KFLUXBUGS-1610 - Update logging operator to 6.0.2. to pick up changes… (

#5071)

* KFLUXBUGS-1610 - Update logging operator to 6.0.2. to pick up changes to better troubleshoot long log lines being dropped

* KFLUXBUGS-1610 - Hold Logging Operator back on Prod

components/monitoring/logging/base/configure-logging/configure-logforwarder.yaml

@@ -1,34 +1,49 @@
 ---
-apiVersion: logging.openshift.io/v1
+apiVersion: observability.openshift.io/v1
 kind: ClusterLogForwarder
 metadata:
   annotations:
     argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
     argocd.argoproj.io/sync-wave: "1"
   name: instance
 spec:
+  collector:
+    resources:
+      limits: {}
+      requests: {}
+    nodeSelector: {}
+    tolerations: {}
   outputs:
     - name: splunk-receiver-application
-      secret:
-        name: log-forwarder-splunk-rhtap-application-secret
       type: splunk
-      url: https://http-inputs-rhcorporate.splunkcloud.com
+      splunk:
+        url: https://http-inputs-rhcorporate.splunkcloud.com
+        authentication:
+          token: log-forwarder-splunk-rhtap-application-secret
     - name: splunk-receiver-audit
-      secret:
-        name: log-forwarder-splunk-rhtap-audit-secret
       type: splunk
-      url: https://http-inputs-rhcorporate.splunkcloud.com
+      splunk:
+        url: https://http-inputs-rhcorporate.splunkcloud.com
+        authentication:
+          token: log-forwarder-splunk-rhtap-audit-secret
+  filters:
+    - name: parse-json
+      type: parse
   pipelines:
     - name: fluentd-forward-logs-to-splunk-rhtap-app-index
       inputRefs:
         - application
       outputRefs:
         - splunk-receiver-application
-      parse: json
+      filterRefs:
+        - parse-json
     - name: fluentd-forward-logs-to-splunk-rhtap-audit-index
       inputRefs:
         - infrastructure
         - audit
       outputRefs:
         - splunk-receiver-audit
-      parse: json
+      filterRefs:
+        - parse-json
+  serviceAccount:
+    name: log-collector

components/monitoring/logging/base/configure-logging/configure-service-account.yaml

@@ -0,0 +1,47 @@
+kind: ServiceAccount
+apiVersion: v1
+metadata:
+  name: log-collector
+  namespace: openshift-logging
+---
+
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: collect-infrastructure-logs
+subjects:
+  - kind: ServiceAccount
+    name: log-collector
+    namespace: openshift-logging
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: collect-infrastructure-logs
+---
+
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: collect-application-logs
+subjects:
+  - kind: ServiceAccount
+    name: log-collector
+    namespace: openshift-logging
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: collect-application-logs
+---
+
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: collect-audit-logs
+subjects:
+  - kind: ServiceAccount
+    name: log-collector
+    namespace: openshift-logging
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: collect-audit-logs

components/monitoring/logging/base/configure-logging/kustomization.yaml

@@ -1,7 +1,7 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-- configure-log-collectors.yaml
+- configure-service-account.yaml
 - configure-logforwarder.yaml
 
 namespace: "openshift-logging"

components/monitoring/logging/base/install-logging-operator.yaml

@@ -9,7 +9,7 @@ metadata:
   annotations:
     argocd.argoproj.io/sync-wave: "0"
 spec:
-  channel: "stable" 
+  channel: "stable-6.0"
   name: cluster-logging
   source: redhat-operators 
   sourceNamespace: openshift-marketplace

components/monitoring/logging/production/base/configure-logging/configure-logforwarder.yaml

@@ -0,0 +1,34 @@
+---
+apiVersion: logging.openshift.io/v1
+kind: ClusterLogForwarder
+metadata:
+  annotations:
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+    argocd.argoproj.io/sync-wave: "1"
+  name: instance
+spec:
+  outputs:
+    - name: splunk-receiver-application
+      secret:
+        name: log-forwarder-splunk-rhtap-application-secret
+      type: splunk
+      url: https://http-inputs-rhcorporate.splunkcloud.com
+    - name: splunk-receiver-audit
+      secret:
+        name: log-forwarder-splunk-rhtap-audit-secret
+      type: splunk
+      url: https://http-inputs-rhcorporate.splunkcloud.com
+  pipelines:
+    - name: fluentd-forward-logs-to-splunk-rhtap-app-index
+      inputRefs:
+        - application
+      outputRefs:
+        - splunk-receiver-application
+      parse: json
+    - name: fluentd-forward-logs-to-splunk-rhtap-audit-index
+      inputRefs:
+        - infrastructure
+        - audit
+      outputRefs:
+        - splunk-receiver-audit
+      parse: json

components/monitoring/logging/production/base/configure-logging/kustomization.yaml

@@ -0,0 +1,10 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- configure-log-collectors.yaml
+- configure-logforwarder.yaml
+
+namespace: "openshift-logging"
+
+generatorOptions:
+  disableNameSuffixHash: true

components/monitoring/logging/production/base/external-secrets/kustomization.yaml

@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- splunk-log-forwarder-external-secrets.yaml
+namespace: openshift-logging

components/monitoring/logging/production/base/external-secrets/splunk-log-forwarder-external-secrets.yaml

@@ -0,0 +1,37 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: log-forwarder-splunk-rhtap-application-external-secret
+  annotations:
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+    argocd.argoproj.io/sync-wave: "-1"
+spec:
+  dataFrom:
+  - extract:
+      key: "" # will be added by the overlays
+  refreshInterval: 1h
+  secretStoreRef:
+    name: appsre-stonesoup-vault
+    kind: ClusterSecretStore
+  target:
+    name: log-forwarder-splunk-rhtap-application-secret
+    deletionPolicy: Delete
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: log-forwarder-splunk-rhtap-audit-external-secret
+  annotations:
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+    argocd.argoproj.io/sync-wave: "-1"
+spec:
+  dataFrom:
+  - extract:
+      key: "" # will be added by the overlays
+  refreshInterval: 1h
+  secretStoreRef:
+    name: appsre-stonesoup-vault
+    kind: ClusterSecretStore
+  target:
+    name: log-forwarder-splunk-rhtap-audit-secret
+    deletionPolicy: Delete

components/monitoring/logging/production/base/install-logging-operator.yaml

@@ -0,0 +1,15 @@
+# On managed clusters, there is no need to create the openshift-logging
+# namespace because it's created automatically by hive.
+---
+apiVersion: operators.coreos.com/v1alpha1
+kind: Subscription
+metadata:
+  name: cluster-logging
+  namespace: openshift-logging
+  annotations:
+    argocd.argoproj.io/sync-wave: "0"
+spec:
+  channel: "stable" 
+  name: cluster-logging
+  source: redhat-operators 
+  sourceNamespace: openshift-marketplace

components/monitoring/logging/production/base/kustomization.yaml

@@ -1,8 +1,14 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-- ../../base
-- ../../base/external-secrets
+- install-logging-operator.yaml
+- ./configure-logging/
+- ./rbac/
+- ./external-secrets/
+
+generatorOptions:
+  disableNameSuffixHash: true
+
 patches:
   - target:
       group: external-secrets.io
@@ -21,4 +27,4 @@ patches:
     patch: |
       - op: replace
         path: /spec/dataFrom/0/extract/key
-        value: production/monitoring/logging/fluentd/splunk-forwarder-rhtap-production-audit
+        value: production/monitoring/logging/fluentd/splunk-forwarder-rhtap-production-audit

components/monitoring/logging/production/base/logging-operator-prerequisite/kustomization.yaml

@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- operatorgroup.yaml

components/monitoring/logging/production/base/logging-operator-prerequisite/operatorgroup.yaml

@@ -0,0 +1,10 @@
+apiVersion: operators.coreos.com/v1
+kind: OperatorGroup
+metadata:
+  name: cluster-logging
+  namespace: openshift-logging
+  annotations:
+    argocd.argoproj.io/sync-wave: "0"
+spec:
+  targetNamespaces:
+  - openshift-logging

components/monitoring/logging/production/base/rbac/kustomization.yaml

@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- logging-admin.yaml

components/monitoring/logging/production/base/rbac/logging-admin.yaml

@@ -0,0 +1,24 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: all-access-openshift-logging
+  namespace: openshift-logging
+rules:
+- apiGroups: [""]
+  resources: ["*"]
+  verbs: ["*"]
+---
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: all-access-openshift-logging
+  namespace: openshift-logging
+subjects:
+- apiGroup: rbac.authorization.k8s.io
+  kind: Group
+  name: konflux-o11y-admins
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: all-access-openshift-logging

components/monitoring/logging/staging/base/kustomization.yaml

@@ -24,7 +24,7 @@ patches:
         value: staging/monitoring/logging/fluentd/splunk-forwarder-rhtap-staging-audit
   - path: ../base/patches/configure-logforwarder-compression-patch.yaml
     target:
-      group: logging.openshift.io
+      group: observability.openshift.io
       version: v1
       kind: ClusterLogForwarder
       name: instance