Add fixes to user logging in calicoctl utility container logs

Change-Id: If50de7431166764b7a6e75e836ffa6956637e4d7

calicoctl-utility/templates/bin/_bootstrap.sh.tpl

@@ -15,4 +15,5 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 
+sudo /tmp/override-oslo-rootwrap-logging.sh
 exec sudo socat -d -v -s -t0 -T0 -u UNIX-RECV:/dev/log,reuseaddr stdout

calicoctl-utility/templates/bin/_override-oslo-rootwrap-logging.sh.tpl

@@ -0,0 +1,26 @@
+#!/bin/sh
+{{/*
+Copyright 2019 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+{{/*
+These lines will disable extra handler, extra formatter, extra level to the
+root logger by oslo-rootwrap module, imported in _openstack-utility-rootwrap.tpl.
+These lines will get rid of duplicate logs, generated because of the formatter
+attached by oslo-rootwrap.
+*/}}
+sed -i "/rootwrap_logger.setLevel/s/.*/#&/" /usr/lib/python2.7/site-packages/oslo_rootwrap/wrapper.py
+sed -i "/handler.setFormatter/s/.*/#&/" /usr/lib/python2.7/site-packages/oslo_rootwrap/wrapper.py
+sed -i "/os.path.basename/s/.*/#&/" /usr/lib/python2.7/site-packages/oslo_rootwrap/wrapper.py
+sed -i "/rootwrap_logger.addHandler/s/.*/#&/" /usr/lib/python2.7/site-packages/oslo_rootwrap/wrapper.py

calicoctl-utility/templates/bin/_utilscli-sudo.tpl

@@ -14,7 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 
-nobody ALL=SETENV: NOPASSWD: /usr/bin/socat -d -v -s -t0 -T0 -u \
+nobody ALL=SETENV: NOPASSWD: /tmp/override-oslo-rootwrap-logging.sh, \
+  /usr/bin/socat -d -v -s -t0 -T0 -u \
   UNIX-RECV\:/dev/log\,reuseaddr stdout, \
   /usr/local/bin/calicoctl-utility-rootwrap /etc/calicoctl/rootwrap.conf *, \
   /usr/local/bin/calicoctl version

calicoctl-utility/templates/configmap-bin.yaml

@@ -25,6 +25,9 @@ data:
   image-repo-sync.sh: |
 {{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }}
 
+  override-oslo-rootwrap-logging.sh: |
+{{ tuple "bin/_override-oslo-rootwrap-logging.sh.tpl" . | include  "helm-toolkit.utils.template" | indent 4 }}
+
   calicoctl-utility-rootwrap: |
 {{ tuple "bin/_calicoctl-utility-rootwrap.tpl" . | include  "helm-toolkit.utils.template" | indent 4 }}
 

calicoctl-utility/templates/deployment-calicoctl-utility.yaml

@@ -141,6 +141,10 @@ spec:
               mountPath: /usr/local/bin/calicoctl-utility-rootwrap
               subPath: calicoctl-utility-rootwrap
               readOnly: true
+            - name: calicoctl-utility-bin
+              mountPath: /tmp/override-oslo-rootwrap-logging.sh
+              subPath: override-oslo-rootwrap-logging.sh
+              readOnly: true
             - name: calicoctl-utility-sudoers
               mountPath: /etc/sudoers.d/nobody
               subPath: utilscli-sudo

ceph-utility/templates/bin/utility/_ceph-utility-rootwrap.tpl

@@ -29,7 +29,7 @@ facility = {{ .Values.conf.cephrootwrap.DEFAULT.syslog_log_facility | quote }}
 if "AUSER" in os.environ:
     user_id = os.environ["AUSER"]
 elif {{ .Values.conf.utility.always_log_user | quote }} == 'true':
-    user_id = os.environ["AUSER"]
+    user_id = 'development site'
 else:
     print("No username set in AUSER environment variable, for security reasons access restricted from connecting to container.")
     exit()