Merge branch 'master' into firewall-precedence

metal-stack · Jan 23, 2024 · e53049d · e53049d
2 parents a645b19 + 6dcda0d
commit e53049d
Show file tree

Hide file tree

Showing 16 changed files with 70 additions and 79 deletions.
diff --git a/go.mod b/go.mod
@@ -10,7 +10,6 @@ require (
 	github.com/metal-stack/metal-lib v0.14.3
 	github.com/metal-stack/v v1.0.3
 	github.com/stretchr/testify v1.8.4
-	go.uber.org/zap v1.26.0
 	gopkg.in/yaml.v3 v3.0.1
 )
 
@@ -34,6 +33,5 @@ require (
 	github.com/oklog/ulid v1.3.1 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	go.mongodb.org/mongo-driver v1.13.1 // indirect
-	go.uber.org/multierr v1.11.0 // indirect
 	golang.org/x/sys v0.16.0 // indirect
 )
diff --git a/go.sum b/go.sum
@@ -67,12 +67,6 @@ github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7Jul
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 go.mongodb.org/mongo-driver v1.13.1 h1:YIc7HTYsKndGK4RFzJ3covLz1byri52x0IoMB0Pt/vk=
 go.mongodb.org/mongo-driver v1.13.1/go.mod h1:wcDf1JBCXy2mOW0bWHwO/IOYqdca1MPCwDtFu/Z9+eo=
-go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A=
-go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4=
-go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
-go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
-go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo=
-go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=

diff --git a/pkg/netconf/chrony.go b/pkg/netconf/chrony.go
@@ -2,15 +2,15 @@ package netconf
 
 import (
 	"fmt"
+	"log/slog"
 
 	"github.com/metal-stack/metal-networker/pkg/exec"
-	"go.uber.org/zap"
 )
 
 // chronyServiceEnabler can enable chrony systemd service for the given VRF.
 type chronyServiceEnabler struct {
 	vrf string
-	log *zap.SugaredLogger
+	log *slog.Logger
 }
 
 // newChronyServiceEnabler constructs a new instance of this type.
@@ -25,7 +25,7 @@ func newChronyServiceEnabler(kb config) (chronyServiceEnabler, error) {
 // Enable enables chrony systemd service for the given VRF to be started after boot.
 func (c chronyServiceEnabler) Enable() error {
 	cmd := fmt.Sprintf("systemctl enable chrony@%s", c.vrf)
-	c.log.Infof("running '%s' to enable chrony.'", cmd)
+	c.log.Info("enable chrony", "command", cmd)
 
 	return exec.NewVerboseCmd("bash", "-c", cmd).Run()
 }

diff --git a/pkg/netconf/configurator.go b/pkg/netconf/configurator.go
@@ -2,12 +2,11 @@ package netconf
 
 import (
 	"fmt"
+	"log/slog"
 	"os"
 	"path"
 	"text/template"
 
-	"go.uber.org/zap"
-
 	"github.com/metal-stack/metal-networker/pkg/exec"
 	"github.com/metal-stack/metal-networker/pkg/net"
 )
@@ -110,11 +109,11 @@ func (fc firewallConfigurator) Configure(forwardPolicy ForwardPolicy) {
 
 	chrony, err := newChronyServiceEnabler(fc.c)
 	if err != nil {
-		fc.c.log.Warnf("failed to configure Chrony: %v", err)
+		fc.c.log.Warn("failed to configure chrony", "error", err)
 	} else {
 		err := chrony.Enable()
 		if err != nil {
-			fc.c.log.Errorf("enabling Chrony failed: %v", err)
+			fc.c.log.Error("enabling chrony failed", "error", err)
 		}
 	}
 
@@ -124,7 +123,7 @@ func (fc firewallConfigurator) Configure(forwardPolicy ForwardPolicy) {
 		nfe, err := u.constructApplier(fc.c, validatorService)
 
 		if err != nil {
-			fc.c.log.Warnf("failed to deploy %s service : %v", u.unit, err)
+			fc.c.log.Warn("failed to deploy", "unit", u.unit, "error", err)
 		}
 
 		applyAndCleanUp(fc.c.log, nfe, u.templateFile, src, path.Join(systemdUnitPath, u.unit), fileModeSystemd, false)
@@ -138,7 +137,7 @@ func (fc firewallConfigurator) Configure(forwardPolicy ForwardPolicy) {
 	applier, err := newSuricataDefaultsApplier(kb, src)
 
 	if err != nil {
-		fc.c.log.Warnf("failed to configure suricata defaults: %v", err)
+		fc.c.log.Warn("failed to configure suricata defaults", "error", err)
 	}
 
 	applyAndCleanUp(fc.c.log, applier, tplSuricataDefaults, src, "/etc/default/suricata", fileModeSixFourFour, false)
@@ -147,7 +146,7 @@ func (fc firewallConfigurator) Configure(forwardPolicy ForwardPolicy) {
 	applier, err = newSuricataConfigApplier(kb, src)
 
 	if err != nil {
-		fc.c.log.Warnf("failed to configure suricata: %v", err)
+		fc.c.log.Warn("failed to configure suricata", "error", err)
 	}
 
 	applyAndCleanUp(fc.c.log, applier, tplSuricataConfig, src, "/etc/suricata/suricata.yaml", fileModeSixFourFour, false)
@@ -228,7 +227,7 @@ func (fc firewallConfigurator) getUnits() (units []unitConfiguration) {
 	return units
 }
 
-func applyCommonConfiguration(log *zap.SugaredLogger, kind BareMetalType, kb config) {
+func applyCommonConfiguration(log *slog.Logger, kind BareMetalType, kb config) {
 	a := newIfacesApplier(kind, kb)
 	a.Apply()
 
@@ -251,22 +250,22 @@ func applyCommonConfiguration(log *zap.SugaredLogger, kind BareMetalType, kb con
 	applyAndCleanUp(log, applier, tpl, src, "/etc/frr/frr.conf", fileModeDefault, false)
 }
 
-func applyAndCleanUp(log *zap.SugaredLogger, applier net.Applier, tpl, src, dest string, mode os.FileMode, reload bool) {
-	log.Infof("rendering %s to %s (mode: %s)", tpl, dest, mode)
+func applyAndCleanUp(log *slog.Logger, applier net.Applier, tpl, src, dest string, mode os.FileMode, reload bool) {
+	log.Info("rendering", "template", tpl, "destination", dest, "mode", mode)
 	file := mustReadTpl(tpl)
 	mustApply(applier, file, src, dest, reload)
 
 	err := os.Chmod(dest, mode)
 	if err != nil {
-		log.Errorf("error to chmod %s to %s", dest, mode)
+		log.Error("unable change mode", "file", dest, "mode", mode, "error", err)
 	}
 
 	_ = os.Remove(src)
 }
 
-func mustEnableUnit(log *zap.SugaredLogger, unit string) {
+func mustEnableUnit(log *slog.Logger, unit string) {
 	cmd := fmt.Sprintf("systemctl enable %s", unit)
-	log.Infof("running '%s' to enable unit.'", cmd)
+	log.Info("enable unit", "command", cmd)
 
 	err := exec.NewVerboseCmd("bash", "-c", cmd).Run()
 

diff --git a/pkg/netconf/frr.go b/pkg/netconf/frr.go
@@ -2,13 +2,13 @@ package netconf
 
 import (
 	"fmt"
+	"log/slog"
 	"net/netip"
 
 	"github.com/metal-stack/metal-go/api/models"
 	mn "github.com/metal-stack/metal-lib/pkg/net"
 	"github.com/metal-stack/metal-networker/pkg/exec"
 	"github.com/metal-stack/metal-networker/pkg/net"
-	"go.uber.org/zap"
 )
 
 const (
@@ -54,7 +54,7 @@ type (
 	// frrValidator validates the frr.conf to apply.
 	frrValidator struct {
 		path string
-		log  *zap.SugaredLogger
+		log  *slog.Logger
 	}
 
 	// AddressFamily is the address family for the routing daemon.
@@ -90,7 +90,8 @@ func NewFrrConfigApplier(kind BareMetalType, c config, tmpFile string) net.Appli
 			},
 		}
 	default:
-		c.log.Fatalf("unknown kind of bare metal: %v", kind)
+		c.log.Error("unknown kind of bare metal", "kind", kind)
+		panic(fmt.Errorf("unknown kind %v", kind))
 	}
 
 	validator := frrValidator{
@@ -121,7 +122,7 @@ func routerID(net *models.V1MachineNetwork) string {
 // Validate can be used to run validation on FRR configuration using vtysh.
 func (v frrValidator) Validate() error {
 	vtysh := fmt.Sprintf("vtysh --dryrun --inputfile %s", v.path)
-	v.log.Infof("running '%s' to validate changes.'", vtysh)
+	v.log.Info("validate changes", "command", vtysh)
 
 	return exec.NewVerboseCmd("bash", "-c", vtysh, v.path).Run()
 }

diff --git a/pkg/netconf/frr_test.go b/pkg/netconf/frr_test.go
@@ -2,12 +2,12 @@ package netconf
 
 import (
 	"bytes"
+	"log/slog"
 	"os"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-	"go.uber.org/zap/zaptest"
 )
 
 func TestFrrConfigApplier(t *testing.T) {
@@ -71,7 +71,7 @@ func TestFrrConfigApplier(t *testing.T) {
 	for _, test := range tests {
 		test := test
 		t.Run(test.name, func(t *testing.T) {
-			log := zaptest.NewLogger(t).Sugar()
+			log := slog.Default()
 			kb, err := New(log, test.input)
 			require.NoError(t, err)
 			a := NewFrrConfigApplier(test.configuratorType, *kb, "")
@@ -99,10 +99,8 @@ func TestFrrConfigApplier(t *testing.T) {
 }
 
 func TestFRRValidator_Validate(t *testing.T) {
-	log := zaptest.NewLogger(t).Sugar()
-
 	validator := frrValidator{
-		log: log,
+		log: slog.Default(),
 	}
 	actual := validator.Validate()
 	require.Error(t, actual)

diff --git a/pkg/netconf/hostname_test.go b/pkg/netconf/hostname_test.go
@@ -2,19 +2,19 @@ package netconf
 
 import (
 	"bytes"
+	"log/slog"
 	"os"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-	"go.uber.org/zap/zaptest"
 )
 
 func TestNameHostname(t *testing.T) {
 	expected, err := os.ReadFile("testdata/hostname")
 	require.NoError(t, err)
 
-	log := zaptest.NewLogger(t).Sugar()
+	log := slog.Default()
 	kb, err := New(log, "testdata/firewall.yaml")
 	require.NoError(t, err)
 

diff --git a/pkg/netconf/hosts_test.go b/pkg/netconf/hosts_test.go
@@ -2,19 +2,19 @@ package netconf
 
 import (
 	"bytes"
+	"log/slog"
 	"os"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-	"go.uber.org/zap/zaptest"
 )
 
 func TestNewHostsApplier(t *testing.T) {
 	expected, err := os.ReadFile("testdata/hosts")
 	require.NoError(t, err)
 
-	log := zaptest.NewLogger(t).Sugar()
+	log := slog.Default()
 	kb, err := New(log, "testdata/firewall.yaml")
 	require.NoError(t, err)
 	a := newHostsApplier(*kb, "")

diff --git a/pkg/netconf/interfaces.go b/pkg/netconf/interfaces.go
@@ -3,11 +3,11 @@ package netconf
 import (
 	"fmt"
 	"io"
+	"log/slog"
 	"net/netip"
 	"text/template"
 
 	mn "github.com/metal-stack/metal-lib/pkg/net"
-	"go.uber.org/zap"
 )
 
 type (
@@ -46,7 +46,8 @@ func newIfacesApplier(kind BareMetalType, c config) ifacesApplier {
 		// The first lo IP is used within network communication and other systems depend on seeing the first private ip.
 		d.Loopback.IPs = addBitlen(append(private.Ips, c.CollectIPs(mn.External)...))
 	default:
-		c.log.Fatalf("unknown configuratorType of configurator: %v", kind)
+		c.log.Error("unknown configuratorType", "kind", kind)
+		panic(fmt.Errorf("unknown configurator type:%v", kind))
 	}
 
 	return ifacesApplier{kind: kind, kb: c, data: d}
@@ -88,7 +89,8 @@ func (a *ifacesApplier) Apply() {
 		src := mustTmpFile(prefix)
 		applier, err := newSystemdLinkApplier(a.kind, uuid, i, nic, src, evpnIfaces)
 		if err != nil {
-			a.kb.log.Fatalw("unable to create systemdlinkapplier", "error", err)
+			a.kb.log.Error("unable to create systemdlinkapplier", "error", err)
+			panic(err)
 		}
 		dest := fmt.Sprintf("%s/%d-lan%d.link", systemdNetworkPath, offset+i, i)
 		applyAndCleanUp(a.kb.log, applier, tplSystemdLinkLan, src, dest, fileModeSystemd, false)
@@ -97,7 +99,8 @@ func (a *ifacesApplier) Apply() {
 		src = mustTmpFile(prefix)
 		applier, err = newSystemdLinkApplier(a.kind, uuid, i, nic, src, evpnIfaces)
 		if err != nil {
-			a.kb.log.Fatalw("unable to create systemdlinkapplier", "error", err)
+			a.kb.log.Error("unable to create systemdlinkapplier", "error", err)
+			panic(err)
 		}
 		dest = fmt.Sprintf("%s/%d-lan%d.network", systemdNetworkPath, offset+i, i)
 		applyAndCleanUp(a.kb.log, applier, tplSystemdNetworkLan, src, dest, fileModeSystemd, false)
@@ -120,7 +123,7 @@ func (a *ifacesApplier) Apply() {
 	}
 }
 
-func applyNetdevAndNetwork(log *zap.SugaredLogger, si, di int, prefix, suffix string, data any) {
+func applyNetdevAndNetwork(log *slog.Logger, si, di int, prefix, suffix string, data any) {
 	src := mustTmpFile(prefix + "_netdev_")
 	applier := newSystemdNetworkdApplier(src, data)
 	dest := fmt.Sprintf("%s/%d-%s%s.netdev", systemdNetworkPath, di, prefix, suffix)

diff --git a/pkg/netconf/interfaces_test.go b/pkg/netconf/interfaces_test.go
@@ -2,13 +2,13 @@ package netconf
 
 import (
 	"fmt"
+	"log/slog"
 	"os"
 	"sort"
 	"testing"
 
 	"github.com/google/go-cmp/cmp"
 	"github.com/stretchr/testify/require"
-	"go.uber.org/zap/zaptest"
 )
 
 func TestIfacesApplier(t *testing.T) {
@@ -28,17 +28,15 @@ func TestIfacesApplier(t *testing.T) {
 			configuratorType: Machine,
 		},
 	}
-	log := zaptest.NewLogger(t).Sugar()
+	log := slog.Default()
 
 	tmpPath = os.TempDir()
 	for _, tc := range tests {
 		func() {
 			old := systemdNetworkPath
 			tempdir, err := os.MkdirTemp(os.TempDir(), "networkd*")
+			require.NoError(t, err)
 			systemdNetworkPath = tempdir
-			if err != nil {
-				log.Fatal(err)
-			}
 			defer func() {
 				os.RemoveAll(systemdNetworkPath)
 				systemdNetworkPath = old

diff --git a/pkg/netconf/knowledgebase.go b/pkg/netconf/knowledgebase.go
@@ -3,11 +3,11 @@ package netconf
 import (
 	"errors"
 	"fmt"
+	"log/slog"
 	"net"
 	"os"
 
 	"github.com/metal-stack/metal-hammer/pkg/api"
-	"go.uber.org/zap"
 
 	"github.com/metal-stack/metal-go/api/models"
 	mn "github.com/metal-stack/metal-lib/pkg/net"
@@ -26,17 +26,17 @@ type (
 	// It represents the input yaml that is needed to render network configuration files.
 	config struct {
 		api.InstallerConfig
-		log *zap.SugaredLogger
+		log *slog.Logger
 	}
 )
 
 // New creates a new instance of this type.
-func New(log *zap.SugaredLogger, path string) (*config, error) {
-	log.Infof("loading: %s", path)
+func New(log *slog.Logger, path string) (*config, error) {
+	log.Info("loading", "path", path)
 
 	f, err := os.ReadFile(path)
 	if err != nil {
-		log.Panic(err)
+		return nil, err
 	}
 
 	installer := &api.InstallerConfig{}
@@ -221,7 +221,7 @@ func (c config) nicsContainValidMACs() bool {
 		}
 
 		if _, err := net.ParseMAC(*nic.Mac); err != nil {
-			c.log.Errorf("invalid mac: %s", *nic.Mac)
+			c.log.Error("invalid mac", "mac", *nic.Mac)
 			return false
 		}
 	}