[#1184] config: Add audit.enabled parameter for node
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
This commit is contained in:
parent
75eedf71f3
commit
7b8937ec35
7 changed files with 72 additions and 0 deletions
|
@ -18,6 +18,7 @@ import (
|
|||
netmapV2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/netmap"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config"
|
||||
apiclientconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/apiclient"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/audit"
|
||||
contractsconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/contracts"
|
||||
engineconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/engine"
|
||||
shardconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/engine/shard"
|
||||
|
@ -375,6 +376,7 @@ type internals struct {
|
|||
healthStatus *atomic.Int32
|
||||
// is node under maintenance
|
||||
isMaintenance atomic.Bool
|
||||
audit *atomic.Bool
|
||||
|
||||
sdNotify bool
|
||||
}
|
||||
|
@ -722,6 +724,9 @@ func initInternals(appCfg *config.Config, log *logger.Logger) internals {
|
|||
var healthStatus atomic.Int32
|
||||
healthStatus.Store(int32(control.HealthStatus_HEALTH_STATUS_UNDEFINED))
|
||||
|
||||
var auditRequests atomic.Bool
|
||||
auditRequests.Store(audit.Enabled(appCfg))
|
||||
|
||||
return internals{
|
||||
done: make(chan struct{}),
|
||||
appCfg: appCfg,
|
||||
|
@ -730,6 +735,7 @@ func initInternals(appCfg *config.Config, log *logger.Logger) internals {
|
|||
apiVersion: version.Current(),
|
||||
healthStatus: &healthStatus,
|
||||
sdNotify: initSdNotify(appCfg),
|
||||
audit: &auditRequests,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1278,6 +1284,10 @@ func (c *cfg) reloadConfig(ctx context.Context) {
|
|||
setRuntimeParameters(c)
|
||||
return nil
|
||||
}})
|
||||
components = append(components, dCmp{"audit", func() error {
|
||||
c.audit.Store(audit.Enabled(c.appCfg))
|
||||
return nil
|
||||
}})
|
||||
components = append(components, dCmp{"pools", c.reloadPools})
|
||||
components = append(components, dCmp{"tracing", func() error {
|
||||
updated, err := tracing.Setup(ctx, *tracingconfig.ToTracingConfig(c.appCfg))
|
||||
|
|
12
cmd/frostfs-node/config/audit/config.go
Normal file
12
cmd/frostfs-node/config/audit/config.go
Normal file
|
@ -0,0 +1,12 @@
|
|||
package audit
|
||||
|
||||
import "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config"
|
||||
|
||||
const (
|
||||
subsection = "audit"
|
||||
)
|
||||
|
||||
// Enabled returns the value of "enabled" config parameter from "audit" section.
|
||||
func Enabled(c *config.Config) bool {
|
||||
return config.BoolSafe(c.Sub(subsection), "enabled")
|
||||
}
|
28
cmd/frostfs-node/config/audit/config_test.go
Normal file
28
cmd/frostfs-node/config/audit/config_test.go
Normal file
|
@ -0,0 +1,28 @@
|
|||
package audit
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config"
|
||||
configtest "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/test"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestAuditSection(t *testing.T) {
|
||||
t.Run("defaults", func(t *testing.T) {
|
||||
empty := configtest.EmptyConfig()
|
||||
require.Equal(t, false, Enabled(empty))
|
||||
})
|
||||
|
||||
const path = "../../../../config/example/node"
|
||||
|
||||
fileConfigTest := func(c *config.Config) {
|
||||
require.Equal(t, true, Enabled(c))
|
||||
}
|
||||
|
||||
configtest.ForEachFileType(path, fileConfigTest)
|
||||
|
||||
t.Run("ENV", func(t *testing.T) {
|
||||
configtest.ForEnvFileType(t, path, fileConfigTest)
|
||||
})
|
||||
}
|
|
@ -202,3 +202,6 @@ FROSTFS_TRACING_ENDPOINT="localhost"
|
|||
FROSTFS_TRACING_EXPORTER="otlp_grpc"
|
||||
|
||||
FROSTFS_RUNTIME_SOFT_MEMORY_LIMIT=1073741824
|
||||
|
||||
# AUDIT section
|
||||
FROSTFS_AUDIT_ENABLED=true
|
||||
|
|
|
@ -260,5 +260,8 @@
|
|||
},
|
||||
"runtime": {
|
||||
"soft_memory_limit": 1073741824
|
||||
},
|
||||
"audit": {
|
||||
"enabled": true
|
||||
}
|
||||
}
|
||||
|
|
|
@ -234,3 +234,6 @@ tracing:
|
|||
|
||||
runtime:
|
||||
soft_memory_limit: 1gb
|
||||
|
||||
audit:
|
||||
enabled: true
|
||||
|
|
|
@ -25,6 +25,7 @@ There are some custom types used for brevity:
|
|||
| `replicator` | [Replicator service configuration](#replicator-section) |
|
||||
| `storage` | [Storage engine configuration](#storage-section) |
|
||||
| `runtime` | [Runtime configuration](#runtime-section) |
|
||||
| `audit` | [Audit configuration](#audit-section) |
|
||||
|
||||
|
||||
# `control` section
|
||||
|
@ -428,3 +429,15 @@ runtime:
|
|||
| Parameter | Type | Default value | Description |
|
||||
|---------------------|--------|---------------|--------------------------------------------------------------------------|
|
||||
| `soft_memory_limit` | `size` | 0 | Soft memory limit for the runtime. Zero or no value stands for no limit. If `GOMEMLIMIT` environment variable is set, the value from the configuration file will be ignored. |
|
||||
|
||||
# `audit` section
|
||||
Contains audit parameters.
|
||||
|
||||
```yaml
|
||||
audit:
|
||||
enabled: true
|
||||
```
|
||||
|
||||
| Parameter | Type | Default value | Description |
|
||||
|---------------------|--------|---------------|---------------------------------------------------|
|
||||
| `soft_memory_limit` | `bool` | false | If `true` then audit event logs will be recorded. |
|
||||
|
|
Loading…
Reference in a new issue