Audit log enabled by using host variables

[ravindraprasad85]

Describe the bug (actual behavior)
Audit log functionality is currently being enabled by using host variables. This practice could introduce security or configuration risks, as audit logging should be controlled via explicit and secure configuration methods rather than generic host variables.

Expected behavior
Audit log configuration should be managed through dedicated, secure, and explicit configuration options rather than being tied to host variables.

Your installation details

1. App version: [please specify]
2. Helm chart version: [if applicable, please specify]
3. Application config: [please provide relevant config, redact sensitive info]
4. IAAC configs: [if applicable, please provide]

Steps to reproduce

1. Enable audit log using a host variable.
2. Observe that audit logging is controlled by this variable rather than explicit configuration settings.

Screenshots
[add if applicable]

Logs
[add if applicable]

Additional context
This behavior may pose a security or configuration risk. Please review and consider enhancing the audit log configuration for improved security and clarity.

[github-actions]

Hi ravindraprasad85! 👋

Welcome, and thank you for opening your first issue in the repo!

Please wait for triaging by our maintainers.

As development is carried out in our spare time, you can support us by sponsoring our activities or even funding the development of specific issues.
Sponsorship link

If you plan to raise a PR for this issue, please take a look at our contributing guide.

[Haarolean]

This isn’t a bug. Environment variable configuration is an industry standard in basically every runtime (12-factor apps, docker, kubernetes, cloud platforms, etc). Calling it a “security risk” is backwards: if you don’t control your host environment, you already have a compromised system. Preventing env var configuration doesn’t improve security, it just breaks standard deployment patterns.