Triggered audit
If the OpenShift plugin has been configured with the required actionables (the default values of DEPLOYMENT_UPDATED and AUDIT_REQUESTED), the plugin supports the Audit capabilities as described in Audit.
The OpenShift plugin has automated auditing and correcting support from OpenShift to Connect. For this purpose, the OpenShift configuration is considered the master configuration. This means:
- if a configuration is missing in Connect but present in OpenShift, it is automatically added to Connect
- if a configuration is dangling in Connect and is not present in OpenShfit, it is automatically removed from Connect
- if a configuration is incorrect in Connect and is present in OpenShift, it will be automatically updated in Connect
Resources managed by the Fabric Services System are an exception:
- Fabric Services System managed resources are never deleted from Connect
- Fabric Services System managed resources are never updated in Connect
An audit is executed automatically upon any of the following triggers :
- upon starting up the OpenShift plugin (specifically, upon startup of the FSC pod in the Kubernetes cluster) for all deployments that are administratively Up (that is, the adminUp field is set to True)
- upon updating an the deployment that is administratively Down to be administratively Up (that is, setting the adminUp field to True)
An audit can be triggered manually by sending a POST request to the audits API endpoint (see Audit). If the scope of the request is either PLUGIN_ONLY or FULL, this will include an audit of OpenShift by the plugin.