Skip to content

Commit 87d7e3b

Browse files
spowelljrspowelljr
authored
Merge pull request #14695 from spowelljr/limitAuditSize
Limit number of audit entries
2 parents 3db9ca8 + 16c8c96 commit 87d7e3b

File tree

5 files changed

+57
-2
lines changed

5 files changed

+57
-2
lines changed

cmd/minikube/cmd/config/config.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -168,6 +168,10 @@ var settings = []Setting{
168168
name: config.Rootless,
169169
set: SetBool,
170170
},
171+
{
172+
name: config.MaxAuditEntries,
173+
set: SetInt,
174+
},
171175
}
172176

173177
// ConfigCmd represents the config command

cmd/minikube/cmd/root.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -325,6 +325,7 @@ func setupViper() {
325325
viper.SetDefault(config.ReminderWaitPeriodInHours, 24)
326326
viper.SetDefault(config.WantNoneDriverWarning, true)
327327
viper.SetDefault(config.WantVirtualBoxDriverWarning, true)
328+
viper.SetDefault(config.MaxAuditEntries, 1000)
328329
}
329330

330331
func addToPath(dir string) {

pkg/minikube/audit/audit.go

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -98,6 +98,9 @@ func LogCommandEnd(id string) error {
9898
return err
9999
}
100100
var entriesNeedsToUpdate int
101+
102+
startIndex := getStartIndex(len(rowSlice))
103+
rowSlice = rowSlice[startIndex:]
101104
for _, v := range rowSlice {
102105
if v.id == id {
103106
v.endTime = time.Now().Format(constants.TimeFormat)
@@ -118,6 +121,15 @@ func LogCommandEnd(id string) error {
118121
return nil
119122
}
120123

124+
func getStartIndex(entryCount int) int {
125+
maxEntries := viper.GetInt(config.MaxAuditEntries)
126+
startIndex := entryCount - maxEntries
127+
if maxEntries <= 0 || startIndex <= 0 {
128+
return 0
129+
}
130+
return startIndex
131+
}
132+
121133
// shouldLog returns if the command should be logged.
122134
func shouldLog() bool {
123135
// in rare chance we get here without a command, don't log

pkg/minikube/audit/audit_test.go

Lines changed: 38 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,11 @@ limitations under the License.
1717
package audit
1818

1919
import (
20+
"io"
2021
"os"
22+
"os/exec"
2123
"os/user"
24+
"strings"
2225
"testing"
2326

2427
"github.com/spf13/pflag"
@@ -27,6 +30,33 @@ import (
2730
)
2831

2932
func TestAudit(t *testing.T) {
33+
var auditFilename string
34+
35+
t.Run("setup", func(t *testing.T) {
36+
f, err := os.CreateTemp("", "audit.json")
37+
if err != nil {
38+
t.Fatalf("failed creating temporary file: %v", err)
39+
}
40+
auditFilename = f.Name()
41+
42+
s := `{"data":{"args":"-p mini1","command":"start","endTime":"Wed, 03 Feb 2021 15:33:05 MST","profile":"mini1","startTime":"Wed, 03 Feb 2021 15:30:33 MST","user":"user1"},"datacontenttype":"application/json","id":"9b7593cb-fbec-49e5-a3ce-bdc2d0bfb208","source":"https://minikube.sigs.k8s.io/","specversion":"1.0","type":"io.k8s.si gs.minikube.audit"}
43+
{"data":{"args":"-p mini1","command":"start","endTime":"Wed, 03 Feb 2021 15:33:05 MST","profile":"mini1","startTime":"Wed, 03 Feb 2021 15:30:33 MST","user":"user1"},"datacontenttype":"application/json","id":"9b7593cb-fbec-49e5-a3ce-bdc2d0bfb208","source":"https://minikube.sigs.k8s.io/","specversion":"1.0","type":"io.k8s.si gs.minikube.audit"}
44+
{"data":{"args":"--user user2","command":"logs","endTime":"Tue, 02 Feb 2021 16:46:20 MST","profile":"minikube","startTime":"Tue, 02 Feb 2021 16:46:00 MST","user":"user2"},"datacontenttype":"application/json","id":"fec03227-2484-48b6-880a-88fd010b5efd","source":"https://minikube.sigs.k8s.io/","specversion":"1.0","type":"io.k8s.sigs.minikube.audit"}
45+
{"data":{"args":"-p mini1","command":"start","endTime":"Wed, 03 Feb 2021 15:33:05 MST","profile":"mini1","startTime":"Wed, 03 Feb 2021 15:30:33 MST","user":"user1"},"datacontenttype":"application/json","id":"9b7593cb-fbec-49e5-a3ce-bdc2d0bfb208","source":"https://minikube.sigs.k8s.io/","specversion":"1.0","type":"io.k8s.si gs.minikube.audit"}
46+
{"data":{"args":"--user user2","command":"logs","endTime":"Tue, 02 Feb 2021 16:46:20 MST","profile":"minikube","startTime":"Tue, 02 Feb 2021 16:46:00 MST","user":"user2"},"datacontenttype":"application/json","id":"fec03227-2484-48b6-880a-88fd010b5efd","source":"https://minikube.sigs.k8s.io/","specversion":"1.0","type":"io.k8s.sigs.minikube.audit"}
47+
`
48+
49+
if _, err := f.WriteString(s); err != nil {
50+
t.Fatalf("failed writing to file: %v", err)
51+
}
52+
if _, err := f.Seek(0, io.SeekStart); err != nil {
53+
t.Fatalf("failed seeking to start of file: %v", err)
54+
}
55+
56+
currentLogFile = f
57+
viper.Set(config.MaxAuditEntries, 3)
58+
})
59+
3060
t.Run("username", func(t *testing.T) {
3161
u, err := user.Current()
3262
if err != nil {
@@ -168,7 +198,6 @@ func TestAudit(t *testing.T) {
168198
mockArgs(t, test.args)
169199

170200
got := isDeletePurge()
171-
172201
if got != test.want {
173202
t.Errorf("test.args = %q; isDeletePurge() = %t; want %t", test.args, got, test.want)
174203
}
@@ -211,11 +240,18 @@ func TestAudit(t *testing.T) {
211240
if err != nil {
212241
t.Fatal("start failed")
213242
}
214-
err = LogCommandEnd(auditID)
243+
if err := LogCommandEnd(auditID); err != nil {
244+
t.Fatal(err)
245+
}
215246

247+
b, err := exec.Command("wc", "-l", auditFilename).Output()
216248
if err != nil {
217249
t.Fatal(err)
218250
}
251+
if !strings.Contains(string(b), "3") {
252+
t.Errorf("MaxAuditEntries did not work, expected 3 lines in the audit log found %s", string(b))
253+
}
254+
219255
})
220256

221257
t.Run("LogCommandEndNonExistingID", func(t *testing.T) {

pkg/minikube/config/config.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -54,6 +54,8 @@ const (
5454
AddonListFlag = "addons"
5555
// EmbedCerts represents the config for embedding certificates in kubeconfig
5656
EmbedCerts = "EmbedCerts"
57+
// MaxAuditEntries is the maximum number of audit entries to retain
58+
MaxAuditEntries = "MaxAuditEntries"
5759
)
5860

5961
var (

0 commit comments

Comments
 (0)