Merge pull request #115667 from aramase/aramase/f/structured_logging

[KMS] Use structured logging in value/encrypt

staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/grpc_service.go

@@ -53,7 +53,7 @@ type gRPCService struct {
 
 // NewGRPCService returns an envelope.Service which use gRPC to communicate the remote KMS provider.
 func NewGRPCService(ctx context.Context, endpoint string, callTimeout time.Duration) (Service, error) {
-	klog.V(4).Infof("Configure KMS provider with endpoint: %s", endpoint)
+	klog.V(4).InfoS("Configure KMS provider", "endpoint", endpoint)
 
 	addr, err := util.ParseEndpoint(endpoint)
 	if err != nil {
@@ -72,9 +72,9 @@ func NewGRPCService(ctx context.Context, endpoint string, callTimeout time.Durat
 				// addr - comes from the closure
 				c, err := net.DialUnix(unixProtocol, nil, &net.UnixAddr{Name: addr})
 				if err != nil {
-					klog.Errorf("failed to create connection to unix socket: %s, error: %v", addr, err)
+					klog.ErrorS(err, "failed to create connection to unix socket", "addr", addr)
 				} else {
-					klog.V(4).Infof("Successfully dialed Unix socket %v", addr)
+					klog.V(4).InfoS("Successfully dialed Unix socket", "addr", addr)
 				}
 				return c, err
 			}))
@@ -113,7 +113,7 @@ func (g *gRPCService) checkAPIVersion(ctx context.Context) error {
 	}
 	g.versionChecked = true
 
-	klog.V(4).Infof("Version of KMS provider is %s", response.Version)
+	klog.V(4).InfoS("KMS provider api version verified", "version", response.Version)
 	return nil
 }
 

staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/kmsv2/grpc_service.go

@@ -48,7 +48,7 @@ type gRPCService struct {
 
 // NewGRPCService returns an envelope.Service which use gRPC to communicate the remote KMS provider.
 func NewGRPCService(ctx context.Context, endpoint, providerName string, callTimeout time.Duration) (kmsservice.Service, error) {
-	klog.V(4).Infof("Configure KMS provider with endpoint: %s", endpoint)
+	klog.V(4).InfoS("Configure KMS provider", "endpoint", endpoint)
 
 	addr, err := util.ParseEndpoint(endpoint)
 	if err != nil {
@@ -66,9 +66,9 @@ func NewGRPCService(ctx context.Context, endpoint, providerName string, callTime
 				// addr - comes from the closure
 				c, err := net.DialUnix(unixProtocol, nil, &net.UnixAddr{Name: addr})
 				if err != nil {
-					klog.Errorf("failed to create connection to unix socket: %s, error: %v", addr, err)
+					klog.ErrorS(err, "failed to create connection to unix socket", "addr", addr)
 				} else {
-					klog.V(4).Infof("Successfully dialed Unix socket %v", addr)
+					klog.V(4).InfoS("Successfully dialed Unix socket", "addr", addr)
 				}
 				return c, err
 			}),

staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/testing/v1beta1/kms_plugin_mock.go

@@ -105,7 +105,7 @@ func (s *Base64Plugin) Start() error {
 	if err != nil {
 		return fmt.Errorf("failed to listen on the unix socket, error: %v", err)
 	}
-	klog.Infof("Listening on %s", s.socketPath)
+	klog.InfoS("Starting KMS Plugin", "socketPath", s.socketPath)
 
 	go s.grpcServer.Serve(s.listener)
 	return nil
@@ -136,13 +136,13 @@ func (s *Base64Plugin) ExitFailedState() {
 
 // Version returns the version of the kms-plugin.
 func (s *Base64Plugin) Version(ctx context.Context, request *kmsapi.VersionRequest) (*kmsapi.VersionResponse, error) {
-	klog.Infof("Received request for Version: %v", request)
+	klog.V(3).InfoS("Received request for Version", "request", request)
 	return &kmsapi.VersionResponse{Version: s.ver, RuntimeName: "testKMS", RuntimeVersion: "0.0.1"}, nil
 }
 
 // Decrypt performs base64 decoding of the payload of kms.DecryptRequest.
 func (s *Base64Plugin) Decrypt(ctx context.Context, request *kmsapi.DecryptRequest) (*kmsapi.DecryptResponse, error) {
-	klog.V(3).Infof("Received Decrypt Request for DEK: %s", string(request.Cipher))
+	klog.V(3).InfoS("Received Decrypt Request", "cipher", string(request.Cipher))
 
 	s.mu.Lock()
 	defer s.mu.Unlock()
@@ -161,7 +161,7 @@ func (s *Base64Plugin) Decrypt(ctx context.Context, request *kmsapi.DecryptReque
 
 // Encrypt performs base64 encoding of the payload of kms.EncryptRequest.
 func (s *Base64Plugin) Encrypt(ctx context.Context, request *kmsapi.EncryptRequest) (*kmsapi.EncryptResponse, error) {
-	klog.V(3).Infof("Received Encrypt Request for DEK: %x", request.Plain)
+	klog.V(3).InfoS("Received Encrypt Request", "plain", string(request.Plain))
 	s.mu.Lock()
 	defer s.mu.Unlock()
 	s.lastEncryptRequest = request

staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/testing/v2alpha1/kms_plugin_mock.go

@@ -126,7 +126,7 @@ func (s *Base64Plugin) Start() error {
 	if err != nil {
 		return fmt.Errorf("failed to listen on the unix socket, error: %v", err)
 	}
-	klog.Infof("Listening on %s", s.socketPath)
+	klog.InfoS("Starting KMS Plugin", "socketPath", s.socketPath)
 
 	go s.grpcServer.Serve(s.listener)
 	return nil
@@ -157,7 +157,7 @@ func (s *Base64Plugin) ExitFailedState() {
 
 // Update keyID for the plugin.
 func (s *Base64Plugin) UpdateKeyID() {
-	klog.Infof("updating keyID")
+	klog.Info("updating keyID")
 	s.mu.Lock()
 	defer s.mu.Unlock()
 	s.keyID = "2"
@@ -165,7 +165,7 @@ func (s *Base64Plugin) UpdateKeyID() {
 
 // Status returns the status of the kms-plugin.
 func (s *Base64Plugin) Status(ctx context.Context, request *kmsapi.StatusRequest) (*kmsapi.StatusResponse, error) {
-	klog.Infof("Received request for Status: %v", request)
+	klog.V(3).InfoS("Received request for Status", "request", request)
 	s.mu.Lock()
 	defer s.mu.Unlock()
 
@@ -178,7 +178,7 @@ func (s *Base64Plugin) Status(ctx context.Context, request *kmsapi.StatusRequest
 
 // Decrypt performs base64 decoding of the payload of kms.DecryptRequest.
 func (s *Base64Plugin) Decrypt(ctx context.Context, request *kmsapi.DecryptRequest) (*kmsapi.DecryptResponse, error) {
-	klog.V(3).Infof("Received Decrypt Request for DEK: %s", string(request.Ciphertext))
+	klog.V(3).InfoS("Received Decrypt Request", "ciphertext", string(request.Ciphertext))
 
 	s.mu.Lock()
 	defer s.mu.Unlock()
@@ -200,7 +200,7 @@ func (s *Base64Plugin) Decrypt(ctx context.Context, request *kmsapi.DecryptReque
 
 // Encrypt performs base64 encoding of the payload of kms.EncryptRequest.
 func (s *Base64Plugin) Encrypt(ctx context.Context, request *kmsapi.EncryptRequest) (*kmsapi.EncryptResponse, error) {
-	klog.V(3).Infof("Received Encrypt Request for DEK: %x", request.Plaintext)
+	klog.V(3).InfoS("Received Encrypt Request", "plaintext", string(request.Plaintext))
 	s.mu.Lock()
 	defer s.mu.Unlock()
 	s.lastEncryptRequest = request