From 8ea1c2d365114fa0abffe89df09386ee9800b6bf Mon Sep 17 00:00:00 2001 From: M Essam Hamed Date: Thu, 25 Jan 2024 17:14:28 +0200 Subject: [PATCH] Resolve comments Signed-off-by: M Essam Hamed --- cmd/controller/main.go | 23 ++++++++++++++++++----- helm/sealed-secrets/README.md | 2 +- helm/sealed-secrets/values.yaml | 2 +- pkg/controller/controller.go | 2 +- pkg/controller/main.go | 17 ++--------------- pkg/controller/server.go | 4 ++-- 6 files changed, 25 insertions(+), 25 deletions(-) diff --git a/cmd/controller/main.go b/cmd/controller/main.go index 9fe21748e..07cf269fc 100644 --- a/cmd/controller/main.go +++ b/cmd/controller/main.go @@ -4,7 +4,7 @@ import ( goflag "flag" "fmt" "io" - "log" + "log/slog" "os" "time" @@ -12,6 +12,7 @@ import ( "github.com/bitnami-labs/sealed-secrets/pkg/controller" "github.com/bitnami-labs/sealed-secrets/pkg/flagenv" + "github.com/bitnami-labs/sealed-secrets/pkg/log" "github.com/bitnami-labs/sealed-secrets/pkg/pflagenv" ssv1alpha1 "github.com/bitnami-labs/sealed-secrets/pkg/apis/sealedsecrets/v1alpha1" @@ -52,8 +53,8 @@ func bindControllerFlags(f *controller.Flags, fs *flag.FlagSet) { fs.BoolVar(&f.SkipRecreate, "skip-recreate", false, "if true the controller will skip listening for managed secret changes to recreate them. This helps on limited permission environments.") fs.BoolVar(&f.LogInfoToStdout, "log-info-stdout", false, "if true the controller will log info to stdout.") - fs.StringVar(&f.LogLevel, "log-level", "INFO", "Log level (DEBUG|INFO|WARN|ERROR).") - fs.StringVar(&f.LogLevel, "log-format", "text", "Log format (text|json).") + fs.StringVar(&f.LogLevel, "log-level", "INFO", "Log level (INFO|ERROR).") + fs.StringVar(&f.LogFormat, "log-format", "text", "Log format (text|json).") fs.DurationVar(&f.KeyRenewPeriod, "rotate-period", defaultKeyRenewPeriod, "") _ = fs.MarkDeprecated("rotate-period", "please use key-renew-period instead") @@ -87,14 +88,26 @@ func mainE(w io.Writer, fs *flag.FlagSet, gofs *goflag.FlagSet, args []string) e return err } + // Set logging + logLevel := slog.Level(0) + logLevel.UnmarshalText([]byte(flags.LogLevel)) + opts := &slog.HandlerOptions{ + Level: logLevel, + } + if flags.LogInfoToStdout { + slog.SetDefault(slog.New(log.New(os.Stdout, os.Stderr, flags.LogFormat, opts))) + } else { + slog.SetDefault(slog.New(log.New(os.Stderr, os.Stderr, flags.LogFormat, opts))) + } + ssv1alpha1.AcceptDeprecatedV1Data = flags.AcceptV1Data - fmt.Fprintf(w, "controller version: %s\n", VERSION) + slog.Info("controller version", "version", VERSION) if printVersion { return nil } - log.Printf("Starting sealed-secrets controller version: %s\n", VERSION) + slog.Info("Starting sealed-secrets controller", "version", VERSION) if err := controller.Main(&flags, VERSION); err != nil { panic(err) } diff --git a/helm/sealed-secrets/README.md b/helm/sealed-secrets/README.md index 6211b23d3..174998636 100644 --- a/helm/sealed-secrets/README.md +++ b/helm/sealed-secrets/README.md @@ -101,7 +101,7 @@ The command removes all the Kubernetes components associated with the chart and | `privateKeyAnnotations` | Map of annotations to be set on the sealing keypairs | `{}` | | `privateKeyLabels` | Map of labels to be set on the sealing keypairs | `{}` | | `logInfoStdout` | Specifies whether the Sealed Secrets controller will log info to stdout | `false` | -| `logLevel` | Specifies log level of controller (DEBUG,INFO,WARN,ERROR) | `""` | +| `logLevel` | Specifies log level of controller (INFO,ERROR) | `""` | | `logFormat` | Specifies log format (text,json) | `""` | | `command` | Override default container command | `[]` | | `args` | Override default container args | `[]` | diff --git a/helm/sealed-secrets/values.yaml b/helm/sealed-secrets/values.yaml index 0ed5956ed..c7aed265c 100644 --- a/helm/sealed-secrets/values.yaml +++ b/helm/sealed-secrets/values.yaml @@ -94,7 +94,7 @@ privateKeyLabels: {} ## @param logInfoStdout Specifies whether the Sealed Secrets controller will log info to stdout ## logInfoStdout: false -## @param logLevel Specifies log level of controller (DEBUG,INFO,WARN,ERROR) +## @param logLevel Specifies log level of controller (INFO,ERROR) ## logLevel: "" ## @param logFormat Specifies log format (text,json) diff --git a/pkg/controller/controller.go b/pkg/controller/controller.go index d96bb8e1b..1adc16bb4 100644 --- a/pkg/controller/controller.go +++ b/pkg/controller/controller.go @@ -287,7 +287,7 @@ func (c *Controller) unseal(ctx context.Context, key string) (unsealErr error) { unsealRequestsTotal.Inc() obj, exists, err := c.ssInformer.GetIndexer().GetByKey(key) if err != nil { - slog.Error("Error fetching object from store", "key", key, "error", err) + slog.Error("Error fetching object from store", "key", key, "error", err) unsealErrorsTotal.WithLabelValues("fetch", "").Inc() return err } diff --git a/pkg/controller/main.go b/pkg/controller/main.go index 0b754dbc1..2e4919c5a 100644 --- a/pkg/controller/main.go +++ b/pkg/controller/main.go @@ -26,7 +26,6 @@ import ( "github.com/bitnami-labs/sealed-secrets/pkg/client/clientset/versioned" sealedsecrets "github.com/bitnami-labs/sealed-secrets/pkg/client/clientset/versioned" ssinformers "github.com/bitnami-labs/sealed-secrets/pkg/client/informers/externalversions" - "github.com/bitnami-labs/sealed-secrets/pkg/log" ) var ( @@ -125,7 +124,7 @@ func initKeyRenewal(ctx context.Context, registry *KeyRegistry, period, validFor // wrapper function to log error thrown by generateKey function keyGenFunc := func() { if _, err := registry.generateKey(ctx, validFor, cn, privateKeyAnnotations, privateKeyLabels); err != nil { - slog.Error("Failed to generate new key : %v\n", err) + slog.Error("Failed to generate new key", "error", err) } } if period == 0 { @@ -145,18 +144,6 @@ func initKeyRenewal(ctx context.Context, registry *KeyRegistry, period, validFor func Main(f *Flags, version string) error { registerMetrics(version) - // Set logging - logLevel := slog.Level(0) - (&logLevel).UnmarshalText([]byte(f.LogLevel)) - opts := &slog.HandlerOptions{ - Level: logLevel, - } - if f.LogInfoToStdout { - slog.SetDefault(slog.New(log.New(os.Stdout, os.Stderr, f.LogFormat, opts))) - } else { - slog.SetDefault(slog.New(log.New(os.Stderr, os.Stderr, f.LogFormat, opts))) - } - config, err := rest.InClusterConfig() if err != nil { return err @@ -244,7 +231,7 @@ func Main(f *Flags, version string) error { } ctlr.oldGCBehavior = f.OldGCBehavior ctlr.updateStatus = f.UpdateStatus - slog.Info("Starting informer for namespace", "namespace", ns) + slog.Info("Starting informer", "namespace", ns) go ctlr.Run(stop) } } diff --git a/pkg/controller/server.go b/pkg/controller/server.go index 181a3fb40..488e884eb 100644 --- a/pkg/controller/server.go +++ b/pkg/controller/server.go @@ -49,14 +49,14 @@ func httpserver(cp certProvider, sc secretChecker, sr secretRotator, burst int, mux.Handle("/v1/verify", Instrument("/v1/verify", httpRateLimiter.RateLimit(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { content, err := io.ReadAll(r.Body) if err != nil { - slog.Error("Error handling /v1/verify request: %v", err) + slog.Error("Error handling /v1/verify request", "error", err) w.WriteHeader(http.StatusBadRequest) return } valid, err := sc(content) if err != nil { - slog.Error("Error validating secret: %v", err) + slog.Error("Error validating secret", "error", err) w.WriteHeader(http.StatusInternalServerError) return }