5. Install the Audit Log

In order to provide a BIO compliant product the OpenFSC needs an Audit Log. When the Controller UI is used to create a Contract, sign a Contract etc., a record will be created in the Audit Log ensuring an audittrail.

In this step you will learn how to setup the Audit Log.

If you have not installed Postgres as described in this guide then you need to make sure that a database called fsc_auditlog exists.

Certificate

Run the following command to install a certificate for the Audit Log on the Kubernetes cluster:

kubectl apply -f auditlog-internal-tls.yaml

Check if the certificate has been created

kubectl -n fsc get secrets | grep auditlog-internal-tls

The output should look similar to:

auditlog-internal-tls             kubernetes.io/tls    3      35s

Install the Audit Log API

Now let's install the Audit Log on the Kubernetes cluster.

First open the auditlog-values.yaml, edit the values below and save the file:

• <postgres-password> replace this with the Postgres password you saved earlier.
• The value <file: ca.crt> must be replaced by the content of the file ca.crt. You have this file in your working directory.
  • Copy the content of the file excluding the '-----BEGIN XXXXXXXXX-----' and '-----END XXXXXXXXX-----' lines.
  • Paste the content between the start and end lines and make sure the alignment is the same as the start and end lines
  • Save the modified file

Run the following commands to install the Audit Log on the cluster:

helm -n fsc upgrade --install auditlog -f auditlog-values.yaml commonground/open-fsc-auditlog

Check if the Audit Log is running:

kubectl -n fsc get pods

A similar line should now show up:

auditlog-open-fsc-auditlog-69f9487bf5-fqj2w   1/1     Running     1          1m30s

You are now ready to setup your Controller