From 14afc2dae0ff53a3745bd329294b490dbba7dc7b Mon Sep 17 00:00:00 2001
From: David Dollar <david@convox.com>
Date: Wed, 29 Jan 2020 13:44:46 -0500
Subject: [PATCH] gcp: update logging reader for new kubernetes format (#87)

---
 provider/gcp/log.go          | 22 +++++++++++-----------
 terraform/api/gcp/account.tf |  9 ++-------
 2 files changed, 13 insertions(+), 18 deletions(-)

diff --git a/provider/gcp/log.go b/provider/gcp/log.go
index ccf4ee7..621a5be 100644
--- a/provider/gcp/log.go
+++ b/provider/gcp/log.go
@@ -101,19 +101,13 @@ Iteration:
 
 				prefix := ""
 
-				pod := entry.Labels["container.googleapis.com/pod_name"]
-				service := "unknown"
+				labels := entry.Resource.GetLabels()
 
-				if pp := strings.Split(pod, "-"); len(pp) > 2 {
-					service = strings.Join(pp[0:len(pp)-2], "-")
-				}
+				typ := common.CoalesceString(entry.Labels["k8s-pod/type"], "unknown")
+				name := common.CoalesceString(entry.Labels["k8s-pod/name"], "unknown")
 
 				if common.DefaultBool(opts.Prefix, false) {
-					if strings.HasSuffix(entry.LogName, "/main") {
-						prefix = fmt.Sprintf("%s service/%s/%s ", entry.Timestamp.Format(time.RFC3339), service, pod)
-					} else {
-						prefix = fmt.Sprintf("%s %s ", entry.Timestamp.Format(time.RFC3339), entry.Labels["stream"])
-					}
+					prefix = fmt.Sprintf("%s %s/%s/%s ", entry.Timestamp.Format(time.RFC3339), typ, name, labels["pod_name"])
 				}
 
 				switch t := entry.Payload.(type) {
@@ -132,5 +126,11 @@ Iteration:
 }
 
 func (p *Provider) logFilters(app string) string {
-	return fmt.Sprintf(`labels."container.googleapis.com/namespace_name" = %q`, p.AppNamespace(app))
+	filters := []string{
+		`resource.type="k8s_container"`,
+		fmt.Sprintf(`resource.labels.cluster_name=%q`, p.Name),
+		fmt.Sprintf(`resource.labels.namespace_name=%q`, p.AppNamespace(app)),
+	}
+
+	return strings.Join(filters, " AND ")
 }
diff --git a/terraform/api/gcp/account.tf b/terraform/api/gcp/account.tf
index ec857b3..7698e5f 100644
--- a/terraform/api/gcp/account.tf
+++ b/terraform/api/gcp/account.tf
@@ -6,13 +6,8 @@ resource "google_service_account_key" "api" {
   service_account_id = google_service_account.api.name
 }
 
-resource "google_project_iam_member" "api-logging-viewer" {
-  role   = "roles/logging.viewer"
-  member = "serviceAccount:${google_service_account.api.email}"
-}
-
-resource "google_project_iam_member" "api-logging-writer" {
-  role   = "roles/logging.logWriter"
+resource "google_project_iam_member" "api-logging-admin" {
+  role   = "roles/logging.admin"
   member = "serviceAccount:${google_service_account.api.email}"
 }