Use controller-runtime structured logging
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
This commit is contained in:
Stefan Prodan
parent
099193c708
commit
78fa2d103a
|
|
@ -106,16 +106,17 @@ func (s *EventServer) handleEvent() func(w http.ResponseWriter, r *http.Request)
|
||||||
|
|
||||||
if len(alerts) == 0 {
|
if len(alerts) == 0 {
|
||||||
s.logger.Info("Discarding event, no alerts found for the involved object",
|
s.logger.Info("Discarding event, no alerts found for the involved object",
|
||||||
"object", event.InvolvedObject.Namespace+"/"+event.InvolvedObject.Name,
|
"reconciler kind", event.InvolvedObject.Kind,
|
||||||
"kind", event.InvolvedObject.Kind)
|
"name", event.InvolvedObject.Name,
|
||||||
|
"namespace", event.InvolvedObject.Namespace)
|
||||||
w.WriteHeader(http.StatusAccepted)
|
w.WriteHeader(http.StatusAccepted)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
s.logger.Info("Dispatching event",
|
s.logger.Info(fmt.Sprintf("Dispatching event: %s", event.Message),
|
||||||
"object", event.InvolvedObject.Namespace+"/"+event.InvolvedObject.Name,
|
"reconciler kind", event.InvolvedObject.Kind,
|
||||||
"kind", event.InvolvedObject.Kind,
|
"name", event.InvolvedObject.Name,
|
||||||
"message", event.Message)
|
"namespace", event.InvolvedObject.Namespace)
|
||||||
|
|
||||||
// dispatch notifications
|
// dispatch notifications
|
||||||
for _, alert := range alerts {
|
for _, alert := range alerts {
|
||||||
|
|
@ -125,7 +126,9 @@ func (s *EventServer) handleEvent() func(w http.ResponseWriter, r *http.Request)
|
||||||
err = s.kubeClient.Get(ctx, providerName, &provider)
|
err = s.kubeClient.Get(ctx, providerName, &provider)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
s.logger.Error(err, "failed to read provider",
|
s.logger.Error(err, "failed to read provider",
|
||||||
"provider", providerName)
|
"reconciler kind", v1beta1.ProviderKind,
|
||||||
|
"name", providerName.Name,
|
||||||
|
"namespace", providerName.Namespace)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -138,8 +141,9 @@ func (s *EventServer) handleEvent() func(w http.ResponseWriter, r *http.Request)
|
||||||
err = s.kubeClient.Get(ctx, secretName, &secret)
|
err = s.kubeClient.Get(ctx, secretName, &secret)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
s.logger.Error(err, "failed to read secret",
|
s.logger.Error(err, "failed to read secret",
|
||||||
"provider", providerName,
|
"reconciler kind", v1beta1.ProviderKind,
|
||||||
"secret", secretName.Name)
|
"name", providerName.Name,
|
||||||
|
"namespace", providerName.Namespace)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -154,7 +158,9 @@ func (s *EventServer) handleEvent() func(w http.ResponseWriter, r *http.Request)
|
||||||
|
|
||||||
if webhook == "" {
|
if webhook == "" {
|
||||||
s.logger.Error(nil, "provider has no address",
|
s.logger.Error(nil, "provider has no address",
|
||||||
"provider", providerName)
|
"reconciler kind", v1beta1.ProviderKind,
|
||||||
|
"name", providerName.Name,
|
||||||
|
"namespace", providerName.Namespace)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -162,8 +168,9 @@ func (s *EventServer) handleEvent() func(w http.ResponseWriter, r *http.Request)
|
||||||
sender, err := factory.Notifier(provider.Spec.Type)
|
sender, err := factory.Notifier(provider.Spec.Type)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
s.logger.Error(err, "failed to initialise provider",
|
s.logger.Error(err, "failed to initialise provider",
|
||||||
"provider", providerName,
|
"reconciler kind", v1beta1.ProviderKind,
|
||||||
"type", provider.Spec.Type)
|
"name", providerName.Name,
|
||||||
|
"namespace", providerName.Namespace)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -181,8 +188,9 @@ func (s *EventServer) handleEvent() func(w http.ResponseWriter, r *http.Request)
|
||||||
go func(n notifier.Interface, e recorder.Event) {
|
go func(n notifier.Interface, e recorder.Event) {
|
||||||
if err := n.Post(e); err != nil {
|
if err := n.Post(e); err != nil {
|
||||||
s.logger.Error(err, "failed to send notification",
|
s.logger.Error(err, "failed to send notification",
|
||||||
"object", e.InvolvedObject.Namespace+"/"+e.InvolvedObject.Name,
|
"reconciler kind", event.InvolvedObject.Kind,
|
||||||
"kind", e.InvolvedObject.Kind)
|
"name", event.InvolvedObject.Name,
|
||||||
|
"namespace", event.InvolvedObject.Namespace)
|
||||||
}
|
}
|
||||||
}(sender, notification)
|
}(sender, notification)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -48,7 +48,7 @@ func (s *ReceiverServer) handlePayload() func(w http.ResponseWriter, r *http.Req
|
||||||
ctx := context.Background()
|
ctx := context.Background()
|
||||||
digest := url.PathEscape(strings.TrimLeft(r.RequestURI, "/hook/"))
|
digest := url.PathEscape(strings.TrimLeft(r.RequestURI, "/hook/"))
|
||||||
|
|
||||||
s.logger.Info("handling request", "digest", digest)
|
s.logger.Info(fmt.Sprintf("handling request: %s", digest))
|
||||||
|
|
||||||
var allReceivers v1beta1.ReceiverList
|
var allReceivers v1beta1.ReceiverList
|
||||||
err := s.kubeClient.List(ctx, &allReceivers)
|
err := s.kubeClient.List(ctx, &allReceivers)
|
||||||
|
|
@ -74,22 +74,25 @@ func (s *ReceiverServer) handlePayload() func(w http.ResponseWriter, r *http.Req
|
||||||
|
|
||||||
withErrors := false
|
withErrors := false
|
||||||
for _, receiver := range receivers {
|
for _, receiver := range receivers {
|
||||||
|
logger := s.logger.WithValues(
|
||||||
|
"reconciler kind", v1beta1.ReceiverKind,
|
||||||
|
"name", receiver.Name,
|
||||||
|
"namespace", receiver.Namespace)
|
||||||
|
|
||||||
if err := s.validate(ctx, receiver, r); err != nil {
|
if err := s.validate(ctx, receiver, r); err != nil {
|
||||||
s.logger.Error(err, "unable to validate payload",
|
logger.Error(err, "unable to validate payload")
|
||||||
"receiver", receiver.Name)
|
|
||||||
withErrors = true
|
withErrors = true
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
s.logger.Info("found matching receiver", "receiver", receiver.Name)
|
|
||||||
for _, resource := range receiver.Spec.Resources {
|
for _, resource := range receiver.Spec.Resources {
|
||||||
if err := s.annotate(ctx, resource, receiver.Namespace); err != nil {
|
if err := s.annotate(ctx, resource, receiver.Namespace); err != nil {
|
||||||
s.logger.Error(err, "unable to annotate resource",
|
logger.Error(err, fmt.Sprintf("unable to annotate resource '%s/%s.%s'",
|
||||||
"receiver", receiver.Name)
|
resource.Kind, resource.Name, resource.Namespace))
|
||||||
withErrors = true
|
withErrors = true
|
||||||
} else {
|
} else {
|
||||||
s.logger.Info("resource annotated", "receiver", receiver.Name,
|
logger.Info(fmt.Sprintf("resource '%s/%s.%s' annotated",
|
||||||
"resource", resource.Name)
|
resource.Kind, resource.Name, resource.Namespace))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -108,6 +111,11 @@ func (s *ReceiverServer) validate(ctx context.Context, receiver v1beta1.Receiver
|
||||||
return fmt.Errorf("unable to read token, error: %w", err)
|
return fmt.Errorf("unable to read token, error: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
logger := s.logger.WithValues(
|
||||||
|
"reconciler kind", v1beta1.ReceiverKind,
|
||||||
|
"name", receiver.Name,
|
||||||
|
"namespace", receiver.Namespace)
|
||||||
|
|
||||||
switch receiver.Spec.Type {
|
switch receiver.Spec.Type {
|
||||||
case v1beta1.GenericReceiver:
|
case v1beta1.GenericReceiver:
|
||||||
return nil
|
return nil
|
||||||
|
|
@ -119,12 +127,8 @@ func (s *ReceiverServer) validate(ctx context.Context, receiver v1beta1.Receiver
|
||||||
|
|
||||||
err = github.ValidateSignature(r.Header.Get("X-Signature"), b, []byte(token))
|
err = github.ValidateSignature(r.Header.Get("X-Signature"), b, []byte(token))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("unable to validate signature: %s", err)
|
return fmt.Errorf("unable to validate HMAC signature: %s", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
s.logger.Info(
|
|
||||||
"handling event from generic-hmac wehbook",
|
|
||||||
"receiver", receiver.Name)
|
|
||||||
return nil
|
return nil
|
||||||
case v1beta1.GitHubReceiver:
|
case v1beta1.GitHubReceiver:
|
||||||
payload, err := github.ValidatePayload(r, []byte(token))
|
payload, err := github.ValidatePayload(r, []byte(token))
|
||||||
|
|
@ -137,7 +141,6 @@ func (s *ReceiverServer) validate(ctx context.Context, receiver v1beta1.Receiver
|
||||||
}
|
}
|
||||||
|
|
||||||
event := github.WebHookType(r)
|
event := github.WebHookType(r)
|
||||||
|
|
||||||
if len(receiver.Spec.Events) > 0 {
|
if len(receiver.Spec.Events) > 0 {
|
||||||
allowed := false
|
allowed := false
|
||||||
for _, e := range receiver.Spec.Events {
|
for _, e := range receiver.Spec.Events {
|
||||||
|
|
@ -151,7 +154,7 @@ func (s *ReceiverServer) validate(ctx context.Context, receiver v1beta1.Receiver
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
s.logger.Info("handling GitHub event: "+event, "receiver", receiver.Name)
|
logger.Info(fmt.Sprintf("handling GitHub event: %s", event))
|
||||||
return nil
|
return nil
|
||||||
case v1beta1.GitLabReceiver:
|
case v1beta1.GitLabReceiver:
|
||||||
if r.Header.Get("X-Gitlab-Token") != token {
|
if r.Header.Get("X-Gitlab-Token") != token {
|
||||||
|
|
@ -172,7 +175,7 @@ func (s *ReceiverServer) validate(ctx context.Context, receiver v1beta1.Receiver
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
s.logger.Info("handling GitLab event: "+event, "receiver", receiver.Name)
|
logger.Info(fmt.Sprintf("handling GitLab event: %s", event))
|
||||||
return nil
|
return nil
|
||||||
case v1beta1.BitbucketReceiver:
|
case v1beta1.BitbucketReceiver:
|
||||||
_, err := github.ValidatePayload(r, []byte(token))
|
_, err := github.ValidatePayload(r, []byte(token))
|
||||||
|
|
@ -181,7 +184,6 @@ func (s *ReceiverServer) validate(ctx context.Context, receiver v1beta1.Receiver
|
||||||
}
|
}
|
||||||
|
|
||||||
event := r.Header.Get("X-Event-Key")
|
event := r.Header.Get("X-Event-Key")
|
||||||
|
|
||||||
if len(receiver.Spec.Events) > 0 {
|
if len(receiver.Spec.Events) > 0 {
|
||||||
allowed := false
|
allowed := false
|
||||||
for _, e := range receiver.Spec.Events {
|
for _, e := range receiver.Spec.Events {
|
||||||
|
|
@ -195,7 +197,7 @@ func (s *ReceiverServer) validate(ctx context.Context, receiver v1beta1.Receiver
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
s.logger.Info("handling Bitbucket server event: "+event, "receiver", receiver.Name)
|
logger.Info(fmt.Sprintf("handling Bitbucket server event: %s", event))
|
||||||
return nil
|
return nil
|
||||||
case v1beta1.QuayReceiver:
|
case v1beta1.QuayReceiver:
|
||||||
type payload struct {
|
type payload struct {
|
||||||
|
|
@ -208,16 +210,14 @@ func (s *ReceiverServer) validate(ctx context.Context, receiver v1beta1.Receiver
|
||||||
return fmt.Errorf("cannot decode Quay webhook payload")
|
return fmt.Errorf("cannot decode Quay webhook payload")
|
||||||
}
|
}
|
||||||
|
|
||||||
s.logger.Info(
|
logger.Info(fmt.Sprintf("handling Quay event from %s", p.DockerUrl))
|
||||||
fmt.Sprintf("handling event from %s", p.DockerUrl),
|
|
||||||
"receiver", receiver.Name)
|
|
||||||
return nil
|
return nil
|
||||||
case v1beta1.HarborReceiver:
|
case v1beta1.HarborReceiver:
|
||||||
if r.Header.Get("Authorization") != token {
|
if r.Header.Get("Authorization") != token {
|
||||||
return fmt.Errorf("the Harbor Authorization header value does not match the receiver token")
|
return fmt.Errorf("the Harbor Authorization header value does not match the receiver token")
|
||||||
}
|
}
|
||||||
|
|
||||||
s.logger.Info("handling Harbor event", "receiver", receiver.Name)
|
logger.Info("handling Harbor event")
|
||||||
return nil
|
return nil
|
||||||
case v1beta1.DockerHubReceiver:
|
case v1beta1.DockerHubReceiver:
|
||||||
type payload struct {
|
type payload struct {
|
||||||
|
|
@ -233,9 +233,7 @@ func (s *ReceiverServer) validate(ctx context.Context, receiver v1beta1.Receiver
|
||||||
return fmt.Errorf("cannot decode DockerHub webhook payload")
|
return fmt.Errorf("cannot decode DockerHub webhook payload")
|
||||||
}
|
}
|
||||||
|
|
||||||
s.logger.Info(
|
logger.Info(fmt.Sprintf("handling DockerHub event from %s for tag %s", p.Repository.URL, p.PushData.Tag))
|
||||||
fmt.Sprintf("handling event from %s for tag %s", p.Repository.URL, p.PushData.Tag),
|
|
||||||
"receiver", receiver.Name)
|
|
||||||
return nil
|
return nil
|
||||||
case v1beta1.GCRReceiver:
|
case v1beta1.GCRReceiver:
|
||||||
const (
|
const (
|
||||||
|
|
@ -276,42 +274,32 @@ func (s *ReceiverServer) validate(ctx context.Context, receiver v1beta1.Receiver
|
||||||
return fmt.Errorf("cannot decode GCR webhook body")
|
return fmt.Errorf("cannot decode GCR webhook body")
|
||||||
}
|
}
|
||||||
|
|
||||||
if strings.ToLower(d.Action) != insert {
|
logger.Info(fmt.Sprintf("handling GCR event from %s for tag %s", d.Digest, d.Tag))
|
||||||
s.logger.Info("action is not an insert, moving on")
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
s.logger.Info(
|
|
||||||
fmt.Sprintf("handling event from %s for tag %s", d.Digest, d.Tag),
|
|
||||||
"receiver", receiver.Name)
|
|
||||||
return nil
|
return nil
|
||||||
case v1beta1.NexusReceiver:
|
case v1beta1.NexusReceiver:
|
||||||
signature := r.Header.Get("X-Nexus-Webhook-Signature")
|
signature := r.Header.Get("X-Nexus-Webhook-Signature")
|
||||||
if len(signature) == 0 {
|
if len(signature) == 0 {
|
||||||
return fmt.Errorf("Signature is missing from header")
|
return fmt.Errorf("Nexus signature is missing from header")
|
||||||
}
|
}
|
||||||
|
|
||||||
b, err := ioutil.ReadAll(r.Body)
|
b, err := ioutil.ReadAll(r.Body)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("cannot read payload. error: %s", err)
|
return fmt.Errorf("cannot read Nexus payload. error: %s", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
if !verifyHmacSignature([]byte(token), signature, b) {
|
if !verifyHmacSignature([]byte(token), signature, b) {
|
||||||
return fmt.Errorf("invalid nexus signature")
|
return fmt.Errorf("invalid Nexus signature")
|
||||||
}
|
}
|
||||||
type payload struct {
|
type payload struct {
|
||||||
Action string `json:"action"`
|
Action string `json:"action"`
|
||||||
RepositoryName string `json:"repositoryName"`
|
RepositoryName string `json:"repositoryName"`
|
||||||
}
|
}
|
||||||
var p payload
|
var p payload
|
||||||
|
|
||||||
if err := json.Unmarshal(b, &p); err != nil {
|
if err := json.Unmarshal(b, &p); err != nil {
|
||||||
return fmt.Errorf("cannot decode Nexus webhook payload: %s", err)
|
return fmt.Errorf("cannot decode Nexus webhook payload: %s", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
s.logger.Info(
|
logger.Info(fmt.Sprintf("handling Nexus event from %s", p.RepositoryName))
|
||||||
fmt.Sprintf("handling event from %s", p.RepositoryName),
|
|
||||||
"receiver", receiver.Name)
|
|
||||||
return nil
|
return nil
|
||||||
case v1beta1.ACRReceiver:
|
case v1beta1.ACRReceiver:
|
||||||
type target struct {
|
type target struct {
|
||||||
|
|
@ -329,9 +317,7 @@ func (s *ReceiverServer) validate(ctx context.Context, receiver v1beta1.Receiver
|
||||||
return fmt.Errorf("cannot decode ACR webhook payload: %s", err)
|
return fmt.Errorf("cannot decode ACR webhook payload: %s", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
s.logger.Info(
|
logger.Info(fmt.Sprintf("handling ACR event from %s for tag %s", p.Target.Repository, p.Target.Tag))
|
||||||
fmt.Sprintf("handling event from %s for tag %s", p.Target.Repository, p.Target.Tag),
|
|
||||||
"receiver", receiver.Name)
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue