refactor: improve logging for hostRules (#25967)

renovatebot · Nov 27, 2023 · f08bad2 · f08bad2
1 parent c4bb98a
commit f08bad2
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 0 deletions.
diff --git a/lib/modules/datasource/docker/common.ts b/lib/modules/datasource/docker/common.ts
@@ -94,6 +94,7 @@ export async function getAuthHeaders(
       url: apiCheckUrl,
     });
     if (ecrRegex.test(registryHost)) {
+      logger.once.debug(`hostRules: ecr auth for ${registryHost}`);
       logger.trace(
         { registryHost, dockerRepository },
         `Using ecr auth for Docker registry`,
@@ -109,6 +110,7 @@ export async function getAuthHeaders(
       typeof opts.password === 'undefined' &&
       typeof opts.token === 'undefined'
     ) {
+      logger.once.debug(`hostRules: google auth for ${registryHost}`);
       logger.trace(
         { registryHost, dockerRepository },
         `Using google auth for Docker registry`,
@@ -123,6 +125,7 @@ export async function getAuthHeaders(
         );
       }
     } else if (opts.username && opts.password) {
+      logger.once.debug(`hostRules: basic auth for ${registryHost}`);
       logger.trace(
         { registryHost, dockerRepository },
         `Using basic auth for Docker registry`,
@@ -133,6 +136,9 @@ export async function getAuthHeaders(
       opts.headers = { authorization: `Basic ${auth}` };
     } else if (opts.token) {
       const authType = opts.authType ?? 'Bearer';
+      logger.once.debug(
+        `hostRules: ${authType} token auth for ${registryHost}`,
+      );
       logger.trace(
         { registryHost, dockerRepository },
         `Using ${authType} token for Docker registry`,
@@ -154,6 +160,7 @@ export async function getAuthHeaders(
       !is.string(authenticateHeader.params.realm) ||
       parseUrl(authenticateHeader.params.realm) === null
     ) {
+      logger.once.debug(`hostRules: testing direct auth for ${registryHost}`);
       logger.trace(
         { registryHost, dockerRepository, authenticateHeader },
         `Invalid realm, testing direct auth`,

diff --git a/lib/util/http/host-rules.ts b/lib/util/http/host-rules.ts
@@ -9,6 +9,7 @@ import { logger } from '../../logger';
 import { hasProxy } from '../../proxy';
 import type { HostRule } from '../../types';
 import * as hostRules from '../host-rules';
+import { parseUrl } from '../url';
 import { dnsLookup } from './dns';
 import { keepaliveAgents } from './keepalive';
 import type { GotOptions } from './types';
@@ -120,24 +121,30 @@ export function applyHostRules<GotOptions extends HostRulesGotOptions>(
   const options: GotOptions = { ...inOptions };
   const foundRules = findMatchingRules(options, url);
   const { username, password, token, enabled, authType } = foundRules;
+  const host = parseUrl(url)?.host;
   if (options.noAuth) {
     logger.trace({ url }, `Authorization disabled`);
   } else if (
     is.nonEmptyString(options.headers?.authorization) ||
     is.nonEmptyString(options.password) ||
     is.nonEmptyString(options.token)
   ) {
+    logger.once.debug(`hostRules: authentication already set for ${host}`);
     logger.trace({ url }, `Authorization already set`);
   } else if (password !== undefined) {
+    logger.once.debug(`hostRules: applying Basic authentication for ${host}`);
     logger.trace({ url }, `Applying Basic authentication`);
     options.username = username;
     options.password = password;
   } else if (token) {
+    logger.once.debug(`hostRules: applying Bearer authentication for ${host}`);
     logger.trace({ url }, `Applying Bearer authentication`);
     options.token = token;
     options.context = { ...options.context, authType };
   } else if (enabled === false) {
     options.enabled = false;
+  } else {
+    logger.once.debug(`hostRules: no authentication for ${host}`);
   }
   // Apply optional params
   if (foundRules.abortOnError) {