diff --git a/internal/generator/vector/output/loki/loki.go b/internal/generator/vector/output/loki/loki.go index 50c5eead59..9f3a53479a 100644 --- a/internal/generator/vector/output/loki/loki.go +++ b/internal/generator/vector/output/loki/loki.go @@ -2,6 +2,7 @@ package loki import ( "fmt" + "github.com/openshift/cluster-logging-operator/internal/generator/url" "strings" "github.com/openshift/cluster-logging-operator/internal/generator/vector/helpers" @@ -193,12 +194,13 @@ func TLSConf(o logging.OutputSpec, secret *corev1.Secret) []Element { conf := []Element{} hasTLS := false + u, _ := url.Parse(o.URL) conf = append(conf, security.TLSConf{ ComponentID: strings.ToLower(vectorhelpers.Replacer.Replace(o.Name)), InsecureSkipVerify: o.TLS != nil && o.TLS.InsecureSkipVerify, }) - if o.Name == logging.OutputNameDefault || security.HasTLSCertAndKey(secret) { + if o.Secret != nil && (o.Name == logging.OutputNameDefault || security.HasTLSCertAndKey(secret)) { hasTLS = true kc := TLSKeyCert{ CertPath: security.SecretPath(o.Secret.Name, constants.ClientCertKey), @@ -206,7 +208,7 @@ func TLSConf(o logging.OutputSpec, secret *corev1.Secret) []Element { } conf = append(conf, kc) } - if o.Name == logging.OutputNameDefault || security.HasCABundle(secret) { + if o.Secret != nil && (o.Name == logging.OutputNameDefault || security.HasCABundle(secret)) { hasTLS = true ca := CAFile{ CAFilePath: security.SecretPath(o.Secret.Name, constants.TrustedCABundleKey), @@ -216,10 +218,7 @@ func TLSConf(o logging.OutputSpec, secret *corev1.Secret) []Element { if o.TLS != nil && o.TLS.InsecureSkipVerify { hasTLS = true } - if !hasTLS { - return []Element{} - } - if o.Secret == nil && secret != nil { + if o.Secret == nil && secret != nil && url.IsTLSScheme(u.Scheme) { // Set CA from logcollector ServiceAccount for internal Loki return []Element{ security.TLSConf{ @@ -230,6 +229,9 @@ func TLSConf(o logging.OutputSpec, secret *corev1.Secret) []Element { }, } } + if !hasTLS { + return []Element{} + } return conf } diff --git a/internal/generator/vector/output/loki/loki_conf_test.go b/internal/generator/vector/output/loki/loki_conf_test.go index d9af3aed87..e14daf5a86 100644 --- a/internal/generator/vector/output/loki/loki_conf_test.go +++ b/internal/generator/vector/output/loki/loki_conf_test.go @@ -84,45 +84,45 @@ var _ = Describe("Generate vector config", func() { hooks.init = "init" hooks.process = "process" source = ''' - function init() - count = 0 - end - function process(event, emit) - count = count + 1 - event.log.openshift.sequence = count - if event.log.kubernetes == nil then - emit(event) - return - end - if event.log.kubernetes.labels == nil then - emit(event) - return - end + function init() + count = 0 + end + function process(event, emit) + count = count + 1 + event.log.openshift.sequence = count + if event.log.kubernetes == nil then + emit(event) + return + end + if event.log.kubernetes.labels == nil then + emit(event) + return + end dedot(event.log.kubernetes.namespace_labels) - dedot(event.log.kubernetes.labels) - emit(event) - end - - function dedot(map) - if map == nil then - return - end - local new_map = {} - local changed_keys = {} - for k, v in pairs(map) do - local dedotted = string.gsub(k, "[./]", "_") - if dedotted ~= k then - new_map[dedotted] = v - changed_keys[k] = true - end - end - for k in pairs(changed_keys) do - map[k] = nil - end - for k, v in pairs(new_map) do - map[k] = v - end - end + dedot(event.log.kubernetes.labels) + emit(event) + end + + function dedot(map) + if map == nil then + return + end + local new_map = {} + local changed_keys = {} + for k, v in pairs(map) do + local dedotted = string.gsub(k, "[./]", "_") + if dedotted ~= k then + new_map[dedotted] = v + changed_keys[k] = true + end + end + for k in pairs(changed_keys) do + map[k] = nil + end + for k, v in pairs(new_map) do + map[k] = v + end + end ''' [sinks.loki_receiver] @@ -188,45 +188,45 @@ var _ = Describe("Generate vector config", func() { hooks.init = "init" hooks.process = "process" source = ''' - function init() - count = 0 - end - function process(event, emit) - count = count + 1 - event.log.openshift.sequence = count - if event.log.kubernetes == nil then - emit(event) - return - end - if event.log.kubernetes.labels == nil then - emit(event) - return - end + function init() + count = 0 + end + function process(event, emit) + count = count + 1 + event.log.openshift.sequence = count + if event.log.kubernetes == nil then + emit(event) + return + end + if event.log.kubernetes.labels == nil then + emit(event) + return + end dedot(event.log.kubernetes.namespace_labels) - dedot(event.log.kubernetes.labels) - emit(event) - end - - function dedot(map) - if map == nil then - return - end - local new_map = {} - local changed_keys = {} - for k, v in pairs(map) do - local dedotted = string.gsub(k, "[./]", "_") - if dedotted ~= k then - new_map[dedotted] = v - changed_keys[k] = true - end - end - for k in pairs(changed_keys) do - map[k] = nil - end - for k, v in pairs(new_map) do - map[k] = v - end - end + dedot(event.log.kubernetes.labels) + emit(event) + end + + function dedot(map) + if map == nil then + return + end + local new_map = {} + local changed_keys = {} + for k, v in pairs(map) do + local dedotted = string.gsub(k, "[./]", "_") + if dedotted ~= k then + new_map[dedotted] = v + changed_keys[k] = true + end + end + for k in pairs(changed_keys) do + map[k] = nil + end + for k, v in pairs(new_map) do + map[k] = v + end + end ''' [sinks.loki_receiver] @@ -283,6 +283,210 @@ var _ = Describe("Generate vector config", func() { del(.tag) ''' + [transforms.loki_receiver_dedot] + type = "lua" + inputs = ["loki_receiver_remap"] + version = "2" + hooks.init = "init" + hooks.process = "process" + source = ''' + function init() + count = 0 + end + function process(event, emit) + count = count + 1 + event.log.openshift.sequence = count + if event.log.kubernetes == nil then + emit(event) + return + end + if event.log.kubernetes.labels == nil then + emit(event) + return + end + dedot(event.log.kubernetes.namespace_labels) + dedot(event.log.kubernetes.labels) + emit(event) + end + + function dedot(map) + if map == nil then + return + end + local new_map = {} + local changed_keys = {} + for k, v in pairs(map) do + local dedotted = string.gsub(k, "[./]", "_") + if dedotted ~= k then + new_map[dedotted] = v + changed_keys[k] = true + end + end + for k in pairs(changed_keys) do + map[k] = nil + end + for k, v in pairs(new_map) do + map[k] = v + end + end + ''' + + [sinks.loki_receiver] + type = "loki" + inputs = ["loki_receiver_dedot"] + endpoint = "https://logs-us-west1.grafana.net" + out_of_order_action = "accept" + healthcheck.enabled = false + tenant_id = "{{foo.bar.baz}}" + + [sinks.loki_receiver.encoding] + codec = "json" + + [sinks.loki_receiver.labels] + kubernetes_container_name = "{{kubernetes.container_name}}" + kubernetes_host = "${VECTOR_SELF_NODE_NAME}" + kubernetes_namespace_name = "{{kubernetes.namespace_name}}" + kubernetes_pod_name = "{{kubernetes.pod_name}}" + log_type = "{{log_type}}" + + # Basic Auth Config + [sinks.loki_receiver.auth] + strategy = "basic" + user = "username" + password = "password" + + `, + }), + Entry("with custom bearer token", helpers.ConfGenerateTest{ + CLFSpec: logging.ClusterLogForwarderSpec{ + Outputs: []logging.OutputSpec{ + { + Type: logging.OutputTypeLoki, + Name: "loki-receiver", + URL: "http://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application", + Secret: &logging.OutputSecretSpec{ + Name: "custom-loki-secret", + }, + }, + }, + }, + Secrets: map[string]*corev1.Secret{ + "loki-receiver": { + Data: map[string][]byte{ + "token": []byte("token-for-custom-loki"), + }, + }, + }, + ExpectedConf: ` + [transforms.loki_receiver_remap] + type = "remap" + inputs = ["application"] + source = ''' + del(.tag) + ''' + + [transforms.loki_receiver_dedot] + type = "lua" + inputs = ["loki_receiver_remap"] + version = "2" + hooks.init = "init" + hooks.process = "process" + source = ''' + function init() + count = 0 + end + function process(event, emit) + count = count + 1 + event.log.openshift.sequence = count + if event.log.kubernetes == nil then + emit(event) + return + end + if event.log.kubernetes.labels == nil then + emit(event) + return + end + dedot(event.log.kubernetes.namespace_labels) + dedot(event.log.kubernetes.labels) + emit(event) + end + + function dedot(map) + if map == nil then + return + end + local new_map = {} + local changed_keys = {} + for k, v in pairs(map) do + local dedotted = string.gsub(k, "[./]", "_") + if dedotted ~= k then + new_map[dedotted] = v + changed_keys[k] = true + end + end + for k in pairs(changed_keys) do + map[k] = nil + end + for k, v in pairs(new_map) do + map[k] = v + end + end + ''' + + [sinks.loki_receiver] + type = "loki" + inputs = ["loki_receiver_dedot"] + endpoint = "http://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application" + out_of_order_action = "accept" + healthcheck.enabled = false + + [sinks.loki_receiver.encoding] + codec = "json" + + [sinks.loki_receiver.labels] + kubernetes_container_name = "{{kubernetes.container_name}}" + kubernetes_host = "${VECTOR_SELF_NODE_NAME}" + kubernetes_namespace_name = "{{kubernetes.namespace_name}}" + kubernetes_pod_name = "{{kubernetes.pod_name}}" + log_type = "{{log_type}}" + + # Bearer Auth Config + [sinks.loki_receiver.auth] + strategy = "bearer" + token = "token-for-custom-loki" + `, + }), + Entry("with TLS insecureSkipVerify=true", helpers.ConfGenerateTest{ + CLFSpec: logging.ClusterLogForwarderSpec{ + Outputs: []logging.OutputSpec{ + { + Type: logging.OutputTypeLoki, + Name: "loki-receiver", + URL: "https://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application", + Secret: &logging.OutputSecretSpec{ + Name: "custom-loki-secret", + }, + TLS: &logging.OutputTLSSpec{ + InsecureSkipVerify: true, + }, + }, + }, + }, + Secrets: map[string]*corev1.Secret{ + "loki-receiver": { + Data: map[string][]byte{ + "ca-bundle.crt": []byte("junk"), + }, + }, + }, + ExpectedConf: ` + [transforms.loki_receiver_remap] + type = "remap" + inputs = ["application"] + source = ''' + del(.tag) + ''' + [transforms.loki_receiver_dedot] type = "lua" inputs = ["loki_receiver_remap"] @@ -334,10 +538,9 @@ var _ = Describe("Generate vector config", func() { [sinks.loki_receiver] type = "loki" inputs = ["loki_receiver_dedot"] - endpoint = "https://logs-us-west1.grafana.net" + endpoint = "https://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application" out_of_order_action = "accept" healthcheck.enabled = false - tenant_id = "{{foo.bar.baz}}" [sinks.loki_receiver.encoding] codec = "json" @@ -349,34 +552,26 @@ var _ = Describe("Generate vector config", func() { kubernetes_pod_name = "{{kubernetes.pod_name}}" log_type = "{{log_type}}" - # Basic Auth Config - [sinks.loki_receiver.auth] - strategy = "basic" - user = "username" - password = "password" - + [sinks.loki_receiver.tls] + enabled = true + verify_certificate = false + verify_hostname = false + ca_file = "/var/run/ocp-collector/secrets/custom-loki-secret/ca-bundle.crt" `, }), - Entry("with custom bearer token", helpers.ConfGenerateTest{ + Entry("with TLS insecureSkipVerify=true no certificate", helpers.ConfGenerateTest{ CLFSpec: logging.ClusterLogForwarderSpec{ Outputs: []logging.OutputSpec{ { Type: logging.OutputTypeLoki, Name: "loki-receiver", - URL: "http://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application", - Secret: &logging.OutputSecretSpec{ - Name: "custom-loki-secret", + URL: "https://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application", + TLS: &logging.OutputTLSSpec{ + InsecureSkipVerify: true, }, }, }, }, - Secrets: map[string]*corev1.Secret{ - "loki-receiver": { - Data: map[string][]byte{ - "token": []byte("token-for-custom-loki"), - }, - }, - }, ExpectedConf: ` [transforms.loki_receiver_remap] type = "remap" @@ -436,7 +631,7 @@ var _ = Describe("Generate vector config", func() { [sinks.loki_receiver] type = "loki" inputs = ["loki_receiver_dedot"] - endpoint = "http://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application" + endpoint = "https://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application" out_of_order_action = "accept" healthcheck.enabled = false @@ -450,25 +645,19 @@ var _ = Describe("Generate vector config", func() { kubernetes_pod_name = "{{kubernetes.pod_name}}" log_type = "{{log_type}}" - # Bearer Auth Config - [sinks.loki_receiver.auth] - strategy = "bearer" - token = "token-for-custom-loki" + [sinks.loki_receiver.tls] + enabled = true + verify_certificate = false + verify_hostname = false `, }), - Entry("with TLS insecureSkipVerify=true", helpers.ConfGenerateTest{ + Entry("with default CA", helpers.ConfGenerateTest{ CLFSpec: logging.ClusterLogForwarderSpec{ Outputs: []logging.OutputSpec{ { Type: logging.OutputTypeLoki, Name: "loki-receiver", URL: "https://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application", - Secret: &logging.OutputSecretSpec{ - Name: "custom-loki-secret", - }, - TLS: &logging.OutputTLSSpec{ - InsecureSkipVerify: true, - }, }, }, }, @@ -486,7 +675,7 @@ var _ = Describe("Generate vector config", func() { source = ''' del(.tag) ''' - + [transforms.loki_receiver_dedot] type = "lua" inputs = ["loki_receiver_remap"] @@ -512,7 +701,7 @@ var _ = Describe("Generate vector config", func() { dedot(event.log.kubernetes.labels) emit(event) end - + function dedot(map) if map == nil then return @@ -534,41 +723,52 @@ var _ = Describe("Generate vector config", func() { end end ''' - + [sinks.loki_receiver] type = "loki" inputs = ["loki_receiver_dedot"] endpoint = "https://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application" out_of_order_action = "accept" healthcheck.enabled = false - + [sinks.loki_receiver.encoding] codec = "json" - + [sinks.loki_receiver.labels] kubernetes_container_name = "{{kubernetes.container_name}}" kubernetes_host = "${VECTOR_SELF_NODE_NAME}" kubernetes_namespace_name = "{{kubernetes.namespace_name}}" kubernetes_pod_name = "{{kubernetes.pod_name}}" log_type = "{{log_type}}" - + [sinks.loki_receiver.tls] enabled = true - verify_certificate = false - verify_hostname = false - ca_file = "/var/run/ocp-collector/secrets/custom-loki-secret/ca-bundle.crt" + ca_file = "/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt" `, }), - Entry("with TLS insecureSkipVerify=true no certificate", helpers.ConfGenerateTest{ + ) +}) + +var _ = Describe("Generate vector config for in cluster loki", func() { + inputPipeline := []string{"application"} + var f = func(clspec logging.CollectionSpec, secrets map[string]*corev1.Secret, clfspec logging.ClusterLogForwarderSpec, op generator.Options) []generator.Element { + return Conf(clfspec.Outputs[0], inputPipeline, secrets[constants.LogCollectorToken], generator.NoOptions) + } + DescribeTable("for Loki output", helpers.TestGenerateConfWith(f), + Entry("with default logcollector bearer token", helpers.ConfGenerateTest{ CLFSpec: logging.ClusterLogForwarderSpec{ Outputs: []logging.OutputSpec{ { Type: logging.OutputTypeLoki, Name: "loki-receiver", - URL: "https://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application", - TLS: &logging.OutputTLSSpec{ - InsecureSkipVerify: true, - }, + URL: "http://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application", + }, + }, + }, + Secrets: map[string]*corev1.Secret{ + constants.LogCollectorToken: { + Data: map[string][]byte{ + "token": []byte("token-for-internal-loki"), }, }, }, @@ -577,9 +777,9 @@ var _ = Describe("Generate vector config", func() { type = "remap" inputs = ["application"] source = ''' - del(.tag) + del(.tag) ''' - + [transforms.loki_receiver_dedot] type = "lua" inputs = ["loki_receiver_remap"] @@ -587,68 +787,68 @@ var _ = Describe("Generate vector config", func() { hooks.init = "init" hooks.process = "process" source = ''' - function init() - count = 0 - end - function process(event, emit) - count = count + 1 - event.log.openshift.sequence = count - if event.log.kubernetes == nil then - emit(event) - return - end - if event.log.kubernetes.labels == nil then - emit(event) - return - end + function init() + count = 0 + end + function process(event, emit) + count = count + 1 + event.log.openshift.sequence = count + if event.log.kubernetes == nil then + emit(event) + return + end + if event.log.kubernetes.labels == nil then + emit(event) + return + end dedot(event.log.kubernetes.namespace_labels) - dedot(event.log.kubernetes.labels) - emit(event) - end - - function dedot(map) - if map == nil then - return - end - local new_map = {} - local changed_keys = {} - for k, v in pairs(map) do - local dedotted = string.gsub(k, "[./]", "_") - if dedotted ~= k then - new_map[dedotted] = v - changed_keys[k] = true - end - end - for k in pairs(changed_keys) do - map[k] = nil - end - for k, v in pairs(new_map) do - map[k] = v - end - end + dedot(event.log.kubernetes.labels) + emit(event) + end + + function dedot(map) + if map == nil then + return + end + local new_map = {} + local changed_keys = {} + for k, v in pairs(map) do + local dedotted = string.gsub(k, "[./]", "_") + if dedotted ~= k then + new_map[dedotted] = v + changed_keys[k] = true + end + end + for k in pairs(changed_keys) do + map[k] = nil + end + for k, v in pairs(new_map) do + map[k] = v + end + end ''' - + [sinks.loki_receiver] type = "loki" inputs = ["loki_receiver_dedot"] - endpoint = "https://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application" + endpoint = "http://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application" out_of_order_action = "accept" healthcheck.enabled = false - + [sinks.loki_receiver.encoding] codec = "json" - + [sinks.loki_receiver.labels] kubernetes_container_name = "{{kubernetes.container_name}}" kubernetes_host = "${VECTOR_SELF_NODE_NAME}" kubernetes_namespace_name = "{{kubernetes.namespace_name}}" kubernetes_pod_name = "{{kubernetes.pod_name}}" log_type = "{{log_type}}" - - [sinks.loki_receiver.tls] - enabled = true - verify_certificate = false - verify_hostname = false + + # Bearer Auth Config + [sinks.loki_receiver.auth] + strategy = "bearer" + token = "token-for-internal-loki" `, }), ) @@ -659,105 +859,107 @@ var _ = Describe("Generate vector config for in cluster loki", func() { var f = func(clspec logging.CollectionSpec, secrets map[string]*corev1.Secret, clfspec logging.ClusterLogForwarderSpec, op generator.Options) []generator.Element { return Conf(clfspec.Outputs[0], inputPipeline, secrets[constants.LogCollectorToken], generator.NoOptions) } - DescribeTable("for Loki output", helpers.TestGenerateConfWith(f)) // Entry("with default logcollector bearer token", helpers.ConfGenerateTest{ - // CLFSpec: logging.ClusterLogForwarderSpec{ - // Outputs: []logging.OutputSpec{ - // { - // Type: logging.OutputTypeLoki, - // Name: "loki-receiver", - // URL: "http://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application", - // }, - // }, - // }, - // Secrets: map[string]*corev1.Secret{ - // constants.LogCollectorToken: { - // Data: map[string][]byte{ - // "token": []byte("token-for-internal-loki"), - // }, - // }, - // }, - // ExpectedConf: ` - //[transforms.loki_receiver_remap] - //type = "remap" - //inputs = ["application"] - //source = ''' - // del(.tag) - //''' - // - //[transforms.loki_receiver_dedot] - //type = "lua" - //inputs = ["loki_receiver_remap"] - //version = "2" - //hooks.init = "init" - //hooks.process = "process" - //source = ''' - // function init() - // count = 0 - // end - // function process(event, emit) - // count = count + 1 - // event.log.openshift.sequence = count - // if event.log.kubernetes == nil then - // emit(event) - // return - // end - // if event.log.kubernetes.labels == nil then - // emit(event) - // return - // end - // dedot(event.log.kubernetes.namespace_labels) - // dedot(event.log.kubernetes.labels) - // emit(event) - // end - // - // function dedot(map) - // if map == nil then - // return - // end - // local new_map = {} - // local changed_keys = {} - // for k, v in pairs(map) do - // local dedotted = string.gsub(k, "[./]", "_") - // if dedotted ~= k then - // new_map[dedotted] = v - // changed_keys[k] = true - // end - // end - // for k in pairs(changed_keys) do - // map[k] = nil - // end - // for k, v in pairs(new_map) do - // map[k] = v - // end - // end - //''' - // - //[sinks.loki_receiver] - //type = "loki" - //inputs = ["loki_receiver_dedot"] - //endpoint = "http://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application" - //out_of_order_action = "accept" - //healthcheck.enabled = false - // - //[sinks.loki_receiver.encoding] - //codec = "json" - // - //[sinks.loki_receiver.labels] - //kubernetes_container_name = "{{kubernetes.container_name}}" - //kubernetes_host = "${VECTOR_SELF_NODE_NAME}" - //kubernetes_namespace_name = "{{kubernetes.namespace_name}}" - //kubernetes_pod_name = "{{kubernetes.pod_name}}" - //log_type = "{{log_type}}" - // - //[sinks.loki_receiver.tls] - //enabled = true - //ca_file = "/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt" - //# Bearer Auth Config - //[sinks.loki_receiver.auth] - //strategy = "bearer" - //token = "token-for-internal-loki" - //`, - // }), + DescribeTable("for Loki output", helpers.TestGenerateConfWith(f)) + Entry("with default logcollector bearer token", helpers.ConfGenerateTest{ + CLFSpec: logging.ClusterLogForwarderSpec{ + Outputs: []logging.OutputSpec{ + { + Type: logging.OutputTypeLoki, + Name: "loki-receiver", + URL: "http://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application", + }, + }, + }, + Secrets: map[string]*corev1.Secret{ + constants.LogCollectorToken: { + Data: map[string][]byte{ + "token": []byte("token-for-internal-loki"), + }, + }, + }, + ExpectedConf: ` + [transforms.loki_receiver_remap] + type = "remap" + inputs = ["application"] + source = ''' + del(.tag) + ''' + + [transforms.loki_receiver_dedot] + type = "lua" + inputs = ["loki_receiver_remap"] + version = "2" + hooks.init = "init" + hooks.process = "process" + source = ''' + function init() + count = 0 + end + function process(event, emit) + count = count + 1 + event.log.openshift.sequence = count + if event.log.kubernetes == nil then + emit(event) + return + end + if event.log.kubernetes.labels == nil then + emit(event) + return + end + dedot(event.log.kubernetes.namespace_labels) + dedot(event.log.kubernetes.labels) + emit(event) + end + + function dedot(map) + if map == nil then + return + end + local new_map = {} + local changed_keys = {} + for k, v in pairs(map) do + local dedotted = string.gsub(k, "[./]", "_") + if dedotted ~= k then + new_map[dedotted] = v + changed_keys[k] = true + end + end + for k in pairs(changed_keys) do + map[k] = nil + end + for k, v in pairs(new_map) do + map[k] = v + end + end + ''' + + [sinks.loki_receiver] + type = "loki" + inputs = ["loki_receiver_dedot"] + endpoint = "http://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application" + out_of_order_action = "accept" + healthcheck.enabled = false + + [sinks.loki_receiver.encoding] + codec = "json" + + [sinks.loki_receiver.labels] + kubernetes_container_name = "{{kubernetes.container_name}}" + kubernetes_host = "${VECTOR_SELF_NODE_NAME}" + kubernetes_namespace_name = "{{kubernetes.namespace_name}}" + kubernetes_pod_name = "{{kubernetes.pod_name}}" + log_type = "{{log_type}}" + + [sinks.loki_receiver.tls] + enabled = true + ca_file = "/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt" + + # Bearer Auth Config + [sinks.loki_receiver.auth] + strategy = "bearer" + token = "token-for-internal-loki" + `, + }) })