From 6db7496db60816c36b519a940fa1b0af1c0898da Mon Sep 17 00:00:00 2001 From: Anish Ramasekar Date: Thu, 9 Feb 2023 19:54:37 +0000 Subject: [PATCH] [KMS] Use structured logging in value/encrypt Signed-off-by: Anish Ramasekar --- .../pkg/storage/value/encrypt/envelope/grpc_service.go | 8 ++++---- .../value/encrypt/envelope/kmsv2/grpc_service.go | 6 +++--- .../envelope/testing/v1beta1/kms_plugin_mock.go | 8 ++++---- .../envelope/testing/v2alpha1/kms_plugin_mock.go | 10 +++++----- 4 files changed, 16 insertions(+), 16 deletions(-) diff --git a/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/grpc_service.go b/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/grpc_service.go index 2b70144608d..34c8a6706d4 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/grpc_service.go +++ b/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/grpc_service.go @@ -53,7 +53,7 @@ type gRPCService struct { // NewGRPCService returns an envelope.Service which use gRPC to communicate the remote KMS provider. func NewGRPCService(ctx context.Context, endpoint string, callTimeout time.Duration) (Service, error) { - klog.V(4).Infof("Configure KMS provider with endpoint: %s", endpoint) + klog.V(4).InfoS("Configure KMS provider", "endpoint", endpoint) addr, err := util.ParseEndpoint(endpoint) if err != nil { @@ -72,9 +72,9 @@ func NewGRPCService(ctx context.Context, endpoint string, callTimeout time.Durat // addr - comes from the closure c, err := net.DialUnix(unixProtocol, nil, &net.UnixAddr{Name: addr}) if err != nil { - klog.Errorf("failed to create connection to unix socket: %s, error: %v", addr, err) + klog.ErrorS(err, "failed to create connection to unix socket", "addr", addr) } else { - klog.V(4).Infof("Successfully dialed Unix socket %v", addr) + klog.V(4).InfoS("Successfully dialed Unix socket", "addr", addr) } return c, err })) @@ -113,7 +113,7 @@ func (g *gRPCService) checkAPIVersion(ctx context.Context) error { } g.versionChecked = true - klog.V(4).Infof("Version of KMS provider is %s", response.Version) + klog.V(4).InfoS("KMS provider api version verified", "version", response.Version) return nil } diff --git a/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/kmsv2/grpc_service.go b/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/kmsv2/grpc_service.go index ac4dea8b2c0..b56bbd512e9 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/kmsv2/grpc_service.go +++ b/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/kmsv2/grpc_service.go @@ -48,7 +48,7 @@ type gRPCService struct { // NewGRPCService returns an envelope.Service which use gRPC to communicate the remote KMS provider. func NewGRPCService(ctx context.Context, endpoint, providerName string, callTimeout time.Duration) (kmsservice.Service, error) { - klog.V(4).Infof("Configure KMS provider with endpoint: %s", endpoint) + klog.V(4).InfoS("Configure KMS provider", "endpoint", endpoint) addr, err := util.ParseEndpoint(endpoint) if err != nil { @@ -66,9 +66,9 @@ func NewGRPCService(ctx context.Context, endpoint, providerName string, callTime // addr - comes from the closure c, err := net.DialUnix(unixProtocol, nil, &net.UnixAddr{Name: addr}) if err != nil { - klog.Errorf("failed to create connection to unix socket: %s, error: %v", addr, err) + klog.ErrorS(err, "failed to create connection to unix socket", "addr", addr) } else { - klog.V(4).Infof("Successfully dialed Unix socket %v", addr) + klog.V(4).InfoS("Successfully dialed Unix socket", "addr", addr) } return c, err }), diff --git a/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/testing/v1beta1/kms_plugin_mock.go b/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/testing/v1beta1/kms_plugin_mock.go index dfb8c824670..37a3e4eb70f 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/testing/v1beta1/kms_plugin_mock.go +++ b/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/testing/v1beta1/kms_plugin_mock.go @@ -105,7 +105,7 @@ func (s *Base64Plugin) Start() error { if err != nil { return fmt.Errorf("failed to listen on the unix socket, error: %v", err) } - klog.Infof("Listening on %s", s.socketPath) + klog.InfoS("Starting KMS Plugin", "socketPath", s.socketPath) go s.grpcServer.Serve(s.listener) return nil @@ -136,13 +136,13 @@ func (s *Base64Plugin) ExitFailedState() { // Version returns the version of the kms-plugin. func (s *Base64Plugin) Version(ctx context.Context, request *kmsapi.VersionRequest) (*kmsapi.VersionResponse, error) { - klog.Infof("Received request for Version: %v", request) + klog.V(3).InfoS("Received request for Version", "request", request) return &kmsapi.VersionResponse{Version: s.ver, RuntimeName: "testKMS", RuntimeVersion: "0.0.1"}, nil } // Decrypt performs base64 decoding of the payload of kms.DecryptRequest. func (s *Base64Plugin) Decrypt(ctx context.Context, request *kmsapi.DecryptRequest) (*kmsapi.DecryptResponse, error) { - klog.V(3).Infof("Received Decrypt Request for DEK: %s", string(request.Cipher)) + klog.V(3).InfoS("Received Decrypt Request", "cipher", string(request.Cipher)) s.mu.Lock() defer s.mu.Unlock() @@ -161,7 +161,7 @@ func (s *Base64Plugin) Decrypt(ctx context.Context, request *kmsapi.DecryptReque // Encrypt performs base64 encoding of the payload of kms.EncryptRequest. func (s *Base64Plugin) Encrypt(ctx context.Context, request *kmsapi.EncryptRequest) (*kmsapi.EncryptResponse, error) { - klog.V(3).Infof("Received Encrypt Request for DEK: %x", request.Plain) + klog.V(3).InfoS("Received Encrypt Request", "plain", string(request.Plain)) s.mu.Lock() defer s.mu.Unlock() s.lastEncryptRequest = request diff --git a/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/testing/v2alpha1/kms_plugin_mock.go b/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/testing/v2alpha1/kms_plugin_mock.go index 6c58231dc7e..a9da4ec2e37 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/testing/v2alpha1/kms_plugin_mock.go +++ b/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/testing/v2alpha1/kms_plugin_mock.go @@ -126,7 +126,7 @@ func (s *Base64Plugin) Start() error { if err != nil { return fmt.Errorf("failed to listen on the unix socket, error: %v", err) } - klog.Infof("Listening on %s", s.socketPath) + klog.InfoS("Starting KMS Plugin", "socketPath", s.socketPath) go s.grpcServer.Serve(s.listener) return nil @@ -157,7 +157,7 @@ func (s *Base64Plugin) ExitFailedState() { // Update keyID for the plugin. func (s *Base64Plugin) UpdateKeyID() { - klog.Infof("updating keyID") + klog.Info("updating keyID") s.mu.Lock() defer s.mu.Unlock() s.keyID = "2" @@ -165,7 +165,7 @@ func (s *Base64Plugin) UpdateKeyID() { // Status returns the status of the kms-plugin. func (s *Base64Plugin) Status(ctx context.Context, request *kmsapi.StatusRequest) (*kmsapi.StatusResponse, error) { - klog.Infof("Received request for Status: %v", request) + klog.V(3).InfoS("Received request for Status", "request", request) s.mu.Lock() defer s.mu.Unlock() @@ -178,7 +178,7 @@ func (s *Base64Plugin) Status(ctx context.Context, request *kmsapi.StatusRequest // Decrypt performs base64 decoding of the payload of kms.DecryptRequest. func (s *Base64Plugin) Decrypt(ctx context.Context, request *kmsapi.DecryptRequest) (*kmsapi.DecryptResponse, error) { - klog.V(3).Infof("Received Decrypt Request for DEK: %s", string(request.Ciphertext)) + klog.V(3).InfoS("Received Decrypt Request", "ciphertext", string(request.Ciphertext)) s.mu.Lock() defer s.mu.Unlock() @@ -200,7 +200,7 @@ func (s *Base64Plugin) Decrypt(ctx context.Context, request *kmsapi.DecryptReque // Encrypt performs base64 encoding of the payload of kms.EncryptRequest. func (s *Base64Plugin) Encrypt(ctx context.Context, request *kmsapi.EncryptRequest) (*kmsapi.EncryptResponse, error) { - klog.V(3).Infof("Received Encrypt Request for DEK: %x", request.Plaintext) + klog.V(3).InfoS("Received Encrypt Request", "plaintext", string(request.Plaintext)) s.mu.Lock() defer s.mu.Unlock() s.lastEncryptRequest = request