-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: implementing klog structured logging #79
base: main
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -17,6 +17,7 @@ limitations under the License. | |
package main | ||
|
||
import ( | ||
"context" | ||
"flag" | ||
"os" | ||
"strings" | ||
|
@@ -28,12 +29,12 @@ import ( | |
"k8s.io/client-go/kubernetes" | ||
clientgoscheme "k8s.io/client-go/kubernetes/scheme" | ||
"k8s.io/client-go/tools/record" | ||
"k8s.io/klog/v2" | ||
"monis.app/mlog" | ||
ctrl "sigs.k8s.io/controller-runtime" | ||
"sigs.k8s.io/controller-runtime/pkg/healthz" | ||
"sigs.k8s.io/controller-runtime/pkg/log/zap" | ||
"sigs.k8s.io/controller-runtime/pkg/metrics/server" | ||
secretsstorecsiv1 "sigs.k8s.io/secrets-store-csi-driver/apis/v1" | ||
|
||
secretsyncv1alpha1 "sigs.k8s.io/secrets-store-sync-controller/api/v1alpha1" | ||
"sigs.k8s.io/secrets-store-sync-controller/internal/controller" | ||
"sigs.k8s.io/secrets-store-sync-controller/pkg/k8s" | ||
|
@@ -44,7 +45,6 @@ import ( | |
|
||
var ( | ||
scheme = runtime.NewScheme() | ||
setupLog = ctrl.Log.WithName("setup") | ||
metricsAddr = flag.String("metrics-bind-address", ":8085", "The address the metric endpoint binds to.") | ||
enableLeaderElection = flag.Bool("leader-elect", false, "Enable leader election for controller manager. "+"Enabling this will ensure there is only one active controller manager.") | ||
probeAddr = flag.String("health-probe-bind-address", ":8081", "The address the probe endpoint binds to.") | ||
|
@@ -64,18 +64,24 @@ func init() { | |
} | ||
|
||
func runMain() error { | ||
opts := zap.Options{ | ||
Development: true, | ||
} | ||
opts.BindFlags(flag.CommandLine) | ||
klog.InitFlags(nil) | ||
flag.Parse() | ||
|
||
ctrl.SetLogger(zap.New(zap.UseFlagOptions(&opts))) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. all |
||
defer mlog.Setup()() | ||
mlogLevel := convertKlogLevelToMlogLevel(getKlogLevel()) | ||
ctx := withShutdownSignal(context.Background()) | ||
err := mlog.ValidateAndSetLogLevelAndFormatGlobally(ctx, mlog.LogSpec{ | ||
Format: mlog.FormatJSON, | ||
Level: mlogLevel, | ||
}) | ||
if err != nil { | ||
klog.ErrorS(err, "failed to validate log level") | ||
return err | ||
} | ||
|
||
if *versionInfo { | ||
versionErr := version.PrintVersion() | ||
if versionErr != nil { | ||
setupLog.Error(versionErr, "failed to print version") | ||
klog.ErrorS(versionErr, "Failed to print version") | ||
return versionErr | ||
} | ||
return nil | ||
|
@@ -93,7 +99,7 @@ func runMain() error { | |
LeaderElectionID: "29f1d54e.secret-sync.x-k8s.io", | ||
}) | ||
if err != nil { | ||
setupLog.Error(err, "unable to start manager") | ||
klog.ErrorS(err, "Unable to start manager") | ||
return err | ||
} | ||
|
||
|
@@ -123,23 +129,23 @@ func runMain() error { | |
Audiences: audiences, | ||
EventRecorder: record.NewBroadcaster().NewRecorder(scheme, corev1.EventSource{Component: "secret-sync-controller"}), | ||
}).SetupWithManager(mgr); err != nil { | ||
setupLog.Error(err, "unable to create controller", "controller", "SecretSync") | ||
klog.ErrorS(err, "Unable to create controller", "controller", "SecretSync") | ||
return err | ||
} | ||
//+kubebuilder:scaffold:builder | ||
|
||
if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil { | ||
setupLog.Error(err, "unable to set up health check") | ||
klog.ErrorS(err, "Unable to set up health check") | ||
return err | ||
} | ||
if err := mgr.AddReadyzCheck("readyz", healthz.Ping); err != nil { | ||
setupLog.Error(err, "unable to set up ready check") | ||
klog.ErrorS(err, "Unable to set up ready check") | ||
return err | ||
} | ||
|
||
setupLog.Info("starting manager") | ||
klog.InfoS("Starting manager") | ||
if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil { | ||
setupLog.Error(err, "problem running manager") | ||
klog.ErrorS(err, "Problem running manager") | ||
return err | ||
} | ||
|
||
|
@@ -153,3 +159,36 @@ func main() { | |
|
||
os.Exit(0) | ||
} | ||
|
||
// hack around klog not exposing a Get method | ||
func getKlogLevel() klog.Level { | ||
// hack around klog not exposing a Get method | ||
for i := klog.Level(0); i < 1_000_000; i++ { | ||
if klog.V(i).Enabled() { | ||
continue | ||
} | ||
return i - 1 | ||
} | ||
return -1 | ||
} | ||
|
||
func convertKlogLevelToMlogLevel(klogLevel klog.Level) mlog.LogLevel { | ||
switch { | ||
case klogLevel >= 0 && klogLevel < 2: | ||
return mlog.LevelWarning | ||
case klogLevel >= 2 && klogLevel < 4: | ||
return mlog.LevelInfo | ||
case klogLevel >= 4 && klogLevel < 6: | ||
return mlog.LevelDebug | ||
default: | ||
return mlog.LevelAll | ||
} | ||
} | ||
|
||
// withShutdownSignal returns a copy of the parent context that will close if | ||
// the process receives termination signals. | ||
func withShutdownSignal(ctx context.Context) context.Context { | ||
nctx, cancel := context.WithCancel(ctx) | ||
defer cancel() | ||
return nctx | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -28,6 +28,8 @@ import ( | |
"strings" | ||
"time" | ||
|
||
"k8s.io/klog/v2" | ||
|
||
"golang.org/x/crypto/pbkdf2" | ||
corev1 "k8s.io/api/core/v1" | ||
"k8s.io/apimachinery/pkg/api/meta" | ||
|
@@ -39,7 +41,6 @@ import ( | |
ctrl "sigs.k8s.io/controller-runtime" | ||
"sigs.k8s.io/controller-runtime/pkg/client" | ||
"sigs.k8s.io/controller-runtime/pkg/event" | ||
"sigs.k8s.io/controller-runtime/pkg/log" | ||
"sigs.k8s.io/controller-runtime/pkg/predicate" | ||
|
||
secretsstorecsiv1 "sigs.k8s.io/secrets-store-csi-driver/apis/v1" | ||
|
@@ -107,13 +108,12 @@ type SecretSyncReconciler struct { | |
//+kubebuilder:rbac:groups=secrets-store.csi.x-k8s.io,resources=secretproviderclasses,verbs=get;list;watch | ||
|
||
func (r *SecretSyncReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { | ||
logger := log.FromContext(ctx) | ||
logger.Info("Reconciling SecretSync", "namespace=", req.NamespacedName.String()) | ||
klog.V(4).InfoS("Reconciling SecretSync", "namespace", req.Namespace, "name", req.Name) | ||
|
||
// get the secret sync object | ||
ss := &secretsyncv1alpha1.SecretSync{} | ||
if err := r.Get(ctx, req.NamespacedName, ss); err != nil { | ||
logger.Error(err, "unable to fetch SecretSync") | ||
klog.ErrorS(err, "Unable to fetch SecretSync") | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. keep all log strings to start with lower case There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Are you sure? according to this: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/logging.md#message-style-guidelines we should start with a capital letter |
||
return ctrl.Result{}, err | ||
} | ||
|
||
|
@@ -130,7 +130,7 @@ func (r *SecretSyncReconciler) Reconcile(ctx context.Context, req ctrl.Request) | |
secretName := strings.TrimSpace(ss.Name) | ||
secretObj := ss.Spec.SecretObject | ||
if err := secretutil.ValidateSecretObject(secretName, secretObj); err != nil { | ||
logger.Error(err, "failed to validate secret object", "secretName", secretName) | ||
klog.ErrorS(err, "Failed to validate secret object", "secretName", secretName) | ||
r.updateStatusConditions(ctx, ss, ConditionTypeUnknown, conditionType, ConditionReasonUserInputValidationFailed, true) | ||
return ctrl.Result{}, err | ||
} | ||
|
@@ -143,7 +143,7 @@ func (r *SecretSyncReconciler) Reconcile(ctx context.Context, req ctrl.Request) | |
// get the service account token | ||
serviceAccountTokenAttrs, err := r.TokenClient.SecretProviderServiceAccountTokenAttrs(ss.Namespace, ss.Spec.ServiceAccountName, r.Audiences) | ||
if err != nil { | ||
logger.Error(err, "failed to get service account token", "name", ss.Spec.ServiceAccountName) | ||
klog.ErrorS(err, "Failed to get service account token", "name", ss.Spec.ServiceAccountName) | ||
|
||
conditionReason := ConditionReasonSecretPatchFailedUnknownError | ||
if checkIfErrorMessageCanBeDisplayed(err.Error()) { | ||
|
@@ -158,7 +158,7 @@ func (r *SecretSyncReconciler) Reconcile(ctx context.Context, req ctrl.Request) | |
// get the secret provider class object | ||
spc := &secretsstorecsiv1.SecretProviderClass{} | ||
if err := r.Get(ctx, client.ObjectKey{Name: ss.Spec.SecretProviderClassName, Namespace: req.Namespace}, spc); err != nil { | ||
logger.Error(err, "failed to get secret provider class", "name", ss.Spec.SecretProviderClassName) | ||
klog.ErrorS(err, "Failed to get secret provider class", "name", ss.Spec.SecretProviderClassName) | ||
r.updateStatusConditions(ctx, ss, ConditionTypeUnknown, conditionType, ConditionReasonControllerSpcError, true) | ||
return ctrl.Result{}, err | ||
} | ||
|
@@ -180,15 +180,15 @@ func (r *SecretSyncReconciler) Reconcile(ctx context.Context, req ctrl.Request) | |
|
||
paramsJSON, err := json.Marshal(parameters) | ||
if err != nil { | ||
logger.Error(err, "failed to marshal parameters", "parameters", parameters) | ||
klog.ErrorS(err, "Failed to marshal parameters", "parameters", parameters) | ||
r.updateStatusConditions(ctx, ss, ConditionTypeUnknown, conditionType, ConditionReasonControllerInternalError, true) | ||
return ctrl.Result{}, err | ||
} | ||
|
||
providerName := string(spc.Spec.Provider) | ||
providerClient, err := r.ProviderClients.Get(ctx, providerName) | ||
if err != nil { | ||
logger.Error(err, "failed to get provider client", "provider", providerName) | ||
klog.ErrorS(err, "Failed to get provider client", "provider", providerName) | ||
r.updateStatusConditions(ctx, ss, ConditionTypeUnknown, conditionType, ConditionReasonControllerSpcError, true) | ||
return ctrl.Result{}, err | ||
} | ||
|
@@ -197,7 +197,7 @@ func (r *SecretSyncReconciler) Reconcile(ctx context.Context, req ctrl.Request) | |
var secretsJSON []byte | ||
secretsJSON, err = json.Marshal(secretRefData) | ||
if err != nil { | ||
logger.Error(err, "failed to marshal secret") | ||
klog.ErrorS(err, "Failed to marshal secret") | ||
r.updateStatusConditions(ctx, ss, ConditionTypeUnknown, conditionType, ConditionReasonControllerInternalError, true) | ||
return ctrl.Result{}, err | ||
} | ||
|
@@ -206,23 +206,23 @@ func (r *SecretSyncReconciler) Reconcile(ctx context.Context, req ctrl.Request) | |
|
||
objectVersions, files, err := provider.MountContent(ctx, providerClient, string(paramsJSON), string(secretsJSON), oldObjectVersions) | ||
if err != nil { | ||
logger.Error(err, "failed to get secrets from provider", "provider", providerName) | ||
klog.ErrorS(err, "Failed to get secrets from provider", "provider", providerName) | ||
r.updateStatusConditions(ctx, ss, ConditionTypeUnknown, conditionType, ConditionReasonFailedProviderError, true) | ||
return ctrl.Result{}, err | ||
} | ||
|
||
secretType := secretutil.GetSecretType(strings.TrimSpace(secretObj.Type)) | ||
var datamap map[string][]byte | ||
if datamap, err = secretutil.GetSecretData(secretObj.Data, secretType, files); err != nil { | ||
logger.Error(err, "failed to get secret data", "secretName", secretName) | ||
klog.ErrorS(err, "Failed to get secret data", "secretName", secretName) | ||
r.updateStatusConditions(ctx, ss, ConditionTypeUnknown, conditionType, ConditionReasonUserInputValidationFailed, true) | ||
return ctrl.Result{}, err | ||
} | ||
|
||
// Compute the hash of the secret | ||
syncHash, err := r.computeSecretDataObjectHash(datamap, spc, ss) | ||
if err != nil { | ||
logger.Error(err, "failed to compute secret data object hash", "secretName", secretName) | ||
klog.ErrorS(err, "Failed to compute secret data object hash", "secretName", secretName) | ||
return ctrl.Result{}, err | ||
} | ||
|
||
|
@@ -263,7 +263,7 @@ func (r *SecretSyncReconciler) Reconcile(ctx context.Context, req ctrl.Request) | |
|
||
// Attempt to create or update the secret. | ||
if err = r.serverSidePatchSecret(ctx, ss, secretName, req.Namespace, datamap, objectVersions, labels, annotations, secretType); err != nil { | ||
logger.Error(err, "failed to patch secret", "secretName", secretName) | ||
klog.ErrorS(err, "Failed to patch secret", "secretName", secretName) | ||
|
||
// Rollback to the previous hash and the previous last successful sync time. | ||
ss.Status.SyncHash = prevSecretHash | ||
|
@@ -296,7 +296,7 @@ func (r *SecretSyncReconciler) Reconcile(ctx context.Context, req ctrl.Request) | |
return ctrl.Result{}, err | ||
} | ||
|
||
logger.V(4).Info("Done... updated status", "syncHash", syncHash, "lastSuccessfulSyncTime", ss.Status.LastSuccessfulSyncTime) | ||
klog.V(4).InfoS("Status updated", "syncHash", syncHash, "lastSuccessfulSyncTime", ss.Status.LastSuccessfulSyncTime) | ||
return ctrl.Result{}, nil | ||
} | ||
|
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -32,7 +32,7 @@ const prometheusExporter = "prometheus" | |
|
||
func InitMetricsExporter() error { | ||
mb := strings.ToLower(*metricsBackend) | ||
klog.InfoS("initializing metrics backend", "backend", mb) | ||
klog.InfoS("Initializing metrics backend", "backend", mb) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. lower case |
||
switch mb { | ||
// Prometheus is the only supported exporter | ||
case prometheusExporter: | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
wire up
mlog
here too. Ref - https://github.com/kubernetes-sigs/secrets-store-csi-driver/blob/981b21afa7f331860252f7b061cebe6e52eb22d3/cmd/secrets-store-csi-driver/main.go#L96-L104