feat(docker-jans): enable prefix and group for stdout logs (#3481)

* feat(docker-jans): enable prefix and group for stdout logs

* fix: add stdout log prefix

Co-authored-by: moabu <47318409+moabu@users.noreply.github.com>

charts/janssen/charts/config/templates/configmaps.yaml

@@ -73,6 +73,7 @@ data:
   | replace "scriptLogLevel" "script_log_level"
   | replace "auditStatsLogTarget" "audit_log_target"
   | replace "auditStatsLogLevel" "audit_log_level"
+  | replace "enableStdoutLogPrefix" "enable_stdout_log_prefix"
   | squote
   }}
   {{- if index .Values "global" "config-api" "enabled" }}
@@ -88,6 +89,7 @@ data:
   | replace "ldapStatsLogLevel" "ldap_stats_log_level"
   | replace "scriptLogTarget" "script_log_target"
   | replace "scriptLogLevel" "script_log_level"
+  | replace "enableStdoutLogPrefix" "enable_stdout_log_prefix"
   | squote
   }}
   {{- end }}
@@ -152,6 +154,7 @@ data:
   | replace "ldapStatsLogLevel" "ldap_stats_log_level"
   | replace "scriptLogTarget" "script_log_target"
   | replace "scriptLogLevel" "script_log_level"
+  | replace "enableStdoutLogPrefix" "enable_stdout_log_prefix"
   | squote
   }}
   {{- end }}
@@ -162,6 +165,7 @@ data:
   | replace "fido2LogLevel" "fido2_log_level"
   | replace "persistenceLogTarget" "persistence_log_target"
   | replace "persistenceLogLevel" "persistence_log_level"
+  | replace "enableStdoutLogPrefix" "enable_stdout_log_prefix"
   | squote
   }}
   {{- end }}

charts/janssen/values.yaml

@@ -518,6 +518,8 @@ global:
     enabled: true
     # -- App loggers can be configured to define where the logs will be redirected to and the level of each in which it should be displayed.
     appLoggers:
+      # -- Enable log prefixing which enables prepending the STDOUT logs with the file name. i.e auth-server-script ===> 2022-12-20 17:49:55,744 INFO
+      enableStdoutLogPrefix: "true"
       # -- jans-auth.log target
       authLogTarget: "STDOUT"
       # -- jans-auth.log level
@@ -611,13 +613,15 @@ global:
     enabled: true
     # -- App loggers can be configured to define where the logs will be redirected to and the level of each in which it should be displayed.
     appLoggers:
+      # -- Enable log prefixing which enables prepending the STDOUT logs with the file name. i.e config-api_persistence ===> 2022-12-20 17:49:55,744 INFO
+      enableStdoutLogPrefix: "true"
       # -- configapi.log target
       configApiLogTarget: "STDOUT"
       # -- configapi.log level
       configApiLogLevel: "INFO"
       # -- config-api_persistence.log target
       persistenceLogTarget: "FILE"
-      # -- jans-auth_persistence.log level
+      # -- config-api_persistence.log level
       persistenceLogLevel: "INFO"
       # -- config-api_persistence_duration.log target
       persistenceDurationLogTarget: "FILE"
@@ -644,6 +648,8 @@ global:
     enabled: true
     # -- App loggers can be configured to define where the logs will be redirected to and the level of each in which it should be displayed.
     appLoggers:
+      # -- Enable log prefixing which enables prepending the STDOUT logs with the file name. i.e fido2 ===> 2022-12-20 17:49:55,744 INFO
+      enableStdoutLogPrefix: "true"
       # -- fido2.log target
       fido2LogTarget: "STDOUT"
       # -- fido2.log level
@@ -693,6 +699,8 @@ global:
     enabled: true
     # -- App loggers can be configured to define where the logs will be redirected to and the level of each in which it should be displayed.
     appLoggers:
+      # -- Enable log prefixing which enables prepending the STDOUT logs with the file name. i.e jans-scim ===> 2022-12-20 17:49:55,744 INFO
+      enableStdoutLogPrefix: "true"
       # -- jans-scim.log target
       scimLogTarget: "STDOUT"
       # -- jans-scim.log level

docker-jans-auth-server/Dockerfile

@@ -15,7 +15,7 @@ RUN apk update \
 # Jetty
 # =====
 
-ARG JETTY_VERSION=11.0.11
+ARG JETTY_VERSION=11.0.13
 ARG JETTY_HOME=/opt/jetty
 ARG JETTY_BASE=/opt/jans/jetty
 ARG JETTY_USER_HOME_LIB=/home/jetty/lib
@@ -67,7 +67,7 @@ RUN mkdir -p ${JETTY_BASE}/jans-auth/webapps \
     && zip -d jans-auth.war WEB-INF/jetty-web.xml \
     && zip -r jans-auth.war WEB-INF/jetty-env.xml \
     && cp jans-auth.war ${JETTY_BASE}/jans-auth/webapps/jans-auth.war \
-    && java -jar ${JETTY_HOME}/start.jar jetty.home=${JETTY_HOME} jetty.base=${JETTY_BASE}/jans-auth --add-module=server,deploy,annotations,resources,http,http-forwarded,threadpool,jsp,websocket,cdi-decorate,jmx,stats \
+    && java -jar ${JETTY_HOME}/start.jar jetty.home=${JETTY_HOME} jetty.base=${JETTY_BASE}/jans-auth --add-module=server,deploy,annotations,resources,http,http-forwarded,threadpool,jsp,websocket,cdi-decorate,jmx,stats,logging-log4j2 --approve-all-licenses \
     && rm -rf /tmp/jans-auth.war /tmp/WEB-INF
 
 # ===========
@@ -274,7 +274,7 @@ RUN mkdir -p ${JETTY_BASE}/jans-auth/custom/pages \
 COPY certs /etc/certs
 COPY jetty/jans-auth_web_resources.xml ${JETTY_BASE}/jans-auth/webapps/
 COPY jetty/agama_web_resources.xml ${JETTY_BASE}/jans-auth/webapps/
-COPY jetty/log4j2.xml ${JETTY_BASE}/jans-auth/resources/
+COPY jetty/log4j2.xml /app/templates
 COPY conf/*.tmpl /app/templates/
 COPY scripts /app/scripts
 RUN chmod +x /app/scripts/entrypoint.sh
@@ -286,7 +286,7 @@ COPY --chown=1000:0 jetty/jans-auth.xml ${JETTY_BASE}/jans-auth/webapps/
 
 # adjust ownership and permission
 RUN chmod -R g=u ${JETTY_BASE}/jans-auth/custom \
-    && chmod -R g=u ${JETTY_BASE}/jans-auth/resources \
+    && chmod 664 ${JETTY_BASE}/jans-auth/resources/log4j2.xml \
     && chmod -R g=u ${JETTY_BASE}/jans-auth/logs \
     && chmod -R g=u /etc/certs \
     && chmod -R g=u /etc/jans \

docker-jans-auth-server/README.md

@@ -138,6 +138,12 @@ The following key-value pairs are the defaults:
 }
 ```
 
+To enable prefix on `STDOUT` logging, set the `enable_stdout_log_prefix` key. Example:
+
+```
+{"auth_log_target":"STDOUT","script_log_target":"STDOUT","enable_stdout_log_prefix":true}
+```
+
 ### Hybrid mapping
 
 As per v1.0.1, hybrid persistence supports all available persistence types. To configure hybrid persistence and its data mapping, follow steps below:

docker-jans-auth-server/jetty/log4j2.xml

@@ -1,9 +1,12 @@
 <?xml version="1.0" encoding="UTF-8"?>
 
 <Configuration packages="org.gluu.log">
+    <Properties>
+        <Property name="log.console.prefix" value="auth" />
+    </Properties>
 	<Appenders>
 		<Console name="STDOUT" target="SYSTEM_OUT">
-			<PatternLayout pattern="%d %-5p [%t] [%C{6}] (%F:%L) - %m%n" />
+			<PatternLayout pattern="$log_prefix%d %-5p [%t] [%C{6}] (%F:%L) - %m%n" />
 		</Console>
 
 		<RollingFile name="JANS_AUTH_HTTP_REQUEST_RESPONSE_FILE" fileName="${sys:log.base}/logs/http_request_response.log" filePattern="${sys:log.base}/logs/http_request_response-%d{yyyy-MM-dd}-%i.log">
@@ -100,53 +103,66 @@
 		<Logger name="org.hibernate" level="error" />
 
 		<Logger name="io.jans.as.server.audit.debug" level="$http_log_level" additivity="false">
+            <Property name="log.console.group">-http</Property>
 			<AppenderRef ref="$http_log_target" />
 		</Logger>
 
 		<Logger name="io.jans.orm" level="$persistence_log_level" additivity="false">
+            <Property name="log.console.group">-persistence</Property>
 			<AppenderRef ref="$persistence_log_target" />
 		</Logger>
 
 		<Logger name="com.unboundid.ldap.sdk.LDAPConnection" level="$persistence_log_level" additivity="false">
+            <Property name="log.console.group">-persistence</Property>
 			<AppenderRef ref="$persistence_log_target" />
 		</Logger>
 		<logger name="com.couchbase.client" level="$persistence_log_level" additivity="false">
+            <Property name="log.console.group">-persistence</Property>
 			<AppenderRef ref="$persistence_log_target" />
 		</logger>
 
 		<Logger name="io.jans.orm.ldap.operation.watch" level="$persistence_duration_log_level" additivity="false">
+            <Property name="log.console.group">-persistence-duration</Property>
 			<AppenderRef ref="$persistence_duration_log_target" />
 		</Logger>
 
 		<Logger name="io.jans.orm.couchbase.operation.watch" level="$persistence_duration_log_level" additivity="false">
+            <Property name="log.console.group">-persistence-duration</Property>
 			<AppenderRef ref="$persistence_duration_log_target" />
 		</Logger>
 
 		<Logger name="io.jans.orm.watch" level="$persistence_duration_log_level" additivity="false">
+            <Property name="log.console.group">-persistence-duration</Property>
 			<AppenderRef ref="$persistence_duration_log_target" />
 		</Logger>
 
 		<Logger name="io.jans.as.server.service.status.ldap" level="$ldap_stats_log_level" additivity="false">
+            <Property name="log.console.group">-ldap-stats</Property>
 			<AppenderRef ref="$ldap_stats_log_target" />
 		</Logger>
 
 		<Logger name="io.jans.service.PythonService" level="$script_log_level" additivity="false">
+            <Property name="log.console.group">-script</Property>
 			<AppenderRef ref="$script_log_target" />
 		</Logger>
 
 		<Logger name="io.jans.service.custom.script" level="$script_log_level" additivity="false">
+            <Property name="log.console.group">-script</Property>
 			<AppenderRef ref="$script_log_target" />
 		</Logger>
 
 		<Logger name="io.jans.as.server.service.custom" level="$script_log_level" additivity="false">
+            <Property name="log.console.group">-script</Property>
 			<AppenderRef ref="$script_log_target" />
 		</Logger>
 
 		<Logger name="io.jans.agama.engine.script.LogUtils" level="$script_log_level" additivity="false">
+            <Property name="log.console.group">-script</Property>
 			<AppenderRef ref="$script_log_target" />
 		</Logger>
 
 		<Logger name="io.jans.as.server.audit.ApplicationAuditLogger" level="$audit_log_level" additivity="false">
+            <Property name="log.console.group">-audit</Property>
 			<AppenderRef ref="$audit_log_target" />
 		</Logger>
 

docker-jans-auth-server/scripts/bootstrap.py

@@ -20,6 +20,7 @@
 from jans.pycloudlib.utils import cert_to_truststore
 from jans.pycloudlib.utils import get_server_certificate
 from jans.pycloudlib.utils import generate_keystore
+from jans.pycloudlib.utils import as_boolean
 
 from keystore_mod import modify_keystore_path
 
@@ -251,6 +252,7 @@ def configure_logging():
         "script_log_level": "INFO",
         "audit_log_target": "FILE",
         "audit_log_level": "INFO",
+        "log_prefix": "",
     }
 
     # pre-populate custom config; format is JSON string of ``dict``
@@ -300,10 +302,13 @@ def configure_logging():
         if config[key] == "FILE":
             config[key] = value
 
-    logfile = "/opt/jans/jetty/jans-auth/resources/log4j2.xml"
-    with open(logfile) as f:
+    if as_boolean(custom_config.get("enable_stdout_log_prefix")):
+        config["log_prefix"] = "${sys:log.console.prefix}%X{log.console.group} - "
+
+    with open("/app/templates/log4j2.xml") as f:
         txt = f.read()
 
+    logfile = "/opt/jans/jetty/jans-auth/resources/log4j2.xml"
     tmpl = Template(txt)
     with open(logfile, "w") as f:
         f.write(tmpl.safe_substitute(config))

docker-jans-config-api/Dockerfile

@@ -15,7 +15,7 @@ RUN apk update \
 # Jetty
 # =====
 
-ARG JETTY_VERSION=11.0.11
+ARG JETTY_VERSION=11.0.13
 ARG JETTY_HOME=/opt/jetty
 ARG JETTY_BASE=/opt/jans/jetty
 ARG JETTY_USER_HOME_LIB=/home/jetty/lib
@@ -54,7 +54,7 @@ RUN mkdir -p ${JETTY_BASE}/jans-config-api/webapps \
     && zip -d jans-config-api.war WEB-INF/jetty-web.xml \
     && zip -r jans-config-api.war WEB-INF/jetty-env.xml \
     && cp jans-config-api.war ${JETTY_BASE}/jans-config-api/webapps/jans-config-api.war \
-    && java -jar ${JETTY_HOME}/start.jar jetty.home=${JETTY_HOME} jetty.base=${JETTY_BASE}/jans-config-api --add-module=server,deploy,annotations,resources,http,http-forwarded,threadpool,jsp,websocket,cdi-decorate,jmx,stats \
+    && java -jar ${JETTY_HOME}/start.jar jetty.home=${JETTY_HOME} jetty.base=${JETTY_BASE}/jans-config-api --add-module=server,deploy,annotations,resources,http,http-forwarded,threadpool,jsp,websocket,cdi-decorate,jmx,stats,logging-log4j2 --approve-all-licenses \
     && rm -rf /tmp/jans-config-api.war /tmp/WEB-INF
 
 # Ports exposed by config-api
@@ -256,7 +256,7 @@ RUN mkdir -p /etc/certs \
     ${JETTY_BASE}/common/libs/couchbase
 
 RUN touch /etc/hosts.back
-COPY jetty/log4j2.xml ${JETTY_BASE}/jans-config-api/resources/
+COPY jetty/log4j2.xml /app/templates/
 COPY conf/*.tmpl /app/templates/
 COPY plugins /app/plugins
 COPY templates /app/templates
@@ -273,7 +273,7 @@ COPY --chown=1000:0 jetty/jans-config-api.xml ${JETTY_BASE}/jans-config-api/weba
 
 # adjust ownership and permission
 RUN chmod -R g=u ${JETTY_BASE}/jans-config-api/custom \
-    && chmod -R g=u ${JETTY_BASE}/jans-config-api/resources \
+    && chmod 664 ${JETTY_BASE}/jans-config-api/resources/log4j2.xml \
     && chmod -R g=u ${JETTY_BASE}/jans-config-api/logs \
     && chmod -R g=u /etc/certs \
     && chmod -R g=u /etc/jans \
@@ -284,7 +284,8 @@ RUN chmod -R g=u ${JETTY_BASE}/jans-config-api/custom \
     && chmod -R g=u /app/templates/jans-config-api \
     && chown -R 1000:0 ${JETTY_BASE}/common/libs \
     && chown -R 1000:0 /usr/share/java \
-    && chown -R 1000:0 /opt/prometheus
+    && chown -R 1000:0 /opt/prometheus \
+    && chown -R 1000:0 /app/plugins
 
 USER 1000
 

docker-jans-config-api/README.md

@@ -127,10 +127,18 @@ The following key-value pairs are the defaults:
     "ldap_stats_log_target": "FILE",
     "ldap_stats_log_level": "INFO",
     "script_log_target": "FILE",
-    "script_log_level": "INFO"
+    "script_log_level": "INFO",
+    "audit_log_target": "FILE",
+    "audit_log_level": "INFO"
 }
 ```
 
+To enable prefix on `STDOUT` logging, set the `enable_stdout_log_prefix` key. Example:
+
+```
+{"config_api_log_target":"STDOUT","script_log_target":"STDOUT","enable_stdout_log_prefix":true}
+```
+
 ### Configure plugin loggers
 
 Plugin loggers can be configured to define where the logs will be redirected and what is the level the logs should be displayed.
@@ -160,6 +168,12 @@ The following key-value pairs are the defaults:
 }
 ```
 
+To enable prefix on `STDOUT` logging, set the `enable_stdout_log_prefix` key. Example:
+
+```
+{"admin_ui_log_target":"STDOUT","enable_stdout_log_prefix":true}
+```
+
 ### Hybrid mapping
 
 As per v1.0.1, hybrid persistence supports all available persistence types. To configure hybrid persistence and its data mapping, follow steps below: