Documentation
¶
Overview ¶
Package plog implements a thin layer over logr to help enforce pinniped's logging convention. Logs are always structured as a constant message with key and value pairs of related metadata.
The logging levels in order of increasing verbosity are: error, warning, info, debug, trace and all.
error and warning logs are always emitted (there is no way for the end user to disable them), and thus should be used sparingly. Ideally, logs at these levels should be actionable.
info should be reserved for "nice to know" information. It should be possible to run a production pinniped server at the info log level with no performance degradation due to high log volume.
debug should be used for information targeted at developers and to aid in support cases. Care must be taken at this level to not leak any secrets into the log stream. That is, even though debug may cause performance issues in production, it must not cause security issues in production.
trace should be used to log information related to timing (i.e. the time it took a controller to sync). Just like debug, trace should not leak secrets into the log stream. trace will likely leak information about the current state of the process, but that, along with performance degradation, is expected.
all is reserved for the most verbose and security sensitive information. At this level, full request metadata such as headers and parameters along with the body may be logged. This level is completely unfit for production use both from a performance and security standpoint. Using it is generally an act of desperation to determine why the system is broken.
Index ¶
- Constants
- func AddZapOverridesToContext(ctx context.Context, t *testing.T, w io.Writer, f func(*zap.Config), ...) context.Context
- func All(msg string, keysAndValues ...any)
- func Always(msg string, keysAndValues ...any)
- func Debug(msg string, keysAndValues ...any)
- func DebugErr(msg string, err error, keysAndValues ...any)
- func Enabled(level LogLevel) bool
- func Error(msg string, err error, keysAndValues ...any)
- func Fatal(err error, keysAndValues ...any)
- func Info(msg string, keysAndValues ...any)
- func InfoErr(msg string, err error, keysAndValues ...any)
- func Setup() func()
- func Trace(msg string, keysAndValues ...any)
- func TraceErr(msg string, err error, keysAndValues ...any)
- func ValidateAndSetLogLevelAndFormatGlobally(ctx context.Context, spec LogSpec) error
- func Warning(msg string, keysAndValues ...any)
- func WarningErr(msg string, err error, keysAndValues ...any)
- func ZapClock(c clock.Clock) zapcore.Clock
- type AuditLogConfig
- type AuditLogger
- type AuditParams
- type LogFormat
- type LogLevel
- type LogSpec
- type Logger
- type MinLogger
- type SessionIDGetter
Constants ¶
const ( KlogLevelInfo KlogLevelDebug KlogLevelTrace )
Variables ¶
This section is empty.
Functions ¶
func AddZapOverridesToContext ¶ added in v0.28.0
func AddZapOverridesToContext( ctx context.Context, t *testing.T, w io.Writer, f func(*zap.Config), fakeClock *clocktesting.FakeClock, opts ...zap.Option, ) context.Context
AddZapOverridesToContext adds Zap (and klog/textlogger) overrides to the context. This is done so that production code can read these values for test overrides. Do not pass zap.WithClock in opts since that will be constructed for you from fakeClock.
func Enabled ¶ added in v0.5.0
Enabled returns whether the provided plog level is enabled, i.e., whether print statements at the provided level will show up.
func ValidateAndSetLogLevelAndFormatGlobally ¶ added in v0.18.0
func WarningErr ¶
Types ¶
type AuditLogConfig ¶ added in v0.36.0
type AuditLogConfig struct {
LogUsernamesAndGroupNames bool
}
type AuditLogger ¶ added in v0.36.0
type AuditLogger interface {
Audit(msg auditevent.Message, p *AuditParams)
AuditRequestParams(r *http.Request, reqParamsSafeToLog sets.Set[string]) error
}
AuditLogger is the interface for audit logging. There is no global function for Audit because that would make unit testing of audit logs harder.
func NewAuditLogger ¶ added in v0.36.0
func NewAuditLogger(cfg AuditLogConfig) AuditLogger
func TestAuditLogger ¶ added in v0.36.0
func TestAuditLogger(t *testing.T) (AuditLogger, *bytes.Buffer)
func TestAuditLoggerWithConfig ¶ added in v0.36.0
func TestAuditLoggerWithConfig(t *testing.T, cfg AuditLogConfig) (AuditLogger, *bytes.Buffer)
type AuditParams ¶ added in v0.36.0
type AuditParams struct {
// ReqCtx may be nil. When possible, pass the http request's context as ReqCtx,
// so we may read the audit ID from the context.
ReqCtx context.Context
// Session may be nil. When possible, pass the fosite.Requester or fosite.Request as the Session,
// so we can log the session ID.
Session SessionIDGetter
// PIIKeysAndValues can optionally be used to pass along more keys are values.
// Use these when the values might contain personally identifiable information (PII).
// These values may be redacted by configuration.
// They must come in alternating pairs of string keys and any values.
PIIKeysAndValues []any
// KeysAndValues can optionally be used to pass along more keys are values.
// These values are never redacted and therefore should never contain PII.
// They must come in alternating pairs of string keys and any values.
KeysAndValues []any
}
type LogFormat ¶ added in v0.18.0
type LogFormat string
func (*LogFormat) UnmarshalJSON ¶ added in v0.18.0
type LogLevel ¶
type LogLevel string
LogLevel is an enum that controls verbosity of logs. Valid values in order of increasing verbosity are leaving it unset, info, debug, trace and all.
const ( // LevelWarning (i.e. leaving the log level unset) maps to klog log level 0. LevelWarning LogLevel = "" // LevelInfo maps to klog log level 2. LevelInfo LogLevel = "info" // LevelDebug maps to klog log level 4. LevelDebug LogLevel = "debug" // LevelTrace maps to klog log level 6. LevelTrace LogLevel = "trace" // LevelAll maps to klog log level 100 (conceptually it is log level 8). LevelAll LogLevel = "all" )
type Logger ¶ added in v0.13.0
type Logger interface {
Error(msg string, err error, keysAndValues ...any)
Warning(msg string, keysAndValues ...any)
WarningErr(msg string, err error, keysAndValues ...any)
Info(msg string, keysAndValues ...any)
InfoErr(msg string, err error, keysAndValues ...any)
Debug(msg string, keysAndValues ...any)
DebugErr(msg string, err error, keysAndValues ...any)
Trace(msg string, keysAndValues ...any)
TraceErr(msg string, err error, keysAndValues ...any)
All(msg string, keysAndValues ...any)
Always(msg string, keysAndValues ...any)
WithValues(keysAndValues ...any) Logger
WithName(name string) Logger
// contains filtered or unexported methods
}
Logger implements the plog logging convention described above. The global functions in this package such as Info should be used when one does not intend to write tests assertions for specific log messages. If test assertions are desired, Logger should be passed in as an input. New should be used as the production implementation and TestLogger should be used to write test assertions.
func WithValues ¶ added in v0.18.0
type SessionIDGetter ¶ added in v0.36.0
type SessionIDGetter interface {
GetID() string
}
Source Files