diff --git a/cmd/minikube/cmd/root.go b/cmd/minikube/cmd/root.go index 1ef8e2fadf26..a29886b5b207 100644 --- a/cmd/minikube/cmd/root.go +++ b/cmd/minikube/cmd/root.go @@ -23,6 +23,7 @@ import ( "path/filepath" "runtime" "strings" + "time" "github.com/spf13/cobra" "github.com/spf13/pflag" @@ -31,10 +32,12 @@ import ( "k8s.io/kubectl/pkg/util/templates" configCmd "k8s.io/minikube/cmd/minikube/cmd/config" "k8s.io/minikube/pkg/drivers/kic/oci" + "k8s.io/minikube/pkg/minikube/audit" "k8s.io/minikube/pkg/minikube/config" "k8s.io/minikube/pkg/minikube/constants" "k8s.io/minikube/pkg/minikube/exit" "k8s.io/minikube/pkg/minikube/localpath" + "k8s.io/minikube/pkg/minikube/out" "k8s.io/minikube/pkg/minikube/reason" "k8s.io/minikube/pkg/minikube/translate" ) @@ -62,12 +65,19 @@ var RootCmd = &cobra.Command{ exit.Error(reason.HostHomeMkdir, "Error creating minikube directory", err) } } + userName := viper.GetString(config.UserFlag) + if !validateUsername(userName) { + out.WarningT("User name '{{.username}}' is not valid", out.V{"username": userName}) + exit.Message(reason.Usage, "User name must be 60 chars or less.") + } }, } // Execute adds all child commands to the root command sets flags appropriately. // This is called by main.main(). It only needs to happen once to the rootCmd. func Execute() { + defer audit.Log(time.Now()) + _, callingCmd := filepath.Split(os.Args[0]) if callingCmd == "kubectl" { @@ -170,6 +180,7 @@ func init() { RootCmd.PersistentFlags().StringP(config.ProfileName, "p", constants.DefaultClusterName, `The name of the minikube VM being used. This can be set to allow having multiple instances of minikube independently.`) RootCmd.PersistentFlags().StringP(configCmd.Bootstrapper, "b", "kubeadm", "The name of the cluster bootstrapper that will set up the Kubernetes cluster.") + RootCmd.PersistentFlags().String(config.UserFlag, "", "Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username.") groups := templates.CommandGroups{ { @@ -280,3 +291,7 @@ func addToPath(dir string) { klog.Infof("Updating PATH: %s", dir) os.Setenv("PATH", new) } + +func validateUsername(name string) bool { + return len(name) <= 60 +} diff --git a/go.sum b/go.sum index 6540c3a4912c..3f6096a3a3ed 100644 --- a/go.sum +++ b/go.sum @@ -986,8 +986,6 @@ github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1 github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= -github.com/ulikunitz/xz v0.5.5 h1:pFrO0lVpTBXLpYw+pnLj6TbvHuyjXMfjGeCwSqCVwok= -github.com/ulikunitz/xz v0.5.5/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8= github.com/ulikunitz/xz v0.5.8 h1:ERv8V6GKqVi23rgu5cj9pVfVzJbOqAY2Ntl88O6c2nQ= github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/ultraware/funlen v0.0.1/go.mod h1:Dp4UiAus7Wdb9KUZsYWZEWiRzGuM2kXM1lPbfaF6xhA= diff --git a/pkg/minikube/audit/audit.go b/pkg/minikube/audit/audit.go new file mode 100644 index 000000000000..83b0ee98c2c7 --- /dev/null +++ b/pkg/minikube/audit/audit.go @@ -0,0 +1,78 @@ +/* +Copyright 2020 The Kubernetes Authors All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package audit + +import ( + "os" + "os/user" + "strings" + "time" + + "github.com/spf13/viper" + "k8s.io/klog" + "k8s.io/minikube/pkg/minikube/config" +) + +// userName pulls the user flag, if empty gets the os username. +func userName() string { + u := viper.GetString(config.UserFlag) + if u != "" { + return u + } + osUser, err := user.Current() + if err != nil { + return "UNKNOWN" + } + return osUser.Username +} + +// args concats the args into space delimited string. +func args() string { + // first arg is binary and second is command, anything beyond is a minikube arg + if len(os.Args) < 3 { + return "" + } + return strings.Join(os.Args[2:], " ") +} + +// Log details about the executed command. +func Log(startTime time.Time) { + if !shouldLog() { + return + } + e := newEntry(os.Args[1], args(), userName(), startTime, time.Now()) + if err := appendToLog(e); err != nil { + klog.Error(err) + } +} + +// shouldLog returns if the command should be logged. +func shouldLog() bool { + // commands that should not be logged. + no := []string{"status", "version"} + // in rare chance we get here without a command, don't log + if len(os.Args) < 2 { + return false + } + a := os.Args[1] + for _, c := range no { + if a == c { + return false + } + } + return true +} diff --git a/pkg/minikube/audit/audit_test.go b/pkg/minikube/audit/audit_test.go new file mode 100644 index 000000000000..82a1eb005f44 --- /dev/null +++ b/pkg/minikube/audit/audit_test.go @@ -0,0 +1,129 @@ +/* +Copyright 2020 The Kubernetes Authors All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package audit + +import ( + "os" + "os/user" + "testing" + + "github.com/spf13/viper" + "k8s.io/minikube/pkg/minikube/config" +) + +func TestAudit(t *testing.T) { + t.Run("Username", func(t *testing.T) { + u, err := user.Current() + if err != nil { + t.Fatal(err) + } + + tests := []struct { + userFlag string + want string + }{ + { + "testUser", + "testUser", + }, + { + "", + u.Username, + }, + } + + for _, test := range tests { + viper.Set(config.UserFlag, test.userFlag) + + got := userName() + + if got != test.want { + t.Errorf("userFlag = %q; username() = %q; want %q", test.userFlag, got, test.want) + } + } + }) + + t.Run("Args", func(t *testing.T) { + oldArgs := os.Args + defer func() { os.Args = oldArgs }() + + tests := []struct { + args []string + want string + }{ + { + []string{"minikube", "start"}, + "", + }, + { + []string{"minikube", "start", "--user", "testUser"}, + "--user testUser", + }, + } + + for _, test := range tests { + os.Args = test.args + + got := args() + + if got != test.want { + t.Errorf("os.Args = %q; args() = %q; want %q", os.Args, got, test.want) + } + } + }) + + t.Run("ShouldLog", func(t *testing.T) { + oldArgs := os.Args + defer func() { os.Args = oldArgs }() + + tests := []struct { + args []string + want bool + }{ + { + []string{"minikube", "start"}, + true, + }, + { + []string{"minikube", "delete"}, + true, + }, + { + []string{"minikube", "status"}, + false, + }, + { + []string{"minikube", "version"}, + false, + }, + { + []string{"minikube"}, + false, + }, + } + + for _, test := range tests { + os.Args = test.args + + got := shouldLog() + + if got != test.want { + t.Errorf("os.Args = %q; shouldLog() = %t; want %t", os.Args, got, test.want) + } + } + }) +} diff --git a/pkg/minikube/audit/entry.go b/pkg/minikube/audit/entry.go new file mode 100644 index 000000000000..75b32af9a099 --- /dev/null +++ b/pkg/minikube/audit/entry.go @@ -0,0 +1,49 @@ +/* +Copyright 2020 The Kubernetes Authors All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package audit + +import ( + "time" + + "github.com/spf13/viper" + "k8s.io/minikube/pkg/minikube/config" + "k8s.io/minikube/pkg/minikube/constants" +) + +// entry represents the execution of a command. +type entry struct { + data map[string]string +} + +// Type returns the cloud events compatible type of this struct. +func (e *entry) Type() string { + return "io.k8s.sigs.minikube.audit" +} + +// newEntry returns a new audit type. +func newEntry(command string, args string, user string, startTime time.Time, endTime time.Time) *entry { + return &entry{ + map[string]string{ + "args": args, + "command": command, + "endTime": endTime.Format(constants.TimeFormat), + "profile": viper.GetString(config.ProfileName), + "startTime": startTime.Format(constants.TimeFormat), + "user": user, + }, + } +} diff --git a/pkg/minikube/audit/logFile.go b/pkg/minikube/audit/logFile.go new file mode 100644 index 000000000000..1d2428441230 --- /dev/null +++ b/pkg/minikube/audit/logFile.go @@ -0,0 +1,57 @@ +/* +Copyright 2020 The Kubernetes Authors All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package audit + +import ( + "fmt" + "os" + + "k8s.io/minikube/pkg/minikube/localpath" + "k8s.io/minikube/pkg/minikube/out/register" +) + +// currentLogFile the file that's used to store audit logs +var currentLogFile *os.File + +// setLogFile sets the logPath and creates the log file if it doesn't exist. +func setLogFile() error { + lp := localpath.AuditLog() + f, err := os.OpenFile(lp, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644) + if err != nil { + return fmt.Errorf("unable to open %s: %v", lp, err) + } + currentLogFile = f + return nil +} + +// appendToLog appends the audit entry to the log file. +func appendToLog(entry *entry) error { + if currentLogFile == nil { + if err := setLogFile(); err != nil { + return err + } + } + e := register.CloudEvent(entry, entry.data) + bs, err := e.MarshalJSON() + if err != nil { + return fmt.Errorf("error marshalling event: %v", err) + } + if _, err := currentLogFile.WriteString(string(bs) + "\n"); err != nil { + return fmt.Errorf("unable to write to audit log: %v", err) + } + return nil +} diff --git a/pkg/minikube/audit/logFile_test.go b/pkg/minikube/audit/logFile_test.go new file mode 100644 index 000000000000..ccea362767ca --- /dev/null +++ b/pkg/minikube/audit/logFile_test.go @@ -0,0 +1,55 @@ +/* +Copyright 2020 The Kubernetes Authors All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package audit + +import ( + "io" + "io/ioutil" + "os" + "testing" + "time" +) + +func TestLogFile(t *testing.T) { + t.Run("SetLogFile", func(t *testing.T) { + if err := setLogFile(); err != nil { + t.Error(err) + } + }) + + t.Run("AppendToLog", func(t *testing.T) { + f, err := ioutil.TempFile("", "audit.json") + if err != nil { + t.Fatalf("Error creating temporary file: %v", err) + } + defer os.Remove(f.Name()) + + oldLogFile := *currentLogFile + defer func() { currentLogFile = &oldLogFile }() + currentLogFile = f + + e := newEntry("start", "-v", "user1", time.Now(), time.Now()) + if err := appendToLog(e); err != nil { + t.Fatalf("Error appendingToLog: %v", err) + } + + b := make([]byte, 100) + if _, err := f.Read(b); err != nil && err != io.EOF { + t.Errorf("Log was not appended to file: %v", err) + } + }) +} diff --git a/pkg/minikube/config/config.go b/pkg/minikube/config/config.go index 5fd296630cc9..ee7ff39b7f22 100644 --- a/pkg/minikube/config/config.go +++ b/pkg/minikube/config/config.go @@ -48,6 +48,8 @@ const ( ShowDriverDeprecationNotification = "ShowDriverDeprecationNotification" // ShowBootstrapperDeprecationNotification is the key for ShowBootstrapperDeprecationNotification ShowBootstrapperDeprecationNotification = "ShowBootstrapperDeprecationNotification" + // UserFlag is the key for the global user flag (ex. --user=user1) + UserFlag = "user" ) var ( diff --git a/pkg/minikube/constants/constants.go b/pkg/minikube/constants/constants.go index c14a97443f17..b51c68a3652b 100644 --- a/pkg/minikube/constants/constants.go +++ b/pkg/minikube/constants/constants.go @@ -19,6 +19,7 @@ package constants import ( "errors" "path/filepath" + "time" "k8s.io/client-go/tools/clientcmd" "k8s.io/client-go/util/homedir" @@ -96,6 +97,9 @@ const ( // ExistingContainerHostEnv is used to save original podman environment ExistingContainerHostEnv = MinikubeExistingPrefix + "CONTAINER_HOST" + + // TimeFormat is the format that should be used when outputting time + TimeFormat = time.RFC1123 ) var ( diff --git a/pkg/minikube/localpath/localpath.go b/pkg/minikube/localpath/localpath.go index 6d87c45d10b3..2699d51591cb 100644 --- a/pkg/minikube/localpath/localpath.go +++ b/pkg/minikube/localpath/localpath.go @@ -63,10 +63,17 @@ func Profile(name string) string { } // EventLog returns the path to a CloudEvents log +// This log contains the transient state of minikube and the completed steps on start. func EventLog(name string) string { return filepath.Join(Profile(name), "events.json") } +// AuditLog returns the path to the audit log. +// This log contains a history of commands run, by who, when, and what arguments. +func AuditLog() string { + return filepath.Join(MiniPath(), "logs", "audit.json") +} + // ClientCert returns client certificate path, used by kubeconfig func ClientCert(name string) string { new := filepath.Join(Profile(name), "client.crt") diff --git a/pkg/minikube/out/register/cloud_events.go b/pkg/minikube/out/register/cloud_events.go index 9a6ed1cd9ea7..bc89217d3cdb 100644 --- a/pkg/minikube/out/register/cloud_events.go +++ b/pkg/minikube/out/register/cloud_events.go @@ -63,8 +63,8 @@ func SetEventLogPath(path string) { eventFile = f } -// cloudEvent creates a CloudEvent from a log object & associated data -func cloudEvent(log Log, data map[string]string) cloudevents.Event { +// CloudEvent creates a CloudEvent from a log object & associated data +func CloudEvent(log Log, data map[string]string) cloudevents.Event { event := cloudevents.NewEvent() event.SetSource("https://minikube.sigs.k8s.io/") event.SetType(log.Type()) @@ -78,7 +78,7 @@ func cloudEvent(log Log, data map[string]string) cloudevents.Event { // print JSON output to configured writer func printAsCloudEvent(log Log, data map[string]string) { - event := cloudEvent(log, data) + event := CloudEvent(log, data) bs, err := event.MarshalJSON() if err != nil { @@ -90,7 +90,7 @@ func printAsCloudEvent(log Log, data map[string]string) { // print JSON output to configured writer, and record it to disk func printAndRecordCloudEvent(log Log, data map[string]string) { - event := cloudEvent(log, data) + event := CloudEvent(log, data) bs, err := event.MarshalJSON() if err != nil { @@ -118,7 +118,7 @@ func recordCloudEvent(log Log, data map[string]string) { } go func() { - event := cloudEvent(log, data) + event := CloudEvent(log, data) bs, err := event.MarshalJSON() if err != nil { klog.Errorf("error marshalling event: %v", err) diff --git a/site/content/en/docs/commands/addons.md b/site/content/en/docs/commands/addons.md index c558656d0dd5..5abbd05ffc3b 100644 --- a/site/content/en/docs/commands/addons.md +++ b/site/content/en/docs/commands/addons.md @@ -34,6 +34,7 @@ minikube addons SUBCOMMAND [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -67,6 +68,7 @@ minikube addons configure ADDON_NAME [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -100,6 +102,7 @@ minikube addons disable ADDON_NAME [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -133,6 +136,7 @@ minikube addons enable ADDON_NAME [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -167,6 +171,7 @@ minikube addons help [command] [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -206,6 +211,7 @@ minikube addons list [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -249,6 +255,7 @@ minikube addons open ADDON_NAME [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/cache.md b/site/content/en/docs/commands/cache.md index c5694102cb60..6f7eff26a93c 100644 --- a/site/content/en/docs/commands/cache.md +++ b/site/content/en/docs/commands/cache.md @@ -30,6 +30,7 @@ Add, delete, or push a local image into minikube --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -63,6 +64,7 @@ minikube cache add [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -96,6 +98,7 @@ minikube cache delete [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -130,6 +133,7 @@ minikube cache help [command] [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -170,6 +174,7 @@ minikube cache list [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -203,6 +208,7 @@ minikube cache reload [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/completion.md b/site/content/en/docs/commands/completion.md index 0b10bf41d9b6..a48b575df072 100644 --- a/site/content/en/docs/commands/completion.md +++ b/site/content/en/docs/commands/completion.md @@ -55,6 +55,7 @@ minikube completion SHELL [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/config.md b/site/content/en/docs/commands/config.md index 556be2b56b5f..e4ad6a2e77d8 100644 --- a/site/content/en/docs/commands/config.md +++ b/site/content/en/docs/commands/config.md @@ -64,6 +64,7 @@ minikube config SUBCOMMAND [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -106,6 +107,7 @@ minikube config defaults PROPERTY_NAME [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -139,6 +141,7 @@ minikube config get PROPERTY_NAME [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -173,6 +176,7 @@ minikube config help [command] [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -207,6 +211,7 @@ minikube config set PROPERTY_NAME PROPERTY_VALUE [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -240,6 +245,7 @@ minikube config unset PROPERTY_NAME [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -280,6 +286,7 @@ minikube config view [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/dashboard.md b/site/content/en/docs/commands/dashboard.md index a4cba95564e2..784ec07ef30b 100644 --- a/site/content/en/docs/commands/dashboard.md +++ b/site/content/en/docs/commands/dashboard.md @@ -40,6 +40,7 @@ minikube dashboard [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/delete.md b/site/content/en/docs/commands/delete.md index 65310fdea5b1..2c8576ebc3fd 100644 --- a/site/content/en/docs/commands/delete.md +++ b/site/content/en/docs/commands/delete.md @@ -42,6 +42,7 @@ minikube delete [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/docker-env.md b/site/content/en/docs/commands/docker-env.md index c7bd2615aff8..97273ff4fb0a 100644 --- a/site/content/en/docs/commands/docker-env.md +++ b/site/content/en/docs/commands/docker-env.md @@ -44,6 +44,7 @@ minikube docker-env [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/help.md b/site/content/en/docs/commands/help.md index 3bc45fe4e96c..bdfd5d7df8a9 100644 --- a/site/content/en/docs/commands/help.md +++ b/site/content/en/docs/commands/help.md @@ -35,6 +35,7 @@ minikube help [command] [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/ip.md b/site/content/en/docs/commands/ip.md index a460649225eb..33a01a0c6945 100644 --- a/site/content/en/docs/commands/ip.md +++ b/site/content/en/docs/commands/ip.md @@ -40,6 +40,7 @@ minikube ip [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/kubectl.md b/site/content/en/docs/commands/kubectl.md index f3e231b35c35..5d96e314c006 100644 --- a/site/content/en/docs/commands/kubectl.md +++ b/site/content/en/docs/commands/kubectl.md @@ -38,6 +38,7 @@ minikube kubectl [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/logs.md b/site/content/en/docs/commands/logs.md index f84208137c1d..794755c319fc 100644 --- a/site/content/en/docs/commands/logs.md +++ b/site/content/en/docs/commands/logs.md @@ -43,6 +43,7 @@ minikube logs [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/mount.md b/site/content/en/docs/commands/mount.md index 3d6409c178a3..cecac7bfec3a 100644 --- a/site/content/en/docs/commands/mount.md +++ b/site/content/en/docs/commands/mount.md @@ -48,6 +48,7 @@ minikube mount [flags] : --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/node.md b/site/content/en/docs/commands/node.md index 79778a7dfa32..92611db68bd5 100644 --- a/site/content/en/docs/commands/node.md +++ b/site/content/en/docs/commands/node.md @@ -34,6 +34,7 @@ minikube node [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -75,6 +76,7 @@ minikube node add [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -108,6 +110,7 @@ minikube node delete [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -142,6 +145,7 @@ minikube node help [command] [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -175,6 +179,7 @@ minikube node list [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -214,6 +219,7 @@ minikube node start [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -247,6 +253,7 @@ minikube node stop [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/pause.md b/site/content/en/docs/commands/pause.md index b6463f1ff9b5..b8bb88d28c61 100644 --- a/site/content/en/docs/commands/pause.md +++ b/site/content/en/docs/commands/pause.md @@ -42,6 +42,7 @@ minikube pause [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/podman-env.md b/site/content/en/docs/commands/podman-env.md index 4ea853f8e1d9..d17d985b3640 100644 --- a/site/content/en/docs/commands/podman-env.md +++ b/site/content/en/docs/commands/podman-env.md @@ -41,6 +41,7 @@ minikube podman-env [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/profile.md b/site/content/en/docs/commands/profile.md index 9f26ea434f11..6bd445f828a1 100644 --- a/site/content/en/docs/commands/profile.md +++ b/site/content/en/docs/commands/profile.md @@ -34,6 +34,7 @@ minikube profile [MINIKUBE_PROFILE_NAME]. You can return to the default minikub --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -68,6 +69,7 @@ minikube profile help [command] [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -107,6 +109,7 @@ minikube profile list [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/service.md b/site/content/en/docs/commands/service.md index e10846d67009..6b0fd7d3e204 100644 --- a/site/content/en/docs/commands/service.md +++ b/site/content/en/docs/commands/service.md @@ -45,6 +45,7 @@ minikube service [flags] SERVICE --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -80,6 +81,7 @@ minikube service help [command] [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` @@ -120,6 +122,7 @@ minikube service list [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/ssh-host.md b/site/content/en/docs/commands/ssh-host.md index 38ad0b875060..f034d94bfea2 100644 --- a/site/content/en/docs/commands/ssh-host.md +++ b/site/content/en/docs/commands/ssh-host.md @@ -41,6 +41,7 @@ minikube ssh-host [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/ssh-key.md b/site/content/en/docs/commands/ssh-key.md index 76687f73770a..6b6c4bfc2334 100644 --- a/site/content/en/docs/commands/ssh-key.md +++ b/site/content/en/docs/commands/ssh-key.md @@ -40,6 +40,7 @@ minikube ssh-key [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/ssh.md b/site/content/en/docs/commands/ssh.md index bf37dedc52a1..4263ef11992e 100644 --- a/site/content/en/docs/commands/ssh.md +++ b/site/content/en/docs/commands/ssh.md @@ -41,6 +41,7 @@ minikube ssh [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/start.md b/site/content/en/docs/commands/start.md index aac90df39d8b..a05c86f8b2e9 100644 --- a/site/content/en/docs/commands/start.md +++ b/site/content/en/docs/commands/start.md @@ -113,6 +113,7 @@ minikube start [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/status.md b/site/content/en/docs/commands/status.md index e5c3c89e7dd5..3ff510a84462 100644 --- a/site/content/en/docs/commands/status.md +++ b/site/content/en/docs/commands/status.md @@ -47,6 +47,7 @@ minikube status [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/stop.md b/site/content/en/docs/commands/stop.md index 34db14a875f4..565ebcdb7e4b 100644 --- a/site/content/en/docs/commands/stop.md +++ b/site/content/en/docs/commands/stop.md @@ -43,6 +43,7 @@ minikube stop [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/tunnel.md b/site/content/en/docs/commands/tunnel.md index 62cc1510265c..02cd1579367e 100644 --- a/site/content/en/docs/commands/tunnel.md +++ b/site/content/en/docs/commands/tunnel.md @@ -40,6 +40,7 @@ minikube tunnel [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/unpause.md b/site/content/en/docs/commands/unpause.md index 5ee5c52a7be4..19646750bccb 100644 --- a/site/content/en/docs/commands/unpause.md +++ b/site/content/en/docs/commands/unpause.md @@ -42,6 +42,7 @@ minikube unpause [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/update-check.md b/site/content/en/docs/commands/update-check.md index f4a66c76022f..f30b0663b450 100644 --- a/site/content/en/docs/commands/update-check.md +++ b/site/content/en/docs/commands/update-check.md @@ -34,6 +34,7 @@ minikube update-check [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/update-context.md b/site/content/en/docs/commands/update-context.md index 2725cb81d289..266fd0e3cb56 100644 --- a/site/content/en/docs/commands/update-context.md +++ b/site/content/en/docs/commands/update-context.md @@ -35,6 +35,7 @@ minikube update-context [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/site/content/en/docs/commands/version.md b/site/content/en/docs/commands/version.md index fc223a2e77f5..0bd908fdf3f0 100644 --- a/site/content/en/docs/commands/version.md +++ b/site/content/en/docs/commands/version.md @@ -41,6 +41,7 @@ minikube version [flags] --skip_headers If true, avoid header prefixes in the log messages --skip_log_headers If true, avoid headers when opening log files --stderrthreshold severity logs at or above this threshold go to stderr (default 2) + --user string Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username. -v, --v Level number for the log level verbosity --vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging ``` diff --git a/test/integration/functional_test.go b/test/integration/functional_test.go index 1b4b0099066f..48b2c1b70924 100644 --- a/test/integration/functional_test.go +++ b/test/integration/functional_test.go @@ -239,6 +239,16 @@ func validateStartWithProxy(ctx context.Context, t *testing.T, profile string) { if !strings.Contains(rr.Stderr.String(), want) { t.Errorf("start stderr=%s, want: *%s*", rr.Stderr.String(), want) } + + t.Run("Audit", func(t *testing.T) { + got, err := auditContains(profile) + if err != nil { + t.Fatalf("failed to check audit log: %v", err) + } + if !got { + t.Errorf("audit.json does not contain the profile %q", profile) + } + }) } // validateSoftStart validates that after minikube already started, a "minikube start" should not change the configs. @@ -272,6 +282,15 @@ func validateSoftStart(ctx context.Context, t *testing.T, profile string) { t.Errorf("expected node port in the config not change after soft start. exepceted node port to be %d but got %d.", apiPortTest, afterCfg.Config.KubernetesConfig.NodePort) } + t.Run("Audit", func(t *testing.T) { + got, err := auditContains(profile) + if err != nil { + t.Fatalf("failed to check audit log: %v", err) + } + if !got { + t.Errorf("audit.json does not contain the profile %q", profile) + } + }) } // validateKubeContext asserts that kubectl is properly configured (race-condition prone!) diff --git a/test/integration/json_output_test.go b/test/integration/json_output_test.go index 01dfa6feb341..1d4173725edc 100644 --- a/test/integration/json_output_test.go +++ b/test/integration/json_output_test.go @@ -54,7 +54,7 @@ func TestJSONOutput(t *testing.T) { for _, test := range tests { t.Run(test.command, func(t *testing.T) { - args := []string{test.command, "-p", profile, "--output=json"} + args := []string{test.command, "-p", profile, "--output=json", "--user=testUser"} args = append(args, test.args...) rr, err := Run(t, exec.CommandContext(ctx, Target(), args...)) @@ -67,6 +67,16 @@ func TestJSONOutput(t *testing.T) { t.Fatalf("converting to cloud events: %v\n", err) } + t.Run("Audit", func(t *testing.T) { + got, err := auditContains("testUser") + if err != nil { + t.Fatalf("failed to check audit log: %v", err) + } + if !got { + t.Errorf("audit.json does not contain the user testUser") + } + }) + type validateJSONOutputFunc func(context.Context, *testing.T, []*cloudEvent) t.Run("parallel", func(t *testing.T) { parallelTests := []struct { diff --git a/test/integration/util_test.go b/test/integration/util_test.go index ebfd9ad3d210..c924b78c2e18 100644 --- a/test/integration/util_test.go +++ b/test/integration/util_test.go @@ -20,7 +20,10 @@ import ( "bufio" "fmt" "os" + "strings" "time" + + "k8s.io/minikube/pkg/minikube/localpath" ) // ReadLineWithTimeout reads a line of text from a buffer with a timeout @@ -59,3 +62,20 @@ func UniqueProfileName(prefix string) string { // example: prefix-20200413162239-3215 return fmt.Sprintf("%s-%s-%d", prefix, time.Now().Format("20060102150405"), os.Getpid()) } + +// auditContains checks if the provided string is contained within the logs. +func auditContains(substr string) (bool, error) { + f, err := os.Open(localpath.AuditLog()) + if err != nil { + return false, fmt.Errorf("Unable to open file %s: %v", localpath.AuditLog(), err) + } + defer f.Close() + + s := bufio.NewScanner(f) + for s.Scan() { + if strings.Contains(s.Text(), substr) { + return true, nil + } + } + return false, nil +}