Merge branch 'main' into doc-review/replicating-blumeops

2026-05-11 16:11:37 -07:00 · 2026-05-11 16:11:14 -07:00 · 2026-05-11 16:11:14 -07:00
commit 89cf089edc
2 changed files with 9 additions and 4 deletions
--- a/compensating-controls.yaml
+++ b/compensating-controls.yaml
@ -196,11 +196,15 @@ controls:
    description: >-
      Alloy collects pod logs and ships them to Loki, providing an
      audit trail for cluster activity. Compensates for missing
-      apiserver audit logging which minikube does not configure.
+      apiserver audit logging which neither minikube (indri) nor
+      k3s (ringtail) configures by default.
    created: 2026-03-30
-    last-reviewed: 2026-03-30
+    last-reviewed: 2026-05-11
    notes: >-
-      Verify Alloy DaemonSet is running and Loki is receiving logs.
+      Verify Alloy DaemonSet is running on each cluster (alloy-k8s on
+      minikube, alloy-ringtail on k3s) and Loki is receiving logs.
      Note this is weaker than native apiserver audit logs — it
      captures pod stdout/stderr, not API request-level auditing.
-      Consider enabling minikube audit logging if supported.
+      Consider enabling apiserver audit logging on k3s post-migration
+      (`--audit-log-path` / `--audit-policy-file`) — minikube made it
+      hard, k3s makes it straightforward.
--- a/docs/changelog.d/review-cc-observability-stack-audit-2026-05-11.infra.md
+++ b/docs/changelog.d/review-cc-observability-stack-audit-2026-05-11.infra.md
@ -0,0 +1 @@
+Reviewed compensating control `observability-stack-audit`. Updated description to cover ringtail's k3s as well as indri's minikube; both Alloy DaemonSets and Loki are healthy.
				`@ -0,0 +1 @@`
				Reviewed compensating control `observability-stack-audit`. Updated description to cover ringtail's k3s as well as indri's minikube; both Alloy DaemonSets and Loki are healthy.