constellation/hack/logcollector/internal/filebeat.go

/*
Copyright (c) Edgeless Systems GmbH

SPDX-License-Identifier: AGPL-3.0-only
*/
package internal

import (
	"embed"
	"fmt"
	"path/filepath"

	"github.com/edgelesssys/constellation/v2/debugd/filebeat"
	"github.com/edgelesssys/constellation/v2/internal/file"
	"github.com/spf13/afero"
	"gopkg.in/yaml.v3"
)

var (
	//go:embed templates/filebeat/*
	filebeatHelmAssets embed.FS

	filebeatAssets = filebeat.Assets
)

// FilebeatPreparer prepares the Filebeat Helm chart.
type FilebeatPreparer struct {
	fh   file.Handler
	port int
	templatePreparer
}

// NewFilebeatPreparer returns a new FilebeatPreparer.
func NewFilebeatPreparer(port int) *FilebeatPreparer {
	return &FilebeatPreparer{
		fh:   file.NewHandler(afero.NewOsFs()),
		port: port,
	}
}

// Prepare prepares the Filebeat Helm chart by templating the filebeat.yml and inputs.yml files and placing them in the specified directory.
func (p *FilebeatPreparer) Prepare(dir string) error {
	templatedFilebeatYaml, err := p.template(filebeatAssets, "templates/filebeat.yml", FilebeatTemplateData{
		LogstashHost: fmt.Sprintf("logstash-logstash:%d", p.port),
	})
	if err != nil {
		return fmt.Errorf("template filebeat.yml: %w", err)
	}

	inputsYaml, err := filebeatAssets.ReadFile("inputs.yml")
	if err != nil {
		return fmt.Errorf("read log4j2.properties: %w", err)
	}

	rawHelmValues, err := filebeatHelmAssets.ReadFile("templates/filebeat/values.yml")
	if err != nil {
		return fmt.Errorf("read values.yml: %w", err)
	}

	helmValuesYaml := &FilebeatHelmValues{}
	if err := yaml.Unmarshal(rawHelmValues, helmValuesYaml); err != nil {
		return fmt.Errorf("unmarshal values.yml: %w", err)
	}

	helmValuesYaml.Daemonset.FilebeatConfig.FilebeatYml = templatedFilebeatYaml.String()
	helmValuesYaml.Daemonset.FilebeatConfig.InputsYml = string(inputsYaml)

	helmValues, err := yaml.Marshal(helmValuesYaml)
	if err != nil {
		return fmt.Errorf("marshal values.yml: %w", err)
	}

	if err = p.fh.Write(filepath.Join(dir, "filebeat", "values.yml"), helmValues, file.OptMkdirAll); err != nil {
		return fmt.Errorf("write values.yml: %w", err)
	}

	return nil
}

// FilebeatTemplateData is template data.
type FilebeatTemplateData struct {
	LogstashHost string
}

// FilebeatHelmValues repesents the Helm values.yml.
type FilebeatHelmValues struct {
	Image     string `yaml:"image"`
	ImageTag  string `yaml:"imageTag"`
	Daemonset struct {
		Enabled        bool `yaml:"enabled"`
		FilebeatConfig struct {
			FilebeatYml string `yaml:"filebeat.yml"`
			InputsYml   string `yaml:"inputs.yml"`
		} `yaml:"filebeatConfig"`
		ExtraEnvs    []interface{} `yaml:"extraEnvs"`
		SecretMounts []interface{} `yaml:"secretMounts"`
		Tolerations  []struct {
			Key      string `yaml:"key"`
			Operator string `yaml:"operator"`
			Effect   string `yaml:"effect"`
		} `yaml:"tolerations"`
		SecurityContext struct {
			Privileged bool `yaml:"privileged"`
			RunAsUser  int  `yaml:"runAsUser"`
		} `yaml:"securityContext"`
		ExtraVolumeMounts []struct {
			Name      string `yaml:"name"`
			MountPath string `yaml:"mountPath"`
			ReadOnly  bool   `yaml:"readOnly"`
		} `yaml:"extraVolumeMounts"`
		ExtraVolumes []struct {
			Name     string `yaml:"name"`
			HostPath struct {
				Path string `yaml:"path"`
				Type string `yaml:"type"`
			} `yaml:"hostPath"`
		} `yaml:"extraVolumes"`
	} `yaml:"daemonset"`
}
ci: logcollection to OpenSearch in non-debug clusters (#2080) * refactor `debugd` file structure * create `hack`-tool to deploy logcollection to non-debug clusters * integrate changes into CI * update fields * update workflow input names * use `working-directory` * add opensearch creds to upgrade workflow * make template func generic * make templating func generic * linebreaks * remove magic defaults * move `os.Exit` to main package * make logging index configurable * make templating generic * remove excess brace * update fields * copy fields * fix flag name * fix linter warnings Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com> * remove unused workflow inputs * remove makefiles * fix command * bazel: fix output paths of container This fixes the output paths of builds within the container by mounting directories to paths that exist on the host. We also explicitly set the output path in a .bazelrc to the user specific path. The rc file is mounted into the container and overrides the host rc. Also adding automatic stop in case start is called and a containers is already running. Sym links like bazel-out and paths bazel outputs should generally work with this change. Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com> * tabs -> spaces --------- Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com> Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com> 2023-08-21 02:01:33 -04:00			`/*`
			`Copyright (c) Edgeless Systems GmbH`

			`SPDX-License-Identifier: AGPL-3.0-only`
			`*/`
			`package internal`

			`import (`
			`"embed"`
			`"fmt"`
			`"path/filepath"`

			`"github.com/edgelesssys/constellation/v2/debugd/filebeat"`
			`"github.com/edgelesssys/constellation/v2/internal/file"`
			`"github.com/spf13/afero"`
			`"gopkg.in/yaml.v3"`
			`)`

			`var (`
			`//go:embed templates/filebeat/*`
			`filebeatHelmAssets embed.FS`

			`filebeatAssets = filebeat.Assets`
			`)`

			`// FilebeatPreparer prepares the Filebeat Helm chart.`
			`type FilebeatPreparer struct {`
			`fh file.Handler`
			`port int`
			`templatePreparer`
			`}`

			`// NewFilebeatPreparer returns a new FilebeatPreparer.`
			`func NewFilebeatPreparer(port int) *FilebeatPreparer {`
			`return &FilebeatPreparer{`
			`fh: file.NewHandler(afero.NewOsFs()),`
			`port: port,`
			`}`
			`}`

			`// Prepare prepares the Filebeat Helm chart by templating the filebeat.yml and inputs.yml files and placing them in the specified directory.`
			`func (p *FilebeatPreparer) Prepare(dir string) error {`
			`templatedFilebeatYaml, err := p.template(filebeatAssets, "templates/filebeat.yml", FilebeatTemplateData{`
			`LogstashHost: fmt.Sprintf("logstash-logstash:%d", p.port),`
			`})`
			`if err != nil {`
			`return fmt.Errorf("template filebeat.yml: %w", err)`
			`}`

			`inputsYaml, err := filebeatAssets.ReadFile("inputs.yml")`
			`if err != nil {`
			`return fmt.Errorf("read log4j2.properties: %w", err)`
			`}`

			`rawHelmValues, err := filebeatHelmAssets.ReadFile("templates/filebeat/values.yml")`
			`if err != nil {`
			`return fmt.Errorf("read values.yml: %w", err)`
			`}`

			`helmValuesYaml := &FilebeatHelmValues{}`
			`if err := yaml.Unmarshal(rawHelmValues, helmValuesYaml); err != nil {`
			`return fmt.Errorf("unmarshal values.yml: %w", err)`
			`}`

			`helmValuesYaml.Daemonset.FilebeatConfig.FilebeatYml = templatedFilebeatYaml.String()`
			`helmValuesYaml.Daemonset.FilebeatConfig.InputsYml = string(inputsYaml)`

			`helmValues, err := yaml.Marshal(helmValuesYaml)`
			`if err != nil {`
			`return fmt.Errorf("marshal values.yml: %w", err)`
			`}`

			`if err = p.fh.Write(filepath.Join(dir, "filebeat", "values.yml"), helmValues, file.OptMkdirAll); err != nil {`
			`return fmt.Errorf("write values.yml: %w", err)`
			`}`

			`return nil`
			`}`

			`// FilebeatTemplateData is template data.`
			`type FilebeatTemplateData struct {`
			`LogstashHost string`
			`}`

			`// FilebeatHelmValues repesents the Helm values.yml.`
			`type FilebeatHelmValues struct {`
			Image string `yaml:"image"`
			ImageTag string `yaml:"imageTag"`
			`Daemonset struct {`
			Enabled bool `yaml:"enabled"`
			`FilebeatConfig struct {`
			FilebeatYml string `yaml:"filebeat.yml"`
			InputsYml string `yaml:"inputs.yml"`
			} `yaml:"filebeatConfig"`
			ExtraEnvs []interface{} `yaml:"extraEnvs"`
			SecretMounts []interface{} `yaml:"secretMounts"`
			`Tolerations []struct {`
			Key string `yaml:"key"`
			Operator string `yaml:"operator"`
			Effect string `yaml:"effect"`
			} `yaml:"tolerations"`
			`SecurityContext struct {`
			Privileged bool `yaml:"privileged"`
			RunAsUser int `yaml:"runAsUser"`
			} `yaml:"securityContext"`
			`ExtraVolumeMounts []struct {`
			Name string `yaml:"name"`
			MountPath string `yaml:"mountPath"`
			ReadOnly bool `yaml:"readOnly"`
			} `yaml:"extraVolumeMounts"`
			`ExtraVolumes []struct {`
			Name string `yaml:"name"`
			`HostPath struct {`
			Path string `yaml:"path"`
			Type string `yaml:"type"`
			} `yaml:"hostPath"`
			} `yaml:"extraVolumes"`
			} `yaml:"daemonset"`
			`}`