Switch logging to klog

openshift · Nov 25, 2019 · 05641bf · 05641bf
1 parent 6e59247
commit 05641bf
Show file tree

Hide file tree

Showing 8 changed files with 113 additions and 83 deletions.
diff --git a/cmd/bridge/main.go b/cmd/bridge/main.go
@@ -7,23 +7,20 @@ import (
 	"flag"
 	"fmt"
 	"io/ioutil"
+	"k8s.io/klog"
+	"log"
 	"net/http"
 	"net/url"
 	"os"
 	"strings"
 
-	"github.com/coreos/pkg/capnslog"
 	"github.com/coreos/pkg/flagutil"
-
 	"github.com/openshift/console/pkg/auth"
 	"github.com/openshift/console/pkg/bridge"
 	"github.com/openshift/console/pkg/proxy"
 	"github.com/openshift/console/pkg/server"
 	"github.com/openshift/console/pkg/serverconfig"
-)
 
-var (
-	log = capnslog.NewPackageLogger("github.com/openshift/console", "cmd/main")
 )
 
 const (
@@ -51,8 +48,8 @@ const (
 )
 
 func main() {
-	rl := capnslog.MustRepoLogger("github.com/openshift/console")
-	capnslog.SetFormatter(capnslog.NewStringFormatter(os.Stderr))
+	initLogs()
+	defer klog.Flush()
 
 	fs := flag.NewFlagSet("bridge", flag.ExitOnError)
 	fListen := fs.String("listen", "http://0.0.0.0:9000", "")
@@ -118,7 +115,7 @@ func main() {
 
 	if *fConfig != "" {
 		if err := serverconfig.SetFlagsFromConfig(fs, *fConfig); err != nil {
-			log.Fatalf("Failed to load config: %v", err)
+			klog.Fatalf("Failed to load config: %v", err)
 		}
 	}
 
@@ -171,7 +168,7 @@ func main() {
 
 	if *fCustomLogoFile != "" {
 		if _, err := os.Stat(*fCustomLogoFile); err != nil {
-			log.Fatalf("could not read logo file: %v", err)
+			klog.Fatalf("could not read logo file: %v", err)
 		}
 	}
 
@@ -197,14 +194,12 @@ func main() {
 		os.Exit(1)
 	}
 
-	capnslog.SetGlobalLogLevel(capnslog.INFO)
 	if *fLogLevel != "" {
-		llc, err := rl.ParseLogLevelConfig(*fLogLevel)
+		msg, err := glogSetter(convertLogLevel(*fLogLevel))
 		if err != nil {
-			log.Fatal(err)
+			klog.Fatalf("Could net set the log level: %v", err)
 		}
-		rl.SetLogLevel(llc)
-		log.Infof("Setting log level to %s", *fLogLevel)
+		klog.V(4).Infof(msg)
 	}
 
 	var (
@@ -220,17 +215,17 @@ func main() {
 		var err error
 
 		if srv.DexClient, err = auth.NewDexClient(*fDexAPIHost, *fDexClientCAFile, *fDexClientCertFile, *fDexClientKeyFile); err != nil {
-			log.Fatalf("Failed to create a Dex API client: %v", err)
+			klog.Fatalf("Failed to create a Dex API client: %v", err)
 		}
 	}
 
 	var secureCookies bool
 	if baseURL.Scheme == "https" {
 		secureCookies = true
-		log.Info("cookies are secure!")
+		klog.V(4).Info("cookies are secure!")
 	} else {
 		secureCookies = false
-		log.Warning("cookies are not secure because base-address is not https!")
+		klog.Warning("cookies are not secure because base-address is not https!")
 	}
 
 	var k8sEndpoint *url.URL
@@ -241,17 +236,17 @@ func main() {
 		var err error
 		k8sCertPEM, err = ioutil.ReadFile(k8sInClusterCA)
 		if err != nil {
-			log.Fatalf("Error inferring Kubernetes config from environment: %v", err)
+			klog.Fatalf("Error inferring Kubernetes config from environment: %v", err)
 		}
 		rootCAs := x509.NewCertPool()
 		if !rootCAs.AppendCertsFromPEM(k8sCertPEM) {
-			log.Fatalf("No CA found for the API server")
+			klog.Fatalf("No CA found for the API server")
 		}
 		tlsConfig := &tls.Config{RootCAs: rootCAs}
 
 		bearerToken, err := ioutil.ReadFile(k8sInClusterBearerToken)
 		if err != nil {
-			log.Fatalf("failed to read bearer token: %v", err)
+			klog.Fatalf("failed to read bearer token: %v", err)
 		}
 
 		srv.K8sProxyConfig = &proxy.Config{
@@ -266,11 +261,11 @@ func main() {
 		if *fServiceCAFile != "" {
 			serviceCertPEM, err := ioutil.ReadFile(*fServiceCAFile)
 			if err != nil {
-				log.Fatalf("failed to read service-ca.crt file: %v", err)
+				klog.Fatalf("failed to read service-ca.crt file: %v", err)
 			}
 			serviceProxyRootCAs := x509.NewCertPool()
 			if !serviceProxyRootCAs.AppendCertsFromPEM(serviceCertPEM) {
-				log.Fatalf("no CA found for Kubernetes services")
+				klog.Fatalf("no CA found for Kubernetes services")
 			}
 			serviceProxyTLSConfig := &tls.Config{RootCAs: serviceProxyRootCAs}
 			srv.PrometheusProxyConfig = &proxy.Config{
@@ -416,7 +411,7 @@ func main() {
 		if *fUserAuthOIDCClientSecretFile != "" {
 			buf, err := ioutil.ReadFile(*fUserAuthOIDCClientSecretFile)
 			if err != nil {
-				log.Fatalf("Failed to read client secret file: %v", err)
+				klog.Fatalf("Failed to read client secret file: %v", err)
 			}
 			oidcClientSecret = string(buf)
 		}
@@ -459,10 +454,10 @@ func main() {
 		}
 
 		if srv.Auther, err = auth.NewAuthenticator(context.Background(), oidcClientConfig); err != nil {
-			log.Fatalf("Error initializing authenticator: %v", err)
+			klog.Fatalf("Error initializing authenticator: %v", err)
 		}
 	case "disabled":
-		log.Warningf("running with AUTHENTICATION DISABLED!")
+		klog.Warningf("running with AUTHENTICATION DISABLED!")
 	default:
 		bridge.FlagFatalf("user-auth", "must be one of: oidc, disabled")
 	}
@@ -499,12 +494,58 @@ func main() {
 		Handler: srv.HTTPHandler(),
 	}
 
-	log.Infof("Binding to %s...", httpsrv.Addr)
+	klog.V(4).Infof("Binding to %s...", httpsrv.Addr)
 	if listenURL.Scheme == "https" {
-		log.Info("using TLS")
-		log.Fatal(httpsrv.ListenAndServeTLS(*fTlSCertFile, *fTlSKeyFile))
+		klog.V(4).Info("using TLS")
+		klog.Fatal(httpsrv.ListenAndServeTLS(*fTlSCertFile, *fTlSKeyFile))
 	} else {
-		log.Info("not using TLS")
-		log.Fatal(httpsrv.ListenAndServe())
+		klog.V(4).Info("not using TLS")
+		klog.Fatal(httpsrv.ListenAndServe())
+	}
+}
+
+// helper function converts string values to appropriate string number values
+// Also, this translate the old capnslog values that are currently sent by Console Operator
+func convertLogLevel(val string) string {
+	level := "0"
+	switch val {
+	case "INFO":
+		fallthrough
+	case "*=DEBUG":
+		level = "0"
+	case "WARNING":
+		fallthrough
+	case "*=TRACE":
+		level = "1"
+	case "FATAL":
+		level = "3"
+	case "ERROR":
+		fallthrough
+	case "*=NOTICE":
+		fallthrough
+	default:
+		level = "2"
 	}
+	return level
+}
+// initLogs initializes logs the way we want for kubernetes.
+func initLogs() {
+	klog.InitFlags(nil)
+	log.SetOutput(KlogWriter{})
+	log.SetFlags(0)
+}
+// glogSetter is a setter to set glog level.
+func glogSetter(val string) (string, error) {
+	var level klog.Level
+	if err := level.Set(val); err != nil {
+		return "", fmt.Errorf("failed set klog.logging.verbosity %s: %v", val, err)
+	}
+	return fmt.Sprintf("successfully set klog.logging.verbosity to %s", val), nil
+}
+// KlogWriter serves as a bridge between the standard log package and the glog package.
+type KlogWriter struct{}
+// Write implements the io.Writer interface.
+func (writer KlogWriter) Write(data []byte) (n int, err error) {
+	klog.InfoDepth(1, string(data))
+	return len(data), nil
 }
diff --git a/go.mod b/go.mod
@@ -16,4 +16,5 @@ require (
 	google.golang.org/grpc v1.19.0
 	gopkg.in/square/go-jose.v2 v2.0.1 // indirect
 	gopkg.in/yaml.v2 v2.2.1
+	k8s.io/klog v1.0.0
 )
diff --git a/go.sum b/go.sum
@@ -10,6 +10,7 @@ github.com/coreos/pkg v0.0.0-20150728231633-7373797ee9cd h1:/JKC4AuMAyH0t5Z0O4CL
 github.com/coreos/pkg v0.0.0-20150728231633-7373797ee9cd/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
 github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
@@ -65,3 +66,5 @@ gopkg.in/square/go-jose.v2 v2.0.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76
 gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE=
 gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8=
+k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
diff --git a/pkg/auth/auth.go b/pkg/auth/auth.go
@@ -16,9 +16,10 @@ import (
 	"sync"
 	"time"
 
+	"k8s.io/klog"
+
 	"github.com/coreos/dex/api"
 	oidc "github.com/coreos/go-oidc"
-	"github.com/coreos/pkg/capnslog"
 	"golang.org/x/oauth2"
 
 	"google.golang.org/grpc"
@@ -40,8 +41,6 @@ const (
 )
 
 var (
-	log = capnslog.NewPackageLogger("github.com/openshift/console", "auth")
-
 	// Cache HTTP clients to avoid recreating them for each request to the
 	// OAuth server. The key is the ca.crt bytes cast to a string and the
 	// value is a pointer to the http.Client. Keep two maps: one that
@@ -135,7 +134,7 @@ func newHTTPClient(issuerCA string, includeSystemRoots bool) (*http.Client, erro
 		}
 		certPool, err = x509.SystemCertPool()
 		if err != nil {
-			log.Errorf("error copying system cert pool: %v", err)
+			klog.Errorf("error copying system cert pool: %v", err)
 			certPool = x509.NewCertPool()
 		}
 	} else {
@@ -227,11 +226,11 @@ func NewAuthenticator(ctx context.Context, c *Config) (*Authenticator, error) {
 		if err != nil {
 			steps++
 			if steps > maxSteps {
-				log.Errorf("error contacting auth provider: %v", err)
+				klog.Errorf("error contacting auth provider: %v", err)
 				return nil, err
 			}
 
-			log.Errorf("error contacting auth provider (retrying in %s): %v", backoff, err)
+			klog.Errorf("error contacting auth provider (retrying in %s): %v", backoff, err)
 
 			time.Sleep(backoff)
 			continue
@@ -249,7 +248,7 @@ func NewAuthenticator(ctx context.Context, c *Config) (*Authenticator, error) {
 
 			currentEndpoint, currentLoginMethod, errAuthSource := authSourceFunc()
 			if errAuthSource != nil {
-				log.Errorf("failed to get latest auth source data: %v", errAuthSource)
+				klog.Errorf("failed to get latest auth source data: %v", errAuthSource)
 				return &baseOAuth2Config, fallbackLoginMethod
 			}
 
@@ -271,7 +270,7 @@ func newUnstartedAuthenticator(c *Config) (*Authenticator, error) {
 	clientFunc := func() *http.Client {
 		currentClient, err := newHTTPClient(c.IssuerCA, true)
 		if err != nil {
-			log.Errorf("failed to get latest http client: %v", err)
+			klog.Errorf("failed to get latest http client: %v", err)
 			return fallbackClient
 		}
 		return currentClient
@@ -356,7 +355,7 @@ func (a *Authenticator) CallbackFunc(fn func(loginInfo LoginJSON, successURL str
 
 		cookieState, err := r.Cookie(stateCookieName)
 		if err != nil {
-			log.Errorf("failed to parse state cookie: %v", err)
+			klog.Errorf("failed to parse state cookie: %v", err)
 			a.redirectAuthError(w, errorMissingState, err)
 			return
 		}
@@ -368,33 +367,33 @@ func (a *Authenticator) CallbackFunc(fn func(loginInfo LoginJSON, successURL str
 		}
 
 		if code == "" {
-			log.Infof("missing auth code in query param")
+			klog.V(4).Infof("missing auth code in query param")
 			a.redirectAuthError(w, errorMissingCode, nil)
 			return
 		}
 
 		if urlState != cookieState.Value {
-			log.Errorf("State in url does not match State cookie")
+			klog.Errorf("State in url does not match State cookie")
 			a.redirectAuthError(w, errorInvalidState, nil)
 			return
 		}
 		ctx := oidc.ClientContext(context.TODO(), a.clientFunc())
 		oauthConfig, lm := a.authFunc()
 		token, err := oauthConfig.Exchange(ctx, code)
 		if err != nil {
-			log.Infof("unable to verify auth code with issuer: %v", err)
+			klog.V(4).Infof("unable to verify auth code with issuer: %v", err)
 			a.redirectAuthError(w, errorInvalidCode, err)
 			return
 		}
 
 		ls, err := lm.login(w, token)
 		if err != nil {
-			log.Errorf("error constructing login state: %v", err)
+			klog.Errorf("error constructing login state: %v", err)
 			a.redirectAuthError(w, errorInternal, nil)
 			return
 		}
 
-		log.Infof("oauth success, redirecting to: %q", a.successURL)
+		klog.V(4).Infof("oauth success, redirecting to: %q", a.successURL)
 		fn(ls.toLoginJSON(), a.successURL, w)
 	}
 }
@@ -503,12 +502,12 @@ func NewDexClient(hostAndPort string, caCrt, clientCrt, clientKey string) (api.D
 		var err error
 
 		if caPEM, err = ioutil.ReadFile(caCrt); err != nil {
-			log.Fatalf("Failed to read cert file: %v", err)
+			klog.Fatalf("Failed to read cert file: %v", err)
 		}
 
 		certPool = x509.NewCertPool()
 		if !certPool.AppendCertsFromPEM(caPEM) {
-			log.Fatalf("No certs found in %q", caCrt)
+			klog.Fatalf("No certs found in %q", caCrt)
 		}
 	}
 

diff --git a/pkg/auth/session.go b/pkg/auth/session.go
@@ -4,6 +4,8 @@ import (
 	"fmt"
 	"sync"
 	"time"
+
+	"k8s.io/klog"
 )
 
 const openshiftSessionCookieName = "openshift-session-token"
@@ -62,7 +64,7 @@ func (ss *SessionStore) deleteSession(token string) error {
 			return nil
 		}
 	}
-	log.Errorf("ss.byAge did not contain session %v", token)
+	klog.Errorf("ss.byAge did not contain session %v", token)
 	return fmt.Errorf("ss.byAge did not contain session %v", token)
 }
 
@@ -78,17 +80,17 @@ func (ss *SessionStore) pruneSessions() {
 			expired++
 		}
 	}
-	log.Debugf("Pruned %v expired sessions.", expired)
+	klog.V(4).Infof("Pruned %v expired sessions.", expired)
 	toRemove := len(ss.byAge) - ss.maxSessions
 	if toRemove > 0 {
-		log.Debugf("Still too many sessions. Pruning oldest %v sessions...", toRemove)
+		klog.V(4).Infof("Still too many sessions. Pruning oldest %v sessions...", toRemove)
 		// TODO: account for user ids when pruning old sessions. Otherwise one user could log in 16k times and boot out everyone else.
 		for _, s := range ss.byAge[:toRemove] {
 			delete(ss.byToken, s.token)
 		}
 		ss.byAge = ss.byAge[toRemove:]
 	}
 	if expired+toRemove > 0 {
-		log.Debugf("Pruned %v old sessions.", expired+toRemove)
+		klog.V(4).Infof("Pruned %v old sessions.", expired+toRemove)
 	}
 }