constellation/hack/logcollector/internal/filebeat.go
Moritz Sanft 60bf770e62
ci: logcollection to OpenSearch in non-debug clusters (#2080)
* refactor `debugd` file structure

* create `hack`-tool to deploy logcollection to non-debug clusters

* integrate changes into CI

* update fields

* update workflow input names

* use `working-directory`

* add opensearch creds to upgrade workflow

* make template func generic

* make templating func generic

* linebreaks

* remove magic defaults

* move `os.Exit` to main package

* make logging index configurable

* make templating generic

* remove excess brace

* update fields

* copy fields

* fix flag name

* fix linter warnings

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>

* remove unused workflow inputs

* remove makefiles

* fix command

* bazel: fix output paths of container

This fixes the output paths of builds within the container by mounting
directories to paths that exist on the host. We also explicitly set the
output path in a .bazelrc to the user specific path. The rc file is
mounted into the container and overrides the host rc.
Also adding automatic stop in case start is called and a containers
is already running.
Sym links like bazel-out and paths bazel outputs should generally work
with this change.

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>

* tabs -> spaces

---------

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-08-21 08:01:33 +02:00

120 lines
3.3 KiB
Go

/*
Copyright (c) Edgeless Systems GmbH
SPDX-License-Identifier: AGPL-3.0-only
*/
package internal
import (
"embed"
"fmt"
"path/filepath"
"github.com/edgelesssys/constellation/v2/debugd/filebeat"
"github.com/edgelesssys/constellation/v2/internal/file"
"github.com/spf13/afero"
"gopkg.in/yaml.v3"
)
var (
//go:embed templates/filebeat/*
filebeatHelmAssets embed.FS
filebeatAssets = filebeat.Assets
)
// FilebeatPreparer prepares the Filebeat Helm chart.
type FilebeatPreparer struct {
fh file.Handler
port int
templatePreparer
}
// NewFilebeatPreparer returns a new FilebeatPreparer.
func NewFilebeatPreparer(port int) *FilebeatPreparer {
return &FilebeatPreparer{
fh: file.NewHandler(afero.NewOsFs()),
port: port,
}
}
// Prepare prepares the Filebeat Helm chart by templating the filebeat.yml and inputs.yml files and placing them in the specified directory.
func (p *FilebeatPreparer) Prepare(dir string) error {
templatedFilebeatYaml, err := p.template(filebeatAssets, "templates/filebeat.yml", FilebeatTemplateData{
LogstashHost: fmt.Sprintf("logstash-logstash:%d", p.port),
})
if err != nil {
return fmt.Errorf("template filebeat.yml: %w", err)
}
inputsYaml, err := filebeatAssets.ReadFile("inputs.yml")
if err != nil {
return fmt.Errorf("read log4j2.properties: %w", err)
}
rawHelmValues, err := filebeatHelmAssets.ReadFile("templates/filebeat/values.yml")
if err != nil {
return fmt.Errorf("read values.yml: %w", err)
}
helmValuesYaml := &FilebeatHelmValues{}
if err := yaml.Unmarshal(rawHelmValues, helmValuesYaml); err != nil {
return fmt.Errorf("unmarshal values.yml: %w", err)
}
helmValuesYaml.Daemonset.FilebeatConfig.FilebeatYml = templatedFilebeatYaml.String()
helmValuesYaml.Daemonset.FilebeatConfig.InputsYml = string(inputsYaml)
helmValues, err := yaml.Marshal(helmValuesYaml)
if err != nil {
return fmt.Errorf("marshal values.yml: %w", err)
}
if err = p.fh.Write(filepath.Join(dir, "filebeat", "values.yml"), helmValues, file.OptMkdirAll); err != nil {
return fmt.Errorf("write values.yml: %w", err)
}
return nil
}
// FilebeatTemplateData is template data.
type FilebeatTemplateData struct {
LogstashHost string
}
// FilebeatHelmValues repesents the Helm values.yml.
type FilebeatHelmValues struct {
Image string `yaml:"image"`
ImageTag string `yaml:"imageTag"`
Daemonset struct {
Enabled bool `yaml:"enabled"`
FilebeatConfig struct {
FilebeatYml string `yaml:"filebeat.yml"`
InputsYml string `yaml:"inputs.yml"`
} `yaml:"filebeatConfig"`
ExtraEnvs []interface{} `yaml:"extraEnvs"`
SecretMounts []interface{} `yaml:"secretMounts"`
Tolerations []struct {
Key string `yaml:"key"`
Operator string `yaml:"operator"`
Effect string `yaml:"effect"`
} `yaml:"tolerations"`
SecurityContext struct {
Privileged bool `yaml:"privileged"`
RunAsUser int `yaml:"runAsUser"`
} `yaml:"securityContext"`
ExtraVolumeMounts []struct {
Name string `yaml:"name"`
MountPath string `yaml:"mountPath"`
ReadOnly bool `yaml:"readOnly"`
} `yaml:"extraVolumeMounts"`
ExtraVolumes []struct {
Name string `yaml:"name"`
HostPath struct {
Path string `yaml:"path"`
Type string `yaml:"type"`
} `yaml:"hostPath"`
} `yaml:"extraVolumes"`
} `yaml:"daemonset"`
}