Always set the Promtail task to run as privileged

hashicorp · Oct 26, 2021 · 60fde49 · 60fde49
1 parent f358cbf
commit 60fde49
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 7 deletions.
diff --git a/packs/promtail/README.md b/packs/promtail/README.md
@@ -14,6 +14,10 @@ This pack allows passing a pre-made Promtail configuration file by setting the `
 
 If no custom configuration file is provided, a default template will be used which is configured to scrape systemd-journal logs by default. You will need to set the `client_urls` variable with a list of URL's in order for promtail to ship the logs. **Using the default configuration sets the container to be run as privileged**.
 
+## Container Privilege
+
+This container runs the Promtail task as a ***Privileged*** container.
+
 ## Variables
 
 | Name | Description | Type | Default | Required |

diff --git a/packs/promtail/templates/promtail.nomad.tpl b/packs/promtail/templates/promtail.nomad.tpl
@@ -33,7 +33,7 @@ job [[ template "job_name" . ]] {
 
       config {
         image = "grafana/promtail:[[ .promtail.version_tag ]]"
-        privileged = [[ if or (eq .promtail.config_file "") (.promtail.privileged) ]]true[[ else ]]false[[ end ]]
+        privileged = true
         args = [[ .promtail.container_args | toPrettyJson ]]
 
         mount {

diff --git a/packs/promtail/variables.hcl b/packs/promtail/variables.hcl
@@ -29,12 +29,6 @@ variable "version_tag" {
   default     = "latest"
 }
 
-variable "privileged" {
-  description = "Controls whether the container will be run as a privileged container"
-  type        = bool
-  default     = false
-}
-
 variable "config_file" {
   description = "Path to custom Promtail configuration file."
   type        = string