Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

use request ID logger where possible #209

Merged
merged 2 commits into from
Oct 22, 2021
Merged

use request ID logger where possible #209

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
bb9a7a5
use request ID logger where possible
bobcallaway Oct 21, 2021
1f17329
swap last statement to use context logger
bobcallaway Oct 22, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
11 changes: 6 additions & 5 deletions pkg/api/ca.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ import (

func SigningCertHandler(params operations.SigningCertParams, principal *oidc.IDToken) middleware.Responder {
ctx := params.HTTPRequest.Context()
logger := log.ContextLogger(ctx)

// none of the following cases should happen if the authentication path is working correctly; checking to be defensive
if principal == nil {
Expand All @@ -61,7 +62,7 @@ func SigningCertHandler(params operations.SigningCertParams, principal *oidc.IDT
case "googleca":
PemCertificate, PemCertificateChain, err = GoogleCASigningCertHandler(ctx, subj, publicKeyPEM)
case "pkcs11ca":
PemCertificate, PemCertificateChain, err = Pkcs11CASigningCertHandler(subj, publicKey)
PemCertificate, PemCertificateChain, err = Pkcs11CASigningCertHandler(ctx, subj, publicKey)
default:
return handleFulcioAPIError(params, http.StatusInternalServerError, err, genericCAError)
}
Expand All @@ -70,7 +71,7 @@ func SigningCertHandler(params operations.SigningCertParams, principal *oidc.IDT
}

// Submit to CTL
log.Logger.Info("Submitting CTL inclusion for OIDC grant: ", subj.Value)
logger.Info("Submitting CTL inclusion for OIDC grant: ", subj.Value)
var sctBytes []byte
ctURL := viper.GetString("ct-log-url")
if ctURL != "" {
Expand All @@ -83,10 +84,10 @@ func SigningCertHandler(params operations.SigningCertParams, principal *oidc.IDT
if err != nil {
return handleFulcioAPIError(params, http.StatusInternalServerError, err, failedToMarshalSCT)
}
log.Logger.Info("CTL Submission Signature Received: ", sct.Signature)
log.Logger.Info("CTL Submission ID Received: ", sct.ID)
logger.Info("CTL Submission Signature Received: ", sct.Signature)
logger.Info("CTL Submission ID Received: ", sct.ID)
} else {
log.Logger.Info("Skipping CT log upload.")
logger.Info("Skipping CT log upload.")
}

metricNewEntries.Inc()
Expand Down
3 changes: 2 additions & 1 deletion pkg/api/googleca_signing_cert.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ import (
)

func GoogleCASigningCertHandler(ctx context.Context, subj *challenges.ChallengeResult, publicKey []byte) (string, []string, error) {
logger := log.ContextLogger(ctx)

parent := viper.GetString("gcp_private_ca_parent")

Expand All @@ -42,7 +43,7 @@ func GoogleCASigningCertHandler(ctx context.Context, subj *challenges.ChallengeR
privca = googleca.GithubWorkflowSubject(subj.Value)
}
req := googleca.Req(parent, privca, publicKey)
log.Logger.Infof("requesting cert from %s for %v", parent, Subject)
logger.Infof("requesting cert from %s for %v", parent, Subject)

resp, err := googleca.Client().CreateCertificate(ctx, req)
if err != nil {
Expand Down
6 changes: 4 additions & 2 deletions pkg/api/pkcs11ca_signing_cert.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
package api

import (
"context"
"crypto/x509"
"encoding/pem"
"os"
Expand All @@ -28,7 +29,8 @@ import (
"github.com/spf13/viper"
)

func Pkcs11CASigningCertHandler(subj *challenges.ChallengeResult, publicKey []byte) (string, []string, error) {
func Pkcs11CASigningCertHandler(ctx context.Context, subj *challenges.ChallengeResult, publicKey []byte) (string, []string, error) {
logger := log.ContextLogger(ctx)

p11Ctx, err := pkcs11.InitHSMCtx()
if err != nil {
Expand All @@ -53,7 +55,7 @@ func Pkcs11CASigningCertHandler(subj *challenges.ChallengeResult, publicKey []by
}
block, _ := pem.Decode(pubPEMData)
if block == nil || block.Type != "CERTIFICATE" {
log.Logger.Fatal("failed to decode PEM block containing certificate")
logger.Fatal("failed to decode PEM block containing certificate")
}
rootCA, err = x509.ParseCertificate(block.Bytes)
if err != nil {
Expand Down
8 changes: 6 additions & 2 deletions pkg/log/log.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,9 +69,13 @@ func WithRequestID(ctx context.Context, id string) context.Context {
}

func RequestIDLogger(r *http.Request) *zap.SugaredLogger {
return ContextLogger(r.Context())
}

func ContextLogger(ctx context.Context) *zap.SugaredLogger {
proposedLogger := Logger
if r != nil {
if ctxRequestID, ok := r.Context().Value(middleware.RequestIDKey).(string); ok {
if ctx != nil {
if ctxRequestID, ok := ctx.Value(middleware.RequestIDKey).(string); ok {
proposedLogger = proposedLogger.With(zap.String("requestID", ctxRequestID))
}
}
Expand Down