Merge "[AAI] Add option to disable access logging for liveness probes"
diff --git a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml
index 5ddd293..07919a9 100644
--- a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml
+++ b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml
@@ -27,14 +27,17 @@
 <configuration>

   <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />

 

-  <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}'/>

+  <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}' />

   <property name="maxHistory" value='{{.Values.accessLogback.maxHistory}}' />

   <property name="totalSizeCap" value='{{.Values.accessLogback.totalSizeCap}}' />

+  <property name="livenessAccessLogEnabled"

+    value='{{.Values.accessLogback.livenessAccessLogEnabled}}' />

+

 

   <if condition='property("logToFileEnabled").contains("true")'>

     <then>

       <appender name="ACCESS"

-                class="ch.qos.logback.core.rolling.RollingFileAppender">

+        class="ch.qos.logback.core.rolling.RollingFileAppender">

         <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>

         <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

           <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}.zip

@@ -43,17 +46,36 @@
           <totalSizeCap>${totalSizeCap}</totalSizeCap>

         </rollingPolicy>

         <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">

-          <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>

+          <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}

+            %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU}

+            %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST}

+            %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter}

+            %i{X-AAI-SSL-Client-DN} %D</Pattern>

         </encoder>

       </appender>

-      <appender-ref ref="ACCESS"/>

+      <appender-ref ref="ACCESS" />

     </then>

   </if>

 

   <appender name="STDOUTACCESS" class="ch.qos.logback.core.ConsoleAppender">

     <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">

-      <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D - "logType": "access"</Pattern>

+      <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}

+        %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O}

+        %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C}

+        %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D -

+        "logType": "access"</Pattern>

     </encoder>

+    <if condition='property("livenessAccessLogEnabled").contains("false")'>

+      <then>

+        <filter class="ch.qos.logback.core.filter.EvaluatorFilter">

+          <evaluator class="ch.qos.logback.access.net.URLEvaluator">

+            <URL>/aai/util/echo</URL>

+          </evaluator>

+          <OnMismatch>NEUTRAL</OnMismatch>

+          <OnMatch>DENY</OnMatch>

+        </filter>

+      </then>

+    </if>

   </appender>

 

   <appender-ref ref="STDOUTACCESS" />

@@ -83,5 +105,4 @@
 %z - Custom pattern that parses the cert for the subject

 %y - Custom pattern determines rest or dme2

 -->

-*/}}

-

+*/}}
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml
index 3a4d568..6bcc0f8 100644
--- a/kubernetes/aai/components/aai-resources/values.yaml
+++ b/kubernetes/aai/components/aai-resources/values.yaml
@@ -330,6 +330,7 @@
   queueSize: 1000
 
 accessLogback:
+  livenessAccessLogEnabled: false # false: do not log kubernetes liveness probes
   logToFileEnabled: false
   maxHistory: 7
   totalSizeCap: 1GB
diff --git a/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml b/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml
index 1d32a52..5e3a15c 100644
--- a/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml
+++ b/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml
@@ -21,35 +21,56 @@
 -->

 */}}

 <configuration scan="true" scanPeriod="60 seconds" debug="false">

-    <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />

-    <property name="maxHistory" value='{{.Values.accessLogback.maxHistory}}' />

-    <property name="totalSizeCap" value='{{.Values.accessLogback.totalSizeCap}}' />

-    <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}'/>

+  <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />

+  <property name="maxHistory" value='{{.Values.accessLogback.maxHistory}}' />

+  <property name="totalSizeCap" value='{{.Values.accessLogback.totalSizeCap}}' />

+  <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}' />

+  <property name="livenessAccessLogEnabled"

+    value='{{.Values.accessLogback.livenessAccessLogEnabled}}' />

 

-    <if condition='property("logToFileEnabled").contains("true")'>

-        <then>

-            <appender name="ACCESS" class="ch.qos.logback.core.rolling.RollingFileAppender">

-                <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>

-                <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-                    <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}

-                    </fileNamePattern>

-                    <maxHistory>${maxHistory}</maxHistory>

-                    <totalSizeCap>${totalSizeCap}</totalSizeCap>

-                </rollingPolicy>

-                <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">

-                    <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>

-                </encoder>

-            </appender>

-            <appender-ref ref="ACCESS" />

-        </then>

-    </if>

-

-    <appender name="STDOUTACCESS" class="ch.qos.logback.core.ConsoleAppender">

+  <if condition='property("logToFileEnabled").contains("true")'>

+    <then>

+      <appender name="ACCESS" class="ch.qos.logback.core.rolling.RollingFileAppender">

+        <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>

+        <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+          <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}

+          </fileNamePattern>

+          <maxHistory>${maxHistory}</maxHistory>

+          <totalSizeCap>${totalSizeCap}</totalSizeCap>

+        </rollingPolicy>

         <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">

-            <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D - "logType": "access"</Pattern>

+          <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}

+            %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU}

+            %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST}

+            %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter}

+            %i{X-AAI-SSL-Client-DN} %D</Pattern>

         </encoder>

-    </appender>

-    <appender-ref ref="STDOUTACCESS" />

+      </appender>

+      <appender-ref ref="ACCESS" />

+    </then>

+  </if>

+

+  <appender name="STDOUTACCESS" class="ch.qos.logback.core.ConsoleAppender">

+    <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">

+      <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}

+        %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O}

+        %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C}

+        %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D -

+        "logType": "access"</Pattern>

+    </encoder>

+    <if condition='property("livenessAccessLogEnabled").contains("false")'>

+      <then>

+        <filter class="ch.qos.logback.core.filter.EvaluatorFilter">

+          <evaluator class="ch.qos.logback.access.net.URLEvaluator">

+            <URL>/aai/util/echo</URL>

+          </evaluator>

+          <OnMismatch>NEUTRAL</OnMismatch>

+          <OnMatch>DENY</OnMatch>

+        </filter>

+      </then>

+    </if>

+  </appender>

+  <appender-ref ref="STDOUTACCESS" />

 </configuration>

 {{/*<!--

 %a - Remote IP address

diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml
index 2b7e78f..a3772d8 100644
--- a/kubernetes/aai/components/aai-traversal/values.yaml
+++ b/kubernetes/aai/components/aai-traversal/values.yaml
@@ -248,6 +248,7 @@
   queueSize: 1000
 
 accessLogback:
+  livenessAccessLogEnabled: false # false: do not log kubernetes liveness probes
   logToFileEnabled: false
   maxHistory: 7
   totalSizeCap: 6GB