 +34,7 @@ go_library(
     ],
     tags = ["automanaged"],
     deps = [
+        "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/apis/audit:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1:go_default_library",
diff --git a/staging/src/k8s.io/apiserver/pkg/audit/policy/reader.go b/staging/src/k8s.io/apiserver/pkg/audit/policy/reader.go
index afd50152e1e..2fcce4da750 100644
--- a/staging/src/k8s.io/apiserver/pkg/audit/policy/reader.go
+++ b/staging/src/k8s.io/apiserver/pkg/audit/policy/reader.go
@@ -25,6 +25,8 @@ import (
 	auditv1alpha1 "k8s.io/apiserver/pkg/apis/audit/v1alpha1"
 	"k8s.io/apiserver/pkg/apis/audit/validation"
 	"k8s.io/apiserver/pkg/audit"
+
+	"github.com/golang/glog"
 )
 
 func LoadPolicyFromFile(filePath string) (*auditinternal.Policy, error) {
@@ -35,9 +37,7 @@ func LoadPolicyFromFile(filePath string) (*auditinternal.Policy, error) {
 	if err != nil {
 		return nil, fmt.Errorf("failed to read file path %q: %+v", filePath, err)
 	}
-	if len(policyDef) == 0 {
-		return nil, fmt.Errorf("file %q was empty", filePath)
-	}
+
 	policyVersioned := &auditv1alpha1.Policy{}
 
 	decoder := audit.Codecs.UniversalDecoder(auditv1alpha1.SchemeGroupVersion)
@@ -53,5 +53,7 @@ func LoadPolicyFromFile(filePath string) (*auditinternal.Policy, error) {
 	if err := validation.ValidatePolicy(policy); err != nil {
 		return nil, err.ToAggregate()
 	}
+
+	glog.V(4).Infof("Loaded %d audit policy rules from file %s\n", len(policy.Rules), filePath)
 	return policy, nil
 }