Skip to content

Commit

Permalink
add support for logging
Browse files Browse the repository at this point in the history
  • Loading branch information
@tuunit
tuunit committed May 5, 2024
1 parent 845f071 commit a9427e5
Show file tree
Hide file tree
Showing 7 changed files with 199 additions and 70 deletions.
36 changes: 36 additions & 0 deletions docs/docs/configuration/alpha_config.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -173,6 +173,7 @@ They may change between releases without notice.
| `Cookie` | _[Cookie](#cookie)_ | Cookie is used to configure the cookie used to store the session state.<br/>This includes options such as the cookie name, its expiry and its domain. |
| `Session` | _[SessionOptions](#sessionoptions)_ | Session is used to configure the session storage.<br/>To either use a cookie or a redis store. |
| `PageTemplates` | _[PageTemplates](#pagetemplates)_ | PageTemplates is used to configure custom page templates.<br/>This includes the sign in and error pages. |
| `Logging` | _[Logging](#logging)_ | Logging is used to configure the logging output.<br/>Which formats are enabled and where to write the logs. |

### AzureOptions

Expand Down Expand Up @@ -317,6 +318,41 @@ make up the header value
| `Groups` | _[]string_ | Group enables to restrict login to members of indicated group |
| `Roles` | _[]string_ | Role enables to restrict login to users with role (only available when using the keycloak-oidc provider) |

### LogFileOptions

(**Appears on:** [Logging](#logging))

LogFileOptions contains options for configuring logging to a file

| Field | Type | Description |
| ----- | ---- | ----------- |
| `Filename` | _string_ | |
| `MaxSize` | _int_ | |
| `MaxAge` | _int_ | |
| `MaxBackups` | _int_ | |
| `Compress` | _bool_ | |

### Logging

(**Appears on:** [AlphaOptions](#alphaoptions))

Logging contains all options required for configuring the logging

| Field | Type | Description |
| ----- | ---- | ----------- |
| `AuthEnabled` | _bool_ | |
| `AuthFormat` | _string_ | |
| `RequestEnabled` | _bool_ | |
| `RequestFormat` | _string_ | |
| `StandardEnabled` | _bool_ | |
| `StandardFormat` | _string_ | |
| `ErrToInfo` | _bool_ | |
| `ExcludePaths` | _[]string_ | |
| `LocalTime` | _bool_ | |
| `SilencePing` | _bool_ | |
| `RequestIDHeader` | _string_ | |
| `File` | _[LogFileOptions](#logfileoptions)_ | |

### LoginGovOptions

(**Appears on:** [Provider](#provider))
Expand Down
4 changes: 4 additions & 0 deletions pkg/apis/options/alpha_options.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,10 @@ type AlphaOptions struct {
// PageTemplates is used to configure custom page templates.
// This includes the sign in and error pages.
PageTemplates PageTemplates `yaml:"pageTemplates,omitempty"`

// Logging is used to configure the logging output.
// Which formats are enabled and where to write the logs.
Logging Logging `yaml:"logging,omitempty"`
}

// Initialize alpha options with default values and settings of the core options
Expand Down
79 changes: 79 additions & 0 deletions pkg/apis/options/legacy_logging.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
package options

import (
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/logger"
"github.com/spf13/pflag"
)

// Logging contains all options required for configuring the logging
type LegacyLogging struct {
AuthEnabled bool `flag:"auth-logging" cfg:"auth_logging"`
AuthFormat string `flag:"auth-logging-format" cfg:"auth_logging_format"`
RequestEnabled bool `flag:"request-logging" cfg:"request_logging"`
RequestFormat string `flag:"request-logging-format" cfg:"request_logging_format"`
StandardEnabled bool `flag:"standard-logging" cfg:"standard_logging"`
StandardFormat string `flag:"standard-logging-format" cfg:"standard_logging_format"`
ErrToInfo bool `flag:"errors-to-info-log" cfg:"errors_to_info_log"`
ExcludePaths []string `flag:"exclude-logging-path" cfg:"exclude_logging_paths"`
LocalTime bool `flag:"logging-local-time" cfg:"logging_local_time"`
SilencePing bool `flag:"silence-ping-logging" cfg:"silence_ping_logging"`
RequestIDHeader string `flag:"request-id-header" cfg:"request_id_header"`
File LegacyLogFileOptions `cfg:",squash"`
}

// LogFileOptions contains options for configuring logging to a file
type LegacyLogFileOptions struct {
Filename string `flag:"logging-filename" cfg:"logging_filename"`
MaxSize int `flag:"logging-max-size" cfg:"logging_max_size"`
MaxAge int `flag:"logging-max-age" cfg:"logging_max_age"`
MaxBackups int `flag:"logging-max-backups" cfg:"logging_max_backups"`
Compress bool `flag:"logging-compress" cfg:"logging_compress"`
}

func legacyLoggingFlagSet() *pflag.FlagSet {
flagSet := pflag.NewFlagSet("logging", pflag.ExitOnError)

flagSet.Bool("auth-logging", true, "Log authentication attempts")
flagSet.String("auth-logging-format", logger.DefaultAuthLoggingFormat, "Template for authentication log lines")
flagSet.Bool("standard-logging", true, "Log standard runtime information")
flagSet.String("standard-logging-format", logger.DefaultStandardLoggingFormat, "Template for standard log lines")
flagSet.Bool("request-logging", true, "Log HTTP requests")
flagSet.String("request-logging-format", logger.DefaultRequestLoggingFormat, "Template for HTTP request log lines")
flagSet.Bool("errors-to-info-log", false, "Log errors to the standard logging channel instead of stderr")

flagSet.StringSlice("exclude-logging-path", []string{}, "Exclude logging requests to paths (eg: '/path1,/path2,/path3')")
flagSet.Bool("logging-local-time", true, "If the time in log files and backup filenames are local or UTC time")
flagSet.Bool("silence-ping-logging", false, "Disable logging of requests to ping & ready endpoints")
flagSet.String("request-id-header", "X-Request-Id", "Request header to use as the request ID")

flagSet.String("logging-filename", "", "File to log requests to, empty for stdout")
flagSet.Int("logging-max-size", 100, "Maximum size in megabytes of the log file before rotation")
flagSet.Int("logging-max-age", 7, "Maximum number of days to retain old log files")
flagSet.Int("logging-max-backups", 0, "Maximum number of old log files to retain; 0 to disable")
flagSet.Bool("logging-compress", false, "Should rotated log files be compressed using gzip")

return flagSet
}

func (l *LegacyLogging) convert() Logging {
return Logging{
AuthEnabled: l.AuthEnabled,
AuthFormat: l.AuthFormat,
RequestEnabled: l.RequestEnabled,
RequestFormat: l.RequestFormat,
StandardEnabled: l.StandardEnabled,
StandardFormat: l.StandardFormat,
ErrToInfo: l.ErrToInfo,
ExcludePaths: l.ExcludePaths,
LocalTime: l.LocalTime,
SilencePing: l.SilencePing,
RequestIDHeader: l.RequestIDHeader,
File: LogFileOptions{
Filename: l.File.Filename,
MaxSize: l.File.MaxSize,
MaxAge: l.File.MaxAge,
MaxBackups: l.File.MaxBackups,
Compress: l.File.Compress,
},
}
}
57 changes: 38 additions & 19 deletions pkg/apis/options/legacy_options.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"fmt"
"time"

"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/logger"
"github.com/spf13/pflag"
)

Expand Down Expand Up @@ -35,7 +36,8 @@ type LegacyOptions struct {
// Legacy options for configuring the cookie session storage
LegacySessionOptions LegacySessionOptions `cfg:",squash"`

Options Options `cfg:",squash"`
// Legacy options for logging
LegacyLogging LegacyLogging `cfg:",squash"`
}

func NewLegacyOptions() *LegacyOptions {
Expand Down Expand Up @@ -108,12 +110,31 @@ func NewLegacyOptions() *LegacyOptions {
},
},

Options: *NewOptions(),
LegacyLogging: LegacyLogging{
ExcludePaths: nil,
LocalTime: true,
SilencePing: false,
RequestIDHeader: "X-Request-Id",
AuthEnabled: true,
AuthFormat: logger.DefaultAuthLoggingFormat,
RequestEnabled: true,
RequestFormat: logger.DefaultRequestLoggingFormat,
StandardEnabled: true,
StandardFormat: logger.DefaultStandardLoggingFormat,
ErrToInfo: false,
File: LegacyLogFileOptions{
Filename: "",
MaxSize: 100,
MaxAge: 7,
MaxBackups: 0,
Compress: false,
},
},
}
}

func NewLegacyFlagSet() *pflag.FlagSet {
flagSet := NewFlagSet()
flagSet := pflag.NewFlagSet("oauth2-proxy", pflag.ExitOnError)

flagSet.AddFlagSet(legacyProxyOptionsFlagSet())
flagSet.AddFlagSet(legacyUpstreamsFlagSet())
Expand All @@ -125,38 +146,36 @@ func NewLegacyFlagSet() *pflag.FlagSet {
flagSet.AddFlagSet(legacyProbeOptionsFlagSet())
flagSet.AddFlagSet(legacyPageTemplatesFlagSet())
flagSet.AddFlagSet(legacySessionFlagSet())
flagSet.AddFlagSet(legacyLoggingFlagSet())

return flagSet
}

func (l *LegacyOptions) ToOptions() (*Options, error) {
l.Options.ProxyOptions = l.LegacyProxyOptions.convert()
opts := NewOptions()
opts.ProxyOptions = l.LegacyProxyOptions.convert()

upstreams, err := l.LegacyUpstreams.convert()
if err != nil {
return nil, fmt.Errorf("error converting upstreams: %v", err)
}
l.Options.UpstreamServers = upstreams

l.Options.InjectRequestHeaders, l.Options.InjectResponseHeaders = l.LegacyHeaders.convert()

l.Options.Server, l.Options.MetricsServer = l.LegacyServer.convert()

l.Options.LegacyPreferEmailToUser = l.LegacyHeaders.PreferEmailToUser
opts.UpstreamServers = upstreams
opts.InjectRequestHeaders, opts.InjectResponseHeaders = l.LegacyHeaders.convert()
opts.Server, opts.MetricsServer = l.LegacyServer.convert()
opts.LegacyPreferEmailToUser = l.LegacyHeaders.PreferEmailToUser

providers, err := l.LegacyProvider.convert()
if err != nil {
return nil, fmt.Errorf("error converting provider: %v", err)
}
l.Options.Providers = providers

l.Options.Cookie = l.LegacyCookie.convert()

l.Options.ProbeOptions = l.LegacyProbeOptions.convert()

l.Options.PageTemplates = l.LegacyPageTemplates.convert()

l.Options.Session = l.LegacySessionOptions.convert()
opts.Providers = providers
opts.Cookie = l.LegacyCookie.convert()
opts.ProbeOptions = l.LegacyProbeOptions.convert()
opts.PageTemplates = l.LegacyPageTemplates.convert()
opts.Session = l.LegacySessionOptions.convert()
opts.Logging = l.LegacyLogging.convert()

return &l.Options, nil
return opts, nil
}
22 changes: 20 additions & 2 deletions pkg/apis/options/load_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (
"time"

. "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options/testutil"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/logger"
. "github.com/onsi/ginkgo"
. "github.com/onsi/ginkgo/extensions/table"
. "github.com/onsi/gomega"
Expand Down Expand Up @@ -83,8 +84,25 @@ var _ = Describe("Load", func() {
},
},

Options: Options{
Logging: loggingDefaults(),
LegacyLogging: LegacyLogging{
ExcludePaths: nil,
LocalTime: true,
SilencePing: false,
RequestIDHeader: "X-Request-Id",
AuthEnabled: true,
AuthFormat: logger.DefaultAuthLoggingFormat,
RequestEnabled: true,
RequestFormat: logger.DefaultRequestLoggingFormat,
StandardEnabled: true,
StandardFormat: logger.DefaultStandardLoggingFormat,
ErrToInfo: false,
File: LegacyLogFileOptions{
Filename: "",
MaxSize: 100,
MaxAge: 7,
MaxBackups: 0,
Compress: false,
},
},
}

Expand Down
60 changes: 17 additions & 43 deletions pkg/apis/options/logging.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,57 +2,31 @@ package options

import (
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/logger"
"github.com/spf13/pflag"
)

// Logging contains all options required for configuring the logging
type Logging struct {
AuthEnabled bool `flag:"auth-logging" cfg:"auth_logging"`
AuthFormat string `flag:"auth-logging-format" cfg:"auth_logging_format"`
RequestEnabled bool `flag:"request-logging" cfg:"request_logging"`
RequestFormat string `flag:"request-logging-format" cfg:"request_logging_format"`
StandardEnabled bool `flag:"standard-logging" cfg:"standard_logging"`
StandardFormat string `flag:"standard-logging-format" cfg:"standard_logging_format"`
ErrToInfo bool `flag:"errors-to-info-log" cfg:"errors_to_info_log"`
ExcludePaths []string `flag:"exclude-logging-path" cfg:"exclude_logging_paths"`
LocalTime bool `flag:"logging-local-time" cfg:"logging_local_time"`
SilencePing bool `flag:"silence-ping-logging" cfg:"silence_ping_logging"`
RequestIDHeader string `flag:"request-id-header" cfg:"request_id_header"`
File LogFileOptions `cfg:",squash"`
AuthEnabled bool `yaml:"authEnabled"`
AuthFormat string `yaml:"authFormat,omitempty"`
RequestEnabled bool `yaml:"requestEnabled"`
RequestFormat string `yaml:"requestFormat,omitempty"`
StandardEnabled bool `yaml:"standardEnabled"`
StandardFormat string `yaml:"standardFormat,omitempty"`
ErrToInfo bool `yaml:"errToInfo,omitempty"`
ExcludePaths []string `yaml:"excludePaths,omitempty"`
LocalTime bool `yaml:"localTime"`
SilencePing bool `yaml:"silencePing,omitempty"`
RequestIDHeader string `yaml:"requestIdHeader,omitempty"`
File LogFileOptions `yaml:"fileOptions,omitempty"`
}

// LogFileOptions contains options for configuring logging to a file
type LogFileOptions struct {
Filename string `flag:"logging-filename" cfg:"logging_filename"`
MaxSize int `flag:"logging-max-size" cfg:"logging_max_size"`
MaxAge int `flag:"logging-max-age" cfg:"logging_max_age"`
MaxBackups int `flag:"logging-max-backups" cfg:"logging_max_backups"`
Compress bool `flag:"logging-compress" cfg:"logging_compress"`
}

func loggingFlagSet() *pflag.FlagSet {
flagSet := pflag.NewFlagSet("logging", pflag.ExitOnError)

flagSet.Bool("auth-logging", true, "Log authentication attempts")
flagSet.String("auth-logging-format", logger.DefaultAuthLoggingFormat, "Template for authentication log lines")
flagSet.Bool("standard-logging", true, "Log standard runtime information")
flagSet.String("standard-logging-format", logger.DefaultStandardLoggingFormat, "Template for standard log lines")
flagSet.Bool("request-logging", true, "Log HTTP requests")
flagSet.String("request-logging-format", logger.DefaultRequestLoggingFormat, "Template for HTTP request log lines")
flagSet.Bool("errors-to-info-log", false, "Log errors to the standard logging channel instead of stderr")

flagSet.StringSlice("exclude-logging-path", []string{}, "Exclude logging requests to paths (eg: '/path1,/path2,/path3')")
flagSet.Bool("logging-local-time", true, "If the time in log files and backup filenames are local or UTC time")
flagSet.Bool("silence-ping-logging", false, "Disable logging of requests to ping & ready endpoints")
flagSet.String("request-id-header", "X-Request-Id", "Request header to use as the request ID")

flagSet.String("logging-filename", "", "File to log requests to, empty for stdout")
flagSet.Int("logging-max-size", 100, "Maximum size in megabytes of the log file before rotation")
flagSet.Int("logging-max-age", 7, "Maximum number of days to retain old log files")
flagSet.Int("logging-max-backups", 0, "Maximum number of old log files to retain; 0 to disable")
flagSet.Bool("logging-compress", false, "Should rotated log files be compressed using gzip")

return flagSet
Filename string `yaml:"filename,omitempty"`
MaxSize int `yaml:"maxSize,omitempty"`
MaxAge int `yaml:"maxAge,omitempty"`
MaxBackups int `yaml:"maxBackups,omitempty"`
Compress bool `yaml:"compress,omitempty"`
}

// loggingDefaults creates a Logging structure, populating each field with its default value
Expand Down
11 changes: 5 additions & 6 deletions pkg/apis/options/options.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,9 @@ type Options struct {
// To either use a cookie or a redis store.
Session SessionOptions `cfg:",internal"`

Logging Logging `cfg:",squash"`
// Logging is used to configure the logging output.
// Which formats are enabled and where to write the logs.
Logging Logging `cfg:",internal"`

// PageTemplates is used to configure custom page templates.
// This includes the sign in and error pages.
Expand Down Expand Up @@ -93,10 +95,7 @@ func NewOptions() *Options {
}

// NewFlagSet creates a new FlagSet with all of the flags required by Options
// Deprecated: NewFlagSet is deprecated. Flags will be removed in v8.
func NewFlagSet() *pflag.FlagSet {
flagSet := pflag.NewFlagSet("oauth2-proxy", pflag.ExitOnError)

flagSet.AddFlagSet(loggingFlagSet())

return flagSet
return pflag.NewFlagSet("oauth2-proxy", pflag.ExitOnError)
}

0 comments on commit a9427e5

Please sign in to comment.