Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-43657

API: Audit logs persisting request to /livez

XMLWordPrintable

    • None
    • False
    • Hide

      None

      Show
      None
    • Release Note Not Required
    • In Progress

      This is a clone of issue OCPBUGS-43655. The following is the description of the original issue:

      Description of problem:

      When we switched the API servers to use the /livez endpoint, we overlooked updating the audit policy to exclude this endpoint from being logged. As a result, requests to the /livez endpoint are currently being persisted in the audit log files.

The issue applies to the other API servers as well (oas and oauth-apiserver)

      Version-Release number of selected component (if applicable):

      How reproducible:

      Just download must-gather and grep for /livez endpoint.

      Steps to Reproduce:

      Just download must-gather and grep for /livez endpoint.

      Actual results:

      Requests to the /livez endpoint are being recorded in the audit log files.

      Expected results:

      Requests to the /livez endpoint are NOT being recorded in the audit log files.

      Additional info:

            lszaszki@redhat.com Lukasz Szaszkiewicz
            openshift-crt-jira-prow OpenShift Prow Bot
            Ke Wang Ke Wang
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: