Skip to content

Commit

Permalink
Merge pull request kube-logging#1636 from kube-logging/loki-grpc-tls-…
Browse files Browse the repository at this point in the history 
…options

fix(syslog-ng-loki-output): fix invalid tls options
  • Loading branch information
@pepov
pepov authored Jan 8, 2024
2 parents 2c4ff95 + ef62afa commit ec3f380
Show file tree
Hide file tree
Showing 11 changed files with 65 additions and 2,603 deletions.
48 changes: 0 additions & 48 deletions charts/logging-operator/crds/logging.banzaicloud.io_syslogngclusteroutputs.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -974,39 +974,6 @@ spec:
type: object
tls:
properties:
ca_dir:
properties:
mountFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
type: object
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
type: object
type: object
ca_file:
properties:
mountFrom:
Expand Down Expand Up @@ -1073,8 +1040,6 @@ spec:
type: object
type: object
type: object
cipher-suite:
type: string
key_file:
properties:
mountFrom:
Expand Down Expand Up @@ -1108,19 +1073,6 @@ spec:
type: object
type: object
type: object
peer_verify:
type: boolean
ssl_version:
enum:
- sslv3
- tlsv1
- tlsv1_0
- tlsv1_1
- tlsv1_2
- tlsv1_3
type: string
use-system-cert-store:
type: boolean
type: object
type: object
batch-lines:
Expand Down
48 changes: 0 additions & 48 deletions charts/logging-operator/crds/logging.banzaicloud.io_syslogngoutputs.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -970,39 +970,6 @@ spec:
type: object
tls:
properties:
ca_dir:
properties:
mountFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
type: object
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
type: object
type: object
ca_file:
properties:
mountFrom:
Expand Down Expand Up @@ -1069,8 +1036,6 @@ spec:
type: object
type: object
type: object
cipher-suite:
type: string
key_file:
properties:
mountFrom:
Expand Down Expand Up @@ -1104,19 +1069,6 @@ spec:
type: object
type: object
type: object
peer_verify:
type: boolean
ssl_version:
enum:
- sslv3
- tlsv1
- tlsv1_0
- tlsv1_1
- tlsv1_2
- tlsv1_3
type: string
use-system-cert-store:
type: boolean
type: object
type: object
batch-lines:
Expand Down
48 changes: 0 additions & 48 deletions config/crd/bases/logging.banzaicloud.io_syslogngclusteroutputs.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -974,39 +974,6 @@ spec:
type: object
tls:
properties:
ca_dir:
properties:
mountFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
type: object
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
type: object
type: object
ca_file:
properties:
mountFrom:
Expand Down Expand Up @@ -1073,8 +1040,6 @@ spec:
type: object
type: object
type: object
cipher-suite:
type: string
key_file:
properties:
mountFrom:
Expand Down Expand Up @@ -1108,19 +1073,6 @@ spec:
type: object
type: object
type: object
peer_verify:
type: boolean
ssl_version:
enum:
- sslv3
- tlsv1
- tlsv1_0
- tlsv1_1
- tlsv1_2
- tlsv1_3
type: string
use-system-cert-store:
type: boolean
type: object
type: object
batch-lines:
Expand Down
48 changes: 0 additions & 48 deletions config/crd/bases/logging.banzaicloud.io_syslogngoutputs.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -970,39 +970,6 @@ spec:
type: object
tls:
properties:
ca_dir:
properties:
mountFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
type: object
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
type: object
type: object
ca_file:
properties:
mountFrom:
Expand Down Expand Up @@ -1069,8 +1036,6 @@ spec:
type: object
type: object
type: object
cipher-suite:
type: string
key_file:
properties:
mountFrom:
Expand Down Expand Up @@ -1104,19 +1069,6 @@ spec:
type: object
type: object
type: object
peer_verify:
type: boolean
ssl_version:
enum:
- sslv3
- tlsv1
- tlsv1_0
- tlsv1_1
- tlsv1_2
- tlsv1_3
type: string
use-system-cert-store:
type: boolean
type: object
type: object
batch-lines:
Expand Down
4 changes: 3 additions & 1 deletion docs/configuration/plugins/syslogng-outputs/auth.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ generated_file: true
## Configuration
## Auth

Authentication settings. Only one authentication method can be set. Default: Insecure

### adc (*ADC, optional) {#auth-adc}

Application Default Credentials (ADC).
Expand All @@ -26,7 +28,7 @@ Application Layer Transport Security (ALTS) is a simple to use authentication, o
This is the default method, authentication is disabled (`auth(insecure())`).


### tls (*TLS, optional) {#auth-tls}
### tls (*GrpcTLS, optional) {#auth-tls}

This option sets various options related to TLS encryption, for example, key/certificate files and trusted CA locations. TLS can be used only with tcp-based transport protocols. For details, see [TLS for syslog-ng outputs](../tls/) and the [documentation of the AxoSyslog syslog-ng distribution](https://axoflow.com/docs/axosyslog-core/chapter-encrypted-transport-tls/tlsoptions).

Expand Down
18 changes: 18 additions & 0 deletions docs/configuration/plugins/syslogng-outputs/tls.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,3 +52,21 @@ Use the certificate store of the system for verifying HTTPS certificates. For de



## GrpcTLS

### ca_file (*secret.Secret, optional) {#grpctls-ca_file}

The name of a file that contains a set of trusted CA certificates in PEM format. (Optional) For details, see the [AxoSyslog Core documentation](https://axoflow.com/docs/axosyslog-core/chapter-encrypted-transport-tls/tlsoptions/#ca-file).


### cert_file (*secret.Secret, optional) {#grpctls-cert_file}

Name of a file, that contains an X.509 certificate (or a certificate chain) in PEM format, suitable as a TLS certificate, matching the private key set in the key-file() option. For details, see the [AxoSyslog Core documentation](https://axoflow.com/docs/axosyslog-core/chapter-encrypted-transport-tls/tlsoptions/#cert-file).


### key_file (*secret.Secret, optional) {#grpctls-key_file}

The name of a file that contains an unencrypted private key in PEM format, suitable as a TLS key. For details, see the [AxoSyslog Core documentation](https://axoflow.com/docs/axosyslog-core/chapter-encrypted-transport-tls/tlsoptions/#key-file).



Loading

0 comments on commit ec3f380

Please sign in to comment.