Improve logging related to namespaces and APE #318

New Issue

Closed

opened 2024-02-20 12:29:54 +00:00 by dkirillov · 0 comments

dkirillov commented

2024-02-20 12:29:54 +00:00

Collaborator

It would be nice to add more logs for easily debugging.

Describe the solution you'd like

Log not only request_id but also namespace here (It would be more helpful after #306 since reqInfo.Namespace will contain effective namespace name)
Log policy check info somewhere here (it helps to see which action is requested in case of policy check failed and it can help to see owner)

reqLogOrDefault(ctx, <provide log here>).Debug("check request", zap.String("action", op),
		zap.String("resource", res), zap.String("owner", owner))

Always add context to errors. For example:
- here lead to the following logs

фев 19 14:43:27 aanikeev-node1 frostfs-s3-gw[41241]: 2024-02-19T14:43:27.637Z        error        failed to pass authentication        {"request_id": "214291d6-48ea-4fda-800a-fec94c69da23", "error": "BadRequest: 400 => 400 BadRequest"}

it would be nice to have more context there, e.g.

фев 19 14:43:27 aanikeev-node1 frostfs-s3-gw[41241]: 2024-02-19T14:43:27.637Z        error        failed to pass authentication        {"request_id": "214291d6-48ea-4fda-800a-fec94c69da23", "error": "BadRequest: 400 => 400 BadRequest: signature time from the future"}

there are some other places where this approach can applied too
Consider log AccessKeyID (in both cases: successful and failed auth)

Describe alternatives you've considered

Don't add extra logs.

Additional context

No.

## Is your feature request related to a problem? Please describe. It would be nice to add more logs for easily debugging. ## Describe the solution you'd like * Log not only `request_id` but also `namespace` [here](https://git.frostfs.info/TrueCloudLab/frostfs-s3-gw/src/commit/563c1d9bd756aeca03e3b31b939d11940ac6227a/api/middleware/reqinfo.go#L219) (It would be more helpful after #306 since `reqInfo.Namespace` will contain effective namespace name) * Log policy check info somewhere [here](https://git.frostfs.info/TrueCloudLab/frostfs-s3-gw/src/commit/563c1d9bd756aeca03e3b31b939d11940ac6227a/api/middleware/policy.go#L94) (it helps to see which action is requested in case of policy check failed and it can help to see `owner`) ```golang reqLogOrDefault(ctx, <provide log here>).Debug("check request", zap.String("action", op), zap.String("resource", res), zap.String("owner", owner)) ``` * Always add context to errors. For example: * [here](https://git.frostfs.info/TrueCloudLab/frostfs-s3-gw/src/commit/563c1d9bd756aeca03e3b31b939d11940ac6227a/api/auth/center.go#L323) lead to the following logs ``` фев 19 14:43:27 aanikeev-node1 frostfs-s3-gw[41241]: 2024-02-19T14:43:27.637Z error failed to pass authentication {"request_id": "214291d6-48ea-4fda-800a-fec94c69da23", "error": "BadRequest: 400 => 400 BadRequest"} ``` it would be nice to have more context there, e.g. ``` фев 19 14:43:27 aanikeev-node1 frostfs-s3-gw[41241]: 2024-02-19T14:43:27.637Z error failed to pass authentication {"request_id": "214291d6-48ea-4fda-800a-fec94c69da23", "error": "BadRequest: 400 => 400 BadRequest: signature time from the future"} ``` * there are some other places where this approach can applied too * Consider log AccessKeyID (in both cases: successful and failed auth) ## Describe alternatives you've considered Don't add extra logs. ## Additional context No.