From f9c880549de895be9ec21b4e152565ee373c7820 Mon Sep 17 00:00:00 2001
From: miwr <michal.wrobel@telekom.de>
Date: Wed, 26 Mar 2025 14:51:33 +0100
Subject: [PATCH] configuration added

---
 template/stacks/monitoring/alloy/values.yaml  |  5 +-
 .../openbao-logging-setup.yaml                | 29 ----------
 .../create-logging-directory.yaml             | 37 ------------
 .../openbao-logging/logrotate.yaml            | 56 -------------------
 .../sidecar-container-alloy-configmap.yaml    | 26 ---------
 .../ref-implementation/openbao/values.yaml    | 36 +-----------
 6 files changed, 6 insertions(+), 183 deletions(-)
 delete mode 100644 template/stacks/ref-implementation/openbao-logging-setup.yaml
 delete mode 100644 template/stacks/ref-implementation/openbao-logging/create-logging-directory.yaml
 delete mode 100644 template/stacks/ref-implementation/openbao-logging/logrotate.yaml
 delete mode 100644 template/stacks/ref-implementation/openbao-logging/sidecar-container-alloy-configmap.yaml

diff --git a/template/stacks/monitoring/alloy/values.yaml b/template/stacks/monitoring/alloy/values.yaml
index d24bc06..50dddb8 100644
--- a/template/stacks/monitoring/alloy/values.yaml
+++ b/template/stacks/monitoring/alloy/values.yaml
@@ -1,5 +1,4 @@
 alloy:
-  
   extraPorts:
     - name: "tcpsocket"
       port: 1514
@@ -80,6 +79,10 @@ alloy:
 
       }
 
+      loki.source.kubernetes "all_pod_logs" {
+        targets    = discovery.relabel.pod_logs.output
+        forward_to = [loki.write.local_loki.receiver]
+      }
 
       loki.source.syslog "tcp_socket" {
         listener {
diff --git a/template/stacks/ref-implementation/openbao-logging-setup.yaml b/template/stacks/ref-implementation/openbao-logging-setup.yaml
deleted file mode 100644
index d6f9bc6..0000000
--- a/template/stacks/ref-implementation/openbao-logging-setup.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: openbao-logging-setup
-  namespace: argocd
-  labels:
-    env: dev
-  finalizers:
-    - resources-finalizer.argocd.argoproj.io
-spec:
-  project: default
-  source:
-    repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder
-    targetRevision: HEAD
-    path: "stacks/ref-implementation/openbao-logging"
-  destination:
-    server: "https://kubernetes.default.svc"
-    namespace: openbao
-  syncPolicy:
-    syncOptions:
-      - CreateNamespace=true
-    automated:
-      selfHeal: true
-    retry:
-      limit: -1
-      backoff:
-        duration: 15s
-        factor: 1
-        maxDuration: 15s
diff --git a/template/stacks/ref-implementation/openbao-logging/create-logging-directory.yaml b/template/stacks/ref-implementation/openbao-logging/create-logging-directory.yaml
deleted file mode 100644
index 1a0b0d0..0000000
--- a/template/stacks/ref-implementation/openbao-logging/create-logging-directory.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  name: openbao-logging-dir
-  namespace: openbao
-spec:
-  selector:
-    matchLabels:
-      app: openbao-logging-dir
-  template:
-    metadata:
-      labels:
-        app: openbao-logging-dir
-    spec:
-      initContainers:
-      - name: creator
-        image: busybox
-        command: ["/bin/sh", "-c"]
-        args:
-        - |
-          set -e
-          mkdir -p /var/log/openbao
-          chown 100:100 /var/log/openbao
-        securityContext:
-          runAsUser: 0 
-        volumeMounts:
-        - name: host-log
-          mountPath: /var/log
-      containers:
-      - name: running-container
-        image: busybox
-        command: ["sleep", "infinity"]
-      volumes:
-      - name: host-log
-        hostPath:
-          path: /var/log
-          type: Directory
\ No newline at end of file
diff --git a/template/stacks/ref-implementation/openbao-logging/logrotate.yaml b/template/stacks/ref-implementation/openbao-logging/logrotate.yaml
deleted file mode 100644
index 4c2be6f..0000000
--- a/template/stacks/ref-implementation/openbao-logging/logrotate.yaml
+++ /dev/null
@@ -1,56 +0,0 @@
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  name: openbao-logrotate
-  namespace: openbao
-spec:
-  selector:
-    matchLabels:
-      app: openbao-logrotate
-  template:
-    metadata:
-      labels:
-        app: openbao-logrotate
-    spec:
-      containers:
-      - name: logrotate
-        image: alpine
-        command: ["/bin/sh", "-c"]
-        args:
-        - |
-          apk add --no-cache logrotate
-          while true; do logrotate -f /etc/logrotate.d/openbao; sleep 60; done
-        volumeMounts:
-        - name: logrotate-config
-          mountPath: /etc/logrotate.d/openbao
-          subPath: openbao
-        - name: host-log
-          mountPath: /var/log/openbao
-      volumes:
-      - name: logrotate-config
-        configMap:
-          name: openbao-logrotate-config
-      - name: host-log
-        hostPath:
-          path: /var/log
-          type: Directory
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: openbao-logrotate-config
-  namespace: openbao
-data:
-  openbao: |
-    /var/log/openbao/openbao/*.log {
-    size 5k
-    rotate 7
-    compress
-    missingok
-    notifempty
-    postrotate
-        mkdir pupa
-        kill -SIGHUP $(pidof bao)
-    endscript
-    }
\ No newline at end of file
diff --git a/template/stacks/ref-implementation/openbao-logging/sidecar-container-alloy-configmap.yaml b/template/stacks/ref-implementation/openbao-logging/sidecar-container-alloy-configmap.yaml
deleted file mode 100644
index 1b89a78..0000000
--- a/template/stacks/ref-implementation/openbao-logging/sidecar-container-alloy-configmap.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-# apiVersion: v1
-# kind: ConfigMap
-# metadata:
-#   name: sidecar-container-alloy-config
-# data:
-#   config.alloy: |
-#     logging {
-#       level  = "info"
-#       format = "logfmt"
-#     }
-
-#     loki.write "local_loki" {
-#       endpoint {
-#           url = "http://loki-loki-distributed-gateway.monitoring.svc.cluster.local/loki/api/v1/push"
-#       }
-#     }
-
-#     local.file_match "applogs" {
-#       path_targets = [{"__path__" = "/openbao/logs/*"}]
-#       sync_period = "5s"
-#     }
-
-#     loki.source.file "openbao_logs" {
-#       targets    = local.file_match.applogs.targets
-#       forward_to = [loki.write.local_loki.receiver]
-#     }
\ No newline at end of file
diff --git a/template/stacks/ref-implementation/openbao/values.yaml b/template/stacks/ref-implementation/openbao/values.yaml
index 233b44d..7306dd6 100644
--- a/template/stacks/ref-implementation/openbao/values.yaml
+++ b/template/stacks/ref-implementation/openbao/values.yaml
@@ -1,35 +1,4 @@
-server:
-  # extraContainers:
-  #   - name: grafana-alloy
-  #     image: grafana/alloy:latest
-  #     ports:
-  #       - containerPort: 12345
-  #     securityContext:
-  #       runAsUser: 100
-  #     volumeMounts:
-  #           - name: alloy-data
-  #             mountPath: /var/lib/alloy
-  #           - name: config-volume
-  #             mountPath: /etc/alloy
-  #           - name: host-log-storage
-  #             mountPath: /openbao/logs
-    
-  volumes:
-    # - name: alloy-data
-    #   emptyDir: {}
-    # - name: config-volume
-    #   configMap: 
-    #     name: sidecar-container-alloy-config
-    - name: host-log-storage
-      hostPath:
-        path: /var/log
-        type: Directory
-
-  volumeMounts:
-    - mountPath: /openbao/logs
-      name: host-log-storage
-      readOnly: false
-
+server:    
   postStart:
     - sh
     - -c
@@ -46,7 +15,6 @@ server:
       echo $(grep "Unseal Key 5:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key5.txt
       bao login $(grep "Initial Root Token:" /tmp/init.txt | awk '{print $NF}')
       rm /tmp/init.txt
-      bao audit enable -path="stdout" file file_path=stdout
-      bao audit enable -path="file" file file_path=/openbao/logs/openbao/openbao.log
+      bao audit enable socket address=alloy.monitoring.svc.cluster.local:1514 socket_type=tcp
 ui:
   enabled: true
\ No newline at end of file