frontend changes for defender

[sclarkso]

Change frontend audit volume mount to its parent directory

Why

Defender for cloud was enabled by policy in INT. If a defender pod crashes the inode of the asa folder changes and otel cannot reconnect. If you mount the parent directory, the asa folder can be deleted and recreated if the defender pod crashes and otel can reconnect, preventing the frontend from silently failing.

https://docs.google.com/document/d/1ufDbsSOZgOiqRkwNim5C6Nnosw2Q1QQqrt6jjY8vazI/edit?tab=t.0#heading=h.3p4jw99p07sh

Special notes for your reviewer

This has been manually tested in INT (with defender managing /var/run/mdsd/asa) and in Stage (ama-metrics manages /var/run/mdsd/asa). Relevant otel code: https://github.com/microsoft/go-otel-audit/blob/c657aa56f8283563dc98e5ce8507a62554215aa9/audit/conn/domainsocket.go#L33. The asa folder exists either way so that is what it uses, it just doesn't break if the folder is recreated.

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[sclarkso]

/test e2e-parallel

[geoberle]

/approve
/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: geoberle, sclarkso

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• frontend/OWNERS [geoberle]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[geoberle]

/test e2e-parallel

[geoberle]

/test e2e-parallel