Change args on modsecurity-log container to ignore file inaccessiblity

400ea587 · Alan Paruszewski · a256e32a · 400ea587 · 400ea587
Commit 400ea587 authored Apr 20, 2020 by Alan Paruszewski
Showing with 7 additions and 1 deletion

app/models/clusters/applications/ingress.rb app/models/clusters/applications/ingress.rb +1 -1

spec/models/clusters/applications/ingress_spec.rb spec/models/clusters/applications/ingress_spec.rb +6 -0

No files found.
--- a/app/models/clusters/applications/ingress.rb
+++ b/app/models/clusters/applications/ingress.rb
@@ -98,7 +98,7 @@ module Clusters
                "args" => [
                  "/bin/sh",
                  "-c",
-                  "tail -f /var/log/modsec/audit.log"
+                  "tail -F /var/log/modsec/audit.log"
                ],
                "volumeMounts" => [
                  {

--- a/spec/models/clusters/applications/ingress_spec.rb
+++ b/spec/models/clusters/applications/ingress_spec.rb
@@ -220,6 +220,12 @@ describe Clusters::Applications::Ingress do
        expect(subject.values).to include('extraContainers')
      end
+      it 'executes command to tail modsecurity logs with -F option' do
+        args = YAML.safe_load(subject.values).dig('controller', 'extraContainers', 0, 'args')
+        expect(args).to eq(['/bin/sh', '-c', 'tail -F /var/log/modsec/audit.log'])
+      end
      it 'includes livenessProbe for modsecurity sidecar container' do
        probe_config = YAML.safe_load(subject.values).dig('controller', 'extraContainers', 0, 'livenessProbe')