bug: Fluent Bit crashes when 'region' is set to an empty string in the Output resource

[lpratas]

Describe the issue

Setting the region field to an empty string ("") causes all Fluent Bit pods to crash.

Fluent Operator will create invalid Fluent Bit config where the [OUTPUT] section is created without region.

This is particularly problematic in multi-tenant Kubernetes clusters. Where a single configuration can take down Fluent Bit for the whole cluster.

To Reproduce

Creating the following namespaced Output resource:

apiVersion: fluentbit.fluent.io/v1alpha2
kind: Output
metadata:
  name: kinesis
  namespace: my-service-namespace
  labels:
    fluentbit.fluent.io/enabled: "true"
spec:
  match: "*"
  kinesis:
    region: "" #### <--Empty string will pass and create invalid configuration ####
    stream: "my-service-stream"
    roleARN: "arn:aws:iam::999999999999:role/ctos-my-service-stream-role" 

Expected behavior

The following [OUTPUT] section will be created without region:

[OUTPUT]
  Name    kinesis_streams
  Match    a3c7f9e91f2a4e8d8b0e768d48b2c34f.*
  stream    my-service-stream
  role_arn    arn:aws:iam::999999999999:role/ctos-my-service-stream-role  

Fluent Bit pods will crashloop because the configuration is invalid.

Your Environment

- Fluent Operator version:v3.3.0
- Fluent Bit: v3.2.9
- Container Runtime: containerd
- Operating system: Linux
- Kernel version: 5.10.234-225.910.amzn2.x86_64

How did you install fluent operator?

Installed from the Chart:
name: fluent-operator
repository: https://fluent.github.io/helm-charts
version: "3.3.0"

Additional context

No response

[smallc2009]

I think the region is mandatory. it is required when using the plugin otherwises the plugin initialization fails if it is not set.
https://github.com/fluent/fluent-bit/blob/master/plugins/out_kinesis_streams/kinesis.c#L150-L156

[lpratas]

Hey @smallc2009, thanks for your comment.

You’re right that the value is required — but it can currently be set to an empty string, which is the core issue here.

In our clusters, we allow teams to deploy Fluent Bit namespaced resources for their services, and they often set this value dynamically using Helm chart templates. Occasionally, small mistakes slip through and an empty string gets through, resulting in an invalid configuration that crashes all Fluent Bit pods in the entire cluster.

To prevent this, I propose adding an extra check to disallow empty strings.

[smallc2009]

@lpratas I made the region filed is required and it is not allowed empty string for Fluent Operator CRD.

[lpratas]

That's great @smallc2009. Thank you for your help!