Open sam-github opened 4 years ago
For security, containers should be able to run with a read-only FS, but this package throws errors if it cannot create resourceRegistry.log.
resourceRegistry.log
There appears to be some configuration available in https://github.com/IBM/node-ibmapm-restclient/blob/464089d21dce4f2baefa7487fd6ae71f3b18008b/lib/plugins/logutil.js#L22-L31, but it isn't sufficient.
Even when KNJ_LOG_LEVEL is set to NONE, the file is created (but empty).
Even when KNJ_LOG_TO_CONSOLE is set to true, the file is created.
Is there any other mechanisms to avoid any attempts to write to the local FS?
If not, can you implement one? Perhaps make KNJ_LOG_TO_CONSOLE cause all logging to go to console?
For security, containers should be able to run with a read-only FS, but this package throws errors if it cannot create
resourceRegistry.log
.There appears to be some configuration available in https://github.com/IBM/node-ibmapm-restclient/blob/464089d21dce4f2baefa7487fd6ae71f3b18008b/lib/plugins/logutil.js#L22-L31, but it isn't sufficient.
Even when KNJ_LOG_LEVEL is set to NONE, the file is created (but empty).
Even when KNJ_LOG_TO_CONSOLE is set to true, the file is created.
Is there any other mechanisms to avoid any attempts to write to the local FS?
If not, can you implement one? Perhaps make KNJ_LOG_TO_CONSOLE cause all logging to go to console?