status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #10200 from hashicorp/dnephin/backport-audit-log-config-changes 

config: backport audit log config changes from enterprise
This commit is contained in:
Daniel Nephin 2021-05-19 10:58:28 -04:00 committed by GitHub
parent 76f857e781 49e7e37cc7
commit 6bda3a48ba
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
agent/config/builder.go
View File

@ -332,9 +332,11 @@ func (b *builder) Build() (rt RuntimeConfig, err error) {
var unusedErr error var unusedErr error
for _, k := range md.Unused { for _, k := range md.Unused {
switch k { switch {
case "acl_enforce_version_8": case k == "acl_enforce_version_8":
b.warn("config key %q is deprecated and should be removed", k) b.warn("config key %q is deprecated and should be removed", k)
case strings.HasPrefix(k, "audit.sink[") && strings.HasSuffix(k, "].name"):
b.warn("config key audit.sink[].name is deprecated and should be removed")
default: default:
unusedErr = multierror.Append(unusedErr, fmt.Errorf("invalid config key %s", k)) unusedErr = multierror.Append(unusedErr, fmt.Errorf("invalid config key %s", k))
} }

3
agent/config/builder_oss.go
View File

@ -46,9 +46,8 @@ func validateEnterpriseConfigKeys(config *Config) []error {
add("acl.tokens.managed_service_provider") add("acl.tokens.managed_service_provider")
config.ACL.Tokens.ManagedServiceProvider = nil config.ACL.Tokens.ManagedServiceProvider = nil
} }
if config.Audit != nil { if boolVal(config.Audit.Enabled) || len(config.Audit.Sinks) > 0 {
add("audit") add("audit")
config.Audit = nil
} }
return result return result

3
agent/config/config.go
View File

@ -282,7 +282,7 @@ type Config struct {
VersionPrerelease *string `mapstructure:"version_prerelease"` VersionPrerelease *string `mapstructure:"version_prerelease"`
// Enterprise Only // Enterprise Only
Audit *Audit `mapstructure:"audit"` Audit Audit `mapstructure:"audit"`
// Enterprise Only // Enterprise Only
ReadReplica *bool `mapstructure:"read_replica" alias:"non_voting_server"` ReadReplica *bool `mapstructure:"read_replica" alias:"non_voting_server"`
// Enterprise Only // Enterprise Only
@ -761,7 +761,6 @@ type Audit struct {
// AuditSink can be provided multiple times to define pipelines for auditing // AuditSink can be provided multiple times to define pipelines for auditing
type AuditSink struct { type AuditSink struct {
Name *string `mapstructure:"name"`
Type *string `mapstructure:"type"` Type *string `mapstructure:"type"`
Format *string `mapstructure:"format"` Format *string `mapstructure:"format"`
Path *string `mapstructure:"path"` Path *string `mapstructure:"path"`

2
agent/config/testdata/full-config.hcl vendored
View File

@ -47,7 +47,7 @@ advertise_addr = "17.99.29.16"
advertise_addr_wan = "78.63.37.19" advertise_addr_wan = "78.63.37.19"
advertise_reconnect_timeout = "0s" advertise_reconnect_timeout = "0s"
audit = { audit = {
enabled = false enabled = true
} }
auto_config = { auto_config = {
enabled = false enabled = false

2
agent/config/testdata/full-config.json vendored
View File

@ -48,7 +48,7 @@
"advertise_addr_wan": "78.63.37.19", "advertise_addr_wan": "78.63.37.19",
"advertise_reconnect_timeout": "0s", "advertise_reconnect_timeout": "0s",
"audit": { "audit": {
"enabled": false "enabled": true
}, },
"auto_config": { "auto_config": {
"enabled": false, "enabled": false,