diff --git a/Dockerfile b/Dockerfile index 120f0dc56d..7d3adf7f1a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,4 +6,4 @@ USER 65532:65532 COPY --chown=65532:65532 "build/zarf-linux-$TARGETARCH" /zarf -CMD ["/zarf", "internal", "agent", "-l=trace", "--no-log-file"] +CMD ["/zarf", "internal", "agent", "--log-level=debug", "--log-format=text", "--no-log-file"] diff --git a/src/config/lang/english.go b/src/config/lang/english.go index 38717db929..d8c0f7694e 100644 --- a/src/config/lang/english.go +++ b/src/config/lang/english.go @@ -594,12 +594,7 @@ $ zarf tools update-creds artifact --artifact-push-username={USERNAME} --artifac // Zarf Agent messages // These are only seen in the Kubernetes logs. const ( - AgentInfoWebhookAllowed = "Webhook [%s - %s] - Allowed: %t" - AgentInfoPort = "Server running in port: %s" - AgentWarnNotOCIType = "Skipping HelmRepo mutation because the type is not OCI: %s" - AgentWarnSemVerRef = "Detected a semver OCI ref (%s) - continuing but will be unable to guarantee against collisions if multiple OCI artifacts with the same name are brought in from different registries" AgentErrBadRequest = "could not read request body: %s" - AgentErrBindHandler = "Unable to bind the webhook handler" AgentErrCouldNotDeserializeReq = "could not deserialize request: %s" AgentErrParsePod = "failed to parse pod: %w" AgentErrHostnameMatch = "failed to complete hostname matching: %w" diff --git a/src/internal/agent/hooks/argocd-application.go b/src/internal/agent/hooks/argocd-application.go index e7351c89fd..0fbaab22f7 100644 --- a/src/internal/agent/hooks/argocd-application.go +++ b/src/internal/agent/hooks/argocd-application.go @@ -13,7 +13,7 @@ import ( "github.com/zarf-dev/zarf/src/config/lang" "github.com/zarf-dev/zarf/src/internal/agent/operations" "github.com/zarf-dev/zarf/src/pkg/cluster" - "github.com/zarf-dev/zarf/src/pkg/message" + "github.com/zarf-dev/zarf/src/pkg/logger" "github.com/zarf-dev/zarf/src/pkg/transform" "github.com/zarf-dev/zarf/src/types" v1 "k8s.io/api/admission/v1" @@ -29,8 +29,8 @@ import ( // // For more information: https://argo-cd.readthedocs.io/en/stable/user-guide/import/ type Application struct { - Spec ApplicationSpec `json:"spec"` - metav1.ObjectMeta + Spec ApplicationSpec `json:"spec"` + metav1.ObjectMeta `json:"metadata,omitempty"` } // ApplicationSpec represents desired application state. Contains link to repository with application definition. @@ -60,21 +60,24 @@ func NewApplicationMutationHook(ctx context.Context, cluster *cluster.Cluster) o // mutateApplication mutates the git repository url to point to the repository URL defined in the ZarfState. func mutateApplication(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster.Cluster) (*operations.Result, error) { + l := logger.From(ctx) state, err := cluster.LoadZarfState(ctx) if err != nil { return nil, err } - message.Debugf("Using the url of (%s) to mutate the ArgoCD Application", state.GitServer.Address) - app := Application{} if err = json.Unmarshal(r.Object.Raw, &app); err != nil { return nil, fmt.Errorf(lang.ErrUnmarshal, err) } + l.Info("using the Zarf git server URL to mutate the ArgoCD Application", + "name", app.Name, + "git-server", state.GitServer.Address) + patches := make([]operations.PatchOperation, 0) if app.Spec.Source != nil { - patchedURL, err := getPatchedRepoURL(app.Spec.Source.RepoURL, state.GitServer, r) + patchedURL, err := getPatchedRepoURL(ctx, app.Spec.Source.RepoURL, state.GitServer, r) if err != nil { return nil, err } @@ -83,7 +86,7 @@ func mutateApplication(ctx context.Context, r *v1.AdmissionRequest, cluster *clu if len(app.Spec.Sources) > 0 { for idx, source := range app.Spec.Sources { - patchedURL, err := getPatchedRepoURL(source.RepoURL, state.GitServer, r) + patchedURL, err := getPatchedRepoURL(ctx, source.RepoURL, state.GitServer, r) if err != nil { return nil, err } @@ -99,7 +102,8 @@ func mutateApplication(ctx context.Context, r *v1.AdmissionRequest, cluster *clu }, nil } -func getPatchedRepoURL(repoURL string, gs types.GitServerInfo, r *v1.AdmissionRequest) (string, error) { +func getPatchedRepoURL(ctx context.Context, repoURL string, gs types.GitServerInfo, r *v1.AdmissionRequest) (string, error) { + l := logger.From(ctx) isCreate := r.Operation == v1.Create isUpdate := r.Operation == v1.Update patchedURL := repoURL @@ -124,7 +128,7 @@ func getPatchedRepoURL(repoURL string, gs types.GitServerInfo, r *v1.AdmissionRe return "", fmt.Errorf("%s: %w", AgentErrTransformGitURL, err) } patchedURL = transformedURL.String() - message.Debugf("original repoURL of (%s) got mutated to (%s)", repoURL, patchedURL) + l.Debug("mutated ArgoCD application repoURL to the Zarf URL", "original", repoURL, "mutated", patchedURL) } return patchedURL, nil diff --git a/src/internal/agent/hooks/argocd-application_test.go b/src/internal/agent/hooks/argocd-application_test.go index 31ec452959..4bfdad674b 100644 --- a/src/internal/agent/hooks/argocd-application_test.go +++ b/src/internal/agent/hooks/argocd-application_test.go @@ -38,7 +38,7 @@ func TestArgoAppWebhook(t *testing.T) { PushUsername: "a-push-user", }} c := createTestClientWithZarfState(ctx, t, state) - handler := admission.NewHandler().Serve(NewApplicationMutationHook(ctx, c)) + handler := admission.NewHandler().Serve(ctx, NewApplicationMutationHook(ctx, c)) tests := []admissionTest{ { diff --git a/src/internal/agent/hooks/argocd-repository.go b/src/internal/agent/hooks/argocd-repository.go index cf2e9d895e..36aafd2a7a 100644 --- a/src/internal/agent/hooks/argocd-repository.go +++ b/src/internal/agent/hooks/argocd-repository.go @@ -14,7 +14,7 @@ import ( "github.com/zarf-dev/zarf/src/config/lang" "github.com/zarf-dev/zarf/src/internal/agent/operations" "github.com/zarf-dev/zarf/src/pkg/cluster" - "github.com/zarf-dev/zarf/src/pkg/message" + "github.com/zarf-dev/zarf/src/pkg/logger" "github.com/zarf-dev/zarf/src/pkg/transform" "github.com/zarf-dev/zarf/src/types" v1 "k8s.io/api/admission/v1" @@ -48,6 +48,7 @@ func NewRepositorySecretMutationHook(ctx context.Context, cluster *cluster.Clust // mutateRepositorySecret mutates the git URL in the ArgoCD repository secret to point to the repository URL defined in the ZarfState. func mutateRepositorySecret(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster.Cluster) (*operations.Result, error) { + l := logger.From(ctx) isCreate := r.Operation == v1.Create isUpdate := r.Operation == v1.Update var isPatched bool @@ -57,13 +58,15 @@ func mutateRepositorySecret(ctx context.Context, r *v1.AdmissionRequest, cluster return nil, err } - message.Infof("Using the url of (%s) to mutate the ArgoCD Repository Secret", state.GitServer.Address) - secret := corev1.Secret{} if err = json.Unmarshal(r.Object.Raw, &secret); err != nil { return nil, fmt.Errorf(lang.ErrUnmarshal, err) } + l.Info("using the Zarf git server URL to mutate the ArgoCD Repository secret", + "name", secret.Name, + "git-server", state.GitServer.Address) + url, exists := secret.Data["url"] if !exists { return nil, fmt.Errorf("url field not found in argocd repository secret data") @@ -91,7 +94,7 @@ func mutateRepositorySecret(ctx context.Context, r *v1.AdmissionRequest, cluster return nil, fmt.Errorf("unable the git url: %w", err) } patchedURL = transformedURL.String() - message.Debugf("original url of (%s) got mutated to (%s)", repoCreds.URL, patchedURL) + l.Debug("mutating the ArgoCD repository secret URL to the Zarf URL", "original", repoCreds.URL, "mutated", patchedURL) } patches := populateArgoRepositoryPatchOperations(patchedURL, state.GitServer) diff --git a/src/internal/agent/hooks/argocd-repository_test.go b/src/internal/agent/hooks/argocd-repository_test.go index fdc99fe1c2..f735ee8a58 100644 --- a/src/internal/agent/hooks/argocd-repository_test.go +++ b/src/internal/agent/hooks/argocd-repository_test.go @@ -43,7 +43,7 @@ func TestArgoRepoWebhook(t *testing.T) { PullUsername: "a-pull-user", }} c := createTestClientWithZarfState(ctx, t, state) - handler := admission.NewHandler().Serve(NewRepositorySecretMutationHook(ctx, c)) + handler := admission.NewHandler().Serve(ctx, NewRepositorySecretMutationHook(ctx, c)) tests := []admissionTest{ { diff --git a/src/internal/agent/hooks/flux-gitrepo.go b/src/internal/agent/hooks/flux-gitrepo.go index 77447b7c34..e29fa4bc5d 100644 --- a/src/internal/agent/hooks/flux-gitrepo.go +++ b/src/internal/agent/hooks/flux-gitrepo.go @@ -16,7 +16,7 @@ import ( "github.com/zarf-dev/zarf/src/config/lang" "github.com/zarf-dev/zarf/src/internal/agent/operations" "github.com/zarf-dev/zarf/src/pkg/cluster" - "github.com/zarf-dev/zarf/src/pkg/message" + "github.com/zarf-dev/zarf/src/pkg/logger" "github.com/zarf-dev/zarf/src/pkg/transform" v1 "k8s.io/api/admission/v1" ) @@ -38,6 +38,7 @@ func NewGitRepositoryMutationHook(ctx context.Context, cluster *cluster.Cluster) // mutateGitRepoCreate mutates the git repository url to point to the repository URL defined in the ZarfState. func mutateGitRepo(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster.Cluster) (*operations.Result, error) { + l := logger.From(ctx) var ( patches []operations.PatchOperation isPatched bool @@ -51,13 +52,15 @@ func mutateGitRepo(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster return nil, err } - message.Debugf("Using the url of (%s) to mutate the flux repository", state.GitServer.Address) - repo := flux.GitRepository{} if err = json.Unmarshal(r.Object.Raw, &repo); err != nil { return nil, fmt.Errorf(lang.ErrUnmarshal, err) } + l.Info("using the Zarf git server URL to mutate the Flux GitRepository", + "name", repo.Name, + "git-server", state.GitServer.Address) + // Check if this is an update operation and the hostname is different from what we have in the zarfState // NOTE: We mutate on updates IF AND ONLY IF the hostname in the request is different than the hostname in the zarfState // NOTE: We are checking if the hostname is different before because we do not want to potentially mutate a URL that has already been mutated. @@ -78,7 +81,7 @@ func mutateGitRepo(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster return nil, fmt.Errorf("%s: %w", AgentErrTransformGitURL, err) } patchedURL = transformedURL.String() - message.Debugf("original git URL of (%s) got mutated to (%s)", repo.Spec.URL, patchedURL) + l.Debug("mutating the Flux GitRepository URL to the Zarf URL", "original", repo.Spec.URL, "mutated", patchedURL) } // Patch updates of the repo spec diff --git a/src/internal/agent/hooks/flux-gitrepo_test.go b/src/internal/agent/hooks/flux-gitrepo_test.go index dc9c17a093..864f82e602 100644 --- a/src/internal/agent/hooks/flux-gitrepo_test.go +++ b/src/internal/agent/hooks/flux-gitrepo_test.go @@ -42,7 +42,7 @@ func TestFluxMutationWebhook(t *testing.T) { PushUsername: "a-push-user", }} c := createTestClientWithZarfState(ctx, t, state) - handler := admission.NewHandler().Serve(NewGitRepositoryMutationHook(ctx, c)) + handler := admission.NewHandler().Serve(ctx, NewGitRepositoryMutationHook(ctx, c)) tests := []admissionTest{ { diff --git a/src/internal/agent/hooks/flux-helmrepo.go b/src/internal/agent/hooks/flux-helmrepo.go index a2fca0b9a4..067ae0c890 100644 --- a/src/internal/agent/hooks/flux-helmrepo.go +++ b/src/internal/agent/hooks/flux-helmrepo.go @@ -17,7 +17,7 @@ import ( "github.com/zarf-dev/zarf/src/config/lang" "github.com/zarf-dev/zarf/src/internal/agent/operations" "github.com/zarf-dev/zarf/src/pkg/cluster" - "github.com/zarf-dev/zarf/src/pkg/message" + "github.com/zarf-dev/zarf/src/pkg/logger" "github.com/zarf-dev/zarf/src/pkg/transform" v1 "k8s.io/api/admission/v1" ) @@ -36,6 +36,7 @@ func NewHelmRepositoryMutationHook(ctx context.Context, cluster *cluster.Cluster // mutateHelmRepo mutates the repository url to point to the repository URL defined in the ZarfState. func mutateHelmRepo(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster.Cluster) (*operations.Result, error) { + l := logger.From(ctx) src := &flux.HelmRepository{} if err := json.Unmarshal(r.Object.Raw, &src); err != nil { return nil, fmt.Errorf(lang.ErrUnmarshal, err) @@ -43,7 +44,7 @@ func mutateHelmRepo(ctx context.Context, r *v1.AdmissionRequest, cluster *cluste // If we see a type of helm repo other than OCI we should flag a warning and return if strings.ToLower(src.Spec.Type) != "oci" { - message.Warnf(lang.AgentWarnNotOCIType, src.Spec.Type) + l.Warn("skipping HelmRepository mutation because the type is not OCI", "type", src.Spec.Type) return &operations.Result{Allowed: true}, nil } @@ -65,7 +66,9 @@ func mutateHelmRepo(ctx context.Context, r *v1.AdmissionRequest, cluster *cluste return nil, err } - message.Debugf("Using the url of (%s) to mutate the flux HelmRepository", registryAddress) + l.Info("using the Zarf registry URL to mutate the Flux HelmRepository", + "name", src.Name, + "registry", registryAddress) patchedSrc, err := transform.ImageTransformHost(registryAddress, src.Spec.URL) if err != nil { @@ -78,7 +81,7 @@ func mutateHelmRepo(ctx context.Context, r *v1.AdmissionRequest, cluster *cluste } patchedURL := helpers.OCIURLPrefix + patchedRefInfo.Name - message.Debugf("original HelmRepo URL of (%s) got mutated to (%s)", src.Spec.URL, patchedURL) + l.Debug("mutating the Flux HelmRepository URL to the Zarf URL", "original", src.Spec.URL, "mutated", patchedURL) patches := populateHelmRepoPatchOperations(patchedURL, zarfState.RegistryInfo.IsInternal()) diff --git a/src/internal/agent/hooks/flux-helmrepo_test.go b/src/internal/agent/hooks/flux-helmrepo_test.go index d0e48a0074..d56d7e29a5 100644 --- a/src/internal/agent/hooks/flux-helmrepo_test.go +++ b/src/internal/agent/hooks/flux-helmrepo_test.go @@ -167,7 +167,7 @@ func TestFluxHelmMutationWebhook(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() c := createTestClientWithZarfState(ctx, t, state) - handler := admission.NewHandler().Serve(NewHelmRepositoryMutationHook(ctx, c)) + handler := admission.NewHandler().Serve(ctx, NewHelmRepositoryMutationHook(ctx, c)) if tt.svc != nil { _, err := c.Clientset.CoreV1().Services("zarf").Create(ctx, tt.svc, metav1.CreateOptions{}) require.NoError(t, err) diff --git a/src/internal/agent/hooks/flux-ocirepo.go b/src/internal/agent/hooks/flux-ocirepo.go index e8c3d21a0f..39cd139aaf 100644 --- a/src/internal/agent/hooks/flux-ocirepo.go +++ b/src/internal/agent/hooks/flux-ocirepo.go @@ -16,7 +16,7 @@ import ( "github.com/zarf-dev/zarf/src/config/lang" "github.com/zarf-dev/zarf/src/internal/agent/operations" "github.com/zarf-dev/zarf/src/pkg/cluster" - "github.com/zarf-dev/zarf/src/pkg/message" + "github.com/zarf-dev/zarf/src/pkg/logger" "github.com/zarf-dev/zarf/src/pkg/transform" v1 "k8s.io/api/admission/v1" ) @@ -35,6 +35,7 @@ func NewOCIRepositoryMutationHook(ctx context.Context, cluster *cluster.Cluster) // mutateOCIRepo mutates the oci repository url to point to the repository URL defined in the ZarfState. func mutateOCIRepo(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster.Cluster) (*operations.Result, error) { + l := logger.From(ctx) src := &flux.OCIRepository{} if err := json.Unmarshal(r.Object.Raw, &src); err != nil { return nil, fmt.Errorf(lang.ErrUnmarshal, err) @@ -47,7 +48,7 @@ func mutateOCIRepo(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster // If we have a semver we want to continue since we wil still have the upstream tag // but should warn that we can't guarantee there won't be collisions if src.Spec.Reference.SemVer != "" { - message.Warnf(lang.AgentWarnSemVerRef, src.Spec.Reference.SemVer) + l.Warn("Detected a semver OCI ref, continuing but will be unable to guarantee against collisions if multiple OCI artifacts with the same name are brought in from different registries", "ref", src.Spec.Reference.SemVer) } if src.Labels != nil && src.Labels["zarf-agent"] == "patched" { @@ -69,7 +70,9 @@ func mutateOCIRepo(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster } // For the internal registry this will be the ip & port of the service, it may look like 10.43.36.151:5000 - message.Debugf("Using the url of (%s) to mutate the flux OCIRepository", registryAddress) + l.Info("using the Zarf registry URL to mutate the Flux OCIRepository", + "name", src.Name, + "registry", registryAddress) ref := src.Spec.URL if src.Spec.Reference.Digest != "" { @@ -97,7 +100,7 @@ func mutateOCIRepo(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster patchedRef.Tag = patchedRefInfo.Tag } - message.Debugf("original OCIRepo URL of (%s) got mutated to (%s)", src.Spec.URL, patchedURL) + l.Debug("mutating the Flux OCIRepository URL to the Zarf URL", "original", src.Spec.URL, "mutated", patchedURL) patches := populateOCIRepoPatchOperations(patchedURL, zarfState.RegistryInfo.IsInternal(), patchedRef) diff --git a/src/internal/agent/hooks/flux-ocirepo_test.go b/src/internal/agent/hooks/flux-ocirepo_test.go index 5cab4d2530..b15fd73d3c 100644 --- a/src/internal/agent/hooks/flux-ocirepo_test.go +++ b/src/internal/agent/hooks/flux-ocirepo_test.go @@ -196,7 +196,7 @@ func TestFluxOCIMutationWebhook(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() c := createTestClientWithZarfState(ctx, t, state) - handler := admission.NewHandler().Serve(NewOCIRepositoryMutationHook(ctx, c)) + handler := admission.NewHandler().Serve(ctx, NewOCIRepositoryMutationHook(ctx, c)) if tt.svc != nil { _, err := c.Clientset.CoreV1().Services("zarf").Create(ctx, tt.svc, metav1.CreateOptions{}) require.NoError(t, err) diff --git a/src/internal/agent/hooks/pods.go b/src/internal/agent/hooks/pods.go index 86fae81e0f..1ee02f899a 100644 --- a/src/internal/agent/hooks/pods.go +++ b/src/internal/agent/hooks/pods.go @@ -13,6 +13,7 @@ import ( "github.com/zarf-dev/zarf/src/config/lang" "github.com/zarf-dev/zarf/src/internal/agent/operations" "github.com/zarf-dev/zarf/src/pkg/cluster" + "github.com/zarf-dev/zarf/src/pkg/logger" "github.com/zarf-dev/zarf/src/pkg/transform" v1 "k8s.io/api/admission/v1" @@ -46,6 +47,7 @@ func getImageAnnotationKey(containerName string) string { } func mutatePod(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster.Cluster) (*operations.Result, error) { + l := logger.From(ctx) pod, err := parsePod(r.Object.Raw) if err != nil { return nil, fmt.Errorf(lang.AgentErrParsePod, err) @@ -65,6 +67,9 @@ func mutatePod(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster.Clu } registryURL := state.RegistryInfo.Address + // Pods do not have a metadata.name at the time of admission if from a deployment so we don't log the name + l.Info("using the Zarf registry URL to mutate the Pod", "registry", registryURL) + var patches []operations.PatchOperation // Add the zarf secret to the podspec diff --git a/src/internal/agent/hooks/pods_test.go b/src/internal/agent/hooks/pods_test.go index 60bd09d0f5..42ddaab8fa 100644 --- a/src/internal/agent/hooks/pods_test.go +++ b/src/internal/agent/hooks/pods_test.go @@ -39,7 +39,7 @@ func TestPodMutationWebhook(t *testing.T) { state := &types.ZarfState{RegistryInfo: types.RegistryInfo{Address: "127.0.0.1:31999"}} c := createTestClientWithZarfState(ctx, t, state) - handler := admission.NewHandler().Serve(NewPodMutationHook(ctx, c)) + handler := admission.NewHandler().Serve(ctx, NewPodMutationHook(ctx, c)) tests := []admissionTest{ { diff --git a/src/internal/agent/http/admission/handler.go b/src/internal/agent/http/admission/handler.go index 4b4d69323b..fd1a27484a 100644 --- a/src/internal/agent/http/admission/handler.go +++ b/src/internal/agent/http/admission/handler.go @@ -7,6 +7,7 @@ package admission import ( + "context" "encoding/json" "fmt" "io" @@ -14,7 +15,7 @@ import ( "github.com/zarf-dev/zarf/src/config/lang" "github.com/zarf-dev/zarf/src/internal/agent/operations" - "github.com/zarf-dev/zarf/src/pkg/message" + "github.com/zarf-dev/zarf/src/pkg/logger" corev1 "k8s.io/api/admission/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -34,7 +35,8 @@ func NewHandler() *Handler { } // Serve returns an http.HandlerFunc for an admission webhook. -func (h *Handler) Serve(hook operations.Hook) http.HandlerFunc { +func (h *Handler) Serve(ctx context.Context, hook operations.Hook) http.HandlerFunc { + l := logger.From(ctx) return func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") if r.Method != http.MethodPost { @@ -70,7 +72,7 @@ func (h *Handler) Serve(hook operations.Hook) http.HandlerFunc { Kind: "AdmissionReview", } if err != nil { - message.Warnf("%s: %s", lang.AgentErrBindHandler, err.Error()) + l.Error("unable to bind the webhook handler", "error", err.Error()) admissionResponse := corev1.AdmissionReview{ TypeMeta: admissionMeta, Response: &corev1.AdmissionResponse{ @@ -79,7 +81,7 @@ func (h *Handler) Serve(hook operations.Hook) http.HandlerFunc { } jsonResponse, err := json.Marshal(admissionResponse) if err != nil { - message.WarnErr(err, lang.AgentErrMarshalResponse) + l.Error("unable to marshal the response", "error", err.Error()) http.Error(w, lang.AgentErrMarshalResponse, http.StatusInternalServerError) return } @@ -103,7 +105,7 @@ func (h *Handler) Serve(hook operations.Hook) http.HandlerFunc { jsonPatchType := corev1.PatchTypeJSONPatch patchBytes, err := json.Marshal(result.PatchOps) if err != nil { - message.WarnErr(err, lang.AgentErrMarshallJSONPatch) + l.Error("unable to marshall the json patch", "error", err.Error()) http.Error(w, lang.AgentErrMarshallJSONPatch, http.StatusInternalServerError) } admissionResponse.Response.Patch = patchBytes @@ -112,12 +114,12 @@ func (h *Handler) Serve(hook operations.Hook) http.HandlerFunc { jsonResponse, err := json.Marshal(admissionResponse) if err != nil { - message.WarnErr(err, lang.AgentErrMarshalResponse) + l.Error("unable to marshal the response", "error", err) http.Error(w, lang.AgentErrMarshalResponse, http.StatusInternalServerError) return } - message.Infof(lang.AgentInfoWebhookAllowed, r.URL.Path, review.Request.Operation, result.Allowed) + l.Info("webhook execution complete", "path", r.URL.Path, "operation", review.Request.Operation, "allowed", result.Allowed) w.WriteHeader(http.StatusOK) //nolint: errcheck // ignore w.Write(jsonResponse) diff --git a/src/internal/agent/http/proxy.go b/src/internal/agent/http/proxy.go index 760ba709ec..993f76ea00 100644 --- a/src/internal/agent/http/proxy.go +++ b/src/internal/agent/http/proxy.go @@ -5,6 +5,7 @@ package http import ( + "context" "crypto/tls" "fmt" "io" @@ -14,17 +15,18 @@ import ( "strings" "github.com/zarf-dev/zarf/src/pkg/cluster" - "github.com/zarf-dev/zarf/src/pkg/message" + "github.com/zarf-dev/zarf/src/pkg/logger" "github.com/zarf-dev/zarf/src/pkg/transform" "github.com/zarf-dev/zarf/src/types" ) // ProxyHandler constructs a new httputil.ReverseProxy and returns an http handler. -func ProxyHandler(cluster *cluster.Cluster) http.HandlerFunc { +func ProxyHandler(ctx context.Context, cluster *cluster.Cluster) http.HandlerFunc { + l := logger.From(ctx) return func(w http.ResponseWriter, r *http.Request) { state, err := cluster.LoadZarfState(r.Context()) if err != nil { - message.Debugf("%#v", err) + l.Debug(err.Error()) w.WriteHeader(http.StatusInternalServerError) //nolint: errcheck // ignore w.Write([]byte("unable to load Zarf state, see the Zarf HTTP proxy logs for more details")) @@ -32,7 +34,7 @@ func ProxyHandler(cluster *cluster.Cluster) http.HandlerFunc { } err = proxyRequestTransform(r, state) if err != nil { - message.Debugf("%#v", err) + l.Debug(err.Error()) w.WriteHeader(http.StatusInternalServerError) //nolint: errcheck // ignore w.Write([]byte("unable to transform the provided request, see the Zarf HTTP proxy logs for more details")) diff --git a/src/internal/agent/start.go b/src/internal/agent/start.go index e620c3648a..ab993ddd2f 100644 --- a/src/internal/agent/start.go +++ b/src/internal/agent/start.go @@ -14,12 +14,11 @@ import ( "github.com/prometheus/client_golang/prometheus/promhttp" "golang.org/x/sync/errgroup" - "github.com/zarf-dev/zarf/src/config/lang" "github.com/zarf-dev/zarf/src/internal/agent/hooks" agentHttp "github.com/zarf-dev/zarf/src/internal/agent/http" "github.com/zarf-dev/zarf/src/internal/agent/http/admission" "github.com/zarf-dev/zarf/src/pkg/cluster" - "github.com/zarf-dev/zarf/src/pkg/message" + "github.com/zarf-dev/zarf/src/pkg/logger" ) // Heavily influenced by https://github.com/douglasmakey/admissioncontroller and @@ -45,12 +44,12 @@ func StartWebhook(ctx context.Context, cluster *cluster.Cluster) error { // Routers mux := http.NewServeMux() - mux.Handle("/mutate/pod", admissionHandler.Serve(podsMutation)) - mux.Handle("/mutate/flux-gitrepository", admissionHandler.Serve(fluxGitRepositoryMutation)) - mux.Handle("/mutate/flux-helmrepository", admissionHandler.Serve(fluxHelmRepositoryMutation)) - mux.Handle("/mutate/flux-ocirepository", admissionHandler.Serve(fluxOCIRepositoryMutation)) - mux.Handle("/mutate/argocd-application", admissionHandler.Serve(argocdApplicationMutation)) - mux.Handle("/mutate/argocd-repository", admissionHandler.Serve(argocdRepositoryMutation)) + mux.Handle("/mutate/pod", admissionHandler.Serve(ctx, podsMutation)) + mux.Handle("/mutate/flux-gitrepository", admissionHandler.Serve(ctx, fluxGitRepositoryMutation)) + mux.Handle("/mutate/flux-helmrepository", admissionHandler.Serve(ctx, fluxHelmRepositoryMutation)) + mux.Handle("/mutate/flux-ocirepository", admissionHandler.Serve(ctx, fluxOCIRepositoryMutation)) + mux.Handle("/mutate/argocd-application", admissionHandler.Serve(ctx, argocdApplicationMutation)) + mux.Handle("/mutate/argocd-repository", admissionHandler.Serve(ctx, argocdRepositoryMutation)) return startServer(ctx, httpPort, mux) } @@ -58,7 +57,7 @@ func StartWebhook(ctx context.Context, cluster *cluster.Cluster) error { // StartHTTPProxy launches the zarf agent proxy in the cluster. func StartHTTPProxy(ctx context.Context, cluster *cluster.Cluster) error { mux := http.NewServeMux() - mux.Handle("/", agentHttp.ProxyHandler(cluster)) + mux.Handle("/", agentHttp.ProxyHandler(ctx, cluster)) return startServer(ctx, httpPort, mux) } @@ -93,7 +92,7 @@ func startServer(ctx context.Context, port string, mux *http.ServeMux) error { } return nil }) - message.Infof(lang.AgentInfoPort, httpPort) + logger.From(ctx).Info("server running", "port", port) err := g.Wait() if err != nil { return err