tangled.org / core
Monorepo for Tangled tangled.org
fork atom

guard: supress logging #745

closed opened by oppi.li targeting master from push-ykxtvrlpxwrl

the default slog logger caused indigo/identity to emit logs when resolving identities. using a bespoke logger in the guard subcommand fixes this.

Signed-off-by: oppiliappan me@oppi.li

Labels

None yet.

assignee

None yet.

Participants 2
AT URI
at://did:plc:qfpnj4og54vl56wngdriaxug/sh.tangled.repo.pull/3m4qbkdfovt22
+26 -29
Diff #0
unified split
+26 -29
guard/guard.go
··· 16 16 securejoin "github.com/cyphar/filepath-securejoin" 17 17 "github.com/urfave/cli/v3" 18 18 "tangled.org/core/idresolver" 19 - "tangled.org/core/log" 20 19 ) 21 20 22 21 func Command() *cli.Command { ··· 55 54 } 56 55 57 56 func Run(ctx context.Context, cmd *cli.Command) error { 58 - l := log.FromContext(ctx) 59 - 60 57 incomingUser := cmd.String("user") 61 58 gitDir := cmd.String("git-dir") 62 59 logPath := cmd.String("log-path") 63 60 endpoint := cmd.String("internal-api") 64 61 motdFile := cmd.String("motd-file") 65 62 63 + stream := io.Discard 66 64 logFile, err := os.OpenFile(logPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644) 67 - if err != nil { 68 - l.Error("failed to open log file", "error", err) 69 - return err 70 - } else { 71 - fileHandler := slog.NewJSONHandler(logFile, &slog.HandlerOptions{Level: slog.LevelInfo}) 72 - l = slog.New(fileHandler) 65 + if err == nil { 66 + stream = logFile 73 67 } 74 68 69 + fileHandler := slog.NewJSONHandler(stream, &slog.HandlerOptions{Level: slog.LevelInfo}) 70 + slog.SetDefault(slog.New(fileHandler)) 71 + 75 72 var clientIP string 76 73 if connInfo := os.Getenv("SSH_CONNECTION"); connInfo != "" { 77 74 parts := strings.Fields(connInfo) ··· 81 78 } 82 79 83 80 if incomingUser == "" { 84 - l.Error("access denied: no user specified") 81 + slog.Error("access denied: no user specified") 85 82 fmt.Fprintln(os.Stderr, "access denied: no user specified") 86 83 os.Exit(-1) 87 84 } 88 85 89 86 sshCommand := os.Getenv("SSH_ORIGINAL_COMMAND") 90 87 91 - l.Info("connection attempt", 88 + slog.Info("connection attempt", 92 89 "user", incomingUser, 93 90 "command", sshCommand, 94 91 "client", clientIP) 95 92 96 93 if sshCommand == "" { 97 - l.Info("access denied: no interactive shells", "user", incomingUser) 94 + slog.Info("access denied: no interactive shells", "user", incomingUser) 98 95 fmt.Fprintf(os.Stderr, "Hi @%s! You've successfully authenticated.\n", incomingUser) 99 96 os.Exit(-1) 100 97 } 101 98 102 99 cmdParts := strings.Fields(sshCommand) 103 100 if len(cmdParts) < 2 { 104 - l.Error("invalid command format", "command", sshCommand) 101 + slog.Error("invalid command format", "command", sshCommand) 105 102 fmt.Fprintln(os.Stderr, "invalid command format") 106 103 os.Exit(-1) 107 104 } ··· 113 110 // any of the above with a leading slash (/) 114 111 115 112 components := strings.Split(strings.TrimPrefix(strings.Trim(cmdParts[1], "'"), "/"), "/") 116 - l.Info("command components", "components", components) 113 + slog.Info("command components", "components", components) 117 114 118 115 if len(components) != 2 { 119 - l.Error("invalid repo format", "components", components) 116 + slog.Error("invalid repo format", "components", components) 120 117 fmt.Fprintln(os.Stderr, "invalid repo format, needs <user>/<repo> or /<user>/<repo>") 121 118 os.Exit(-1) 122 119 } 123 120 124 121 didOrHandle := components[0] 125 - identity := resolveIdentity(ctx, l, didOrHandle) 122 + identity := resolveIdentity(ctx, didOrHandle) 126 123 did := identity.DID.String() 127 124 repoName := components[1] 128 125 qualifiedRepoName, _ := securejoin.SecureJoin(did, repoName) ··· 133 130 "git-upload-archive": true, 134 131 } 135 132 if !validCommands[gitCommand] { 136 - l.Error("access denied: invalid git command", "command", gitCommand) 133 + slog.Error("access denied: invalid git command", "command", gitCommand) 137 134 fmt.Fprintln(os.Stderr, "access denied: invalid git command") 138 135 return fmt.Errorf("access denied: invalid git command") 139 136 } 140 137 141 138 if gitCommand != "git-upload-pack" { 142 - if !isPushPermitted(l, incomingUser, qualifiedRepoName, endpoint) { 143 - l.Error("access denied: user not allowed", 139 + if !isPushPermitted(incomingUser, qualifiedRepoName, endpoint) { 140 + slog.Error("access denied: user not allowed", 144 141 "did", incomingUser, 145 142 "reponame", qualifiedRepoName) 146 143 fmt.Fprintln(os.Stderr, "access denied: user not allowed") ··· 150 147 151 148 fullPath, _ := securejoin.SecureJoin(gitDir, qualifiedRepoName) 152 149 153 - l.Info("processing command", 150 + slog.Info("processing command", 154 151 "user", incomingUser, 155 152 "command", gitCommand, 156 153 "repo", repoName, ··· 160 157 var motdReader io.Reader 161 158 if reader, err := os.Open(motdFile); err != nil { 162 159 if !errors.Is(err, os.ErrNotExist) { 163 - l.Error("failed to read motd file", "error", err) 160 + slog.Error("failed to read motd file", "error", err) 164 161 } 165 162 motdReader = strings.NewReader("Welcome to this knot!\n") 166 163 } else { ··· 181 178 ) 182 179 183 180 if err := gitCmd.Run(); err != nil { 184 - l.Error("command failed", "error", err) 181 + slog.Error("command failed", "error", err) 185 182 fmt.Fprintf(os.Stderr, "command failed: %v\n", err) 186 183 return fmt.Errorf("command failed: %v", err) 187 184 } 188 185 189 - l.Info("command completed", 186 + slog.Info("command completed", 190 187 "user", incomingUser, 191 188 "command", gitCommand, 192 189 "repo", repoName, ··· 195 192 return nil 196 193 } 197 194 198 - func resolveIdentity(ctx context.Context, l *slog.Logger, didOrHandle string) *identity.Identity { 195 + func resolveIdentity(ctx context.Context, didOrHandle string) *identity.Identity { 199 196 resolver := idresolver.DefaultResolver() 200 197 ident, err := resolver.ResolveIdent(ctx, didOrHandle) 201 198 if err != nil { 202 - l.Error("Error resolving handle", "error", err, "handle", didOrHandle) 199 + slog.Error("Error resolving handle", "error", err, "handle", didOrHandle) 203 200 fmt.Fprintf(os.Stderr, "error resolving handle: %v\n", err) 204 201 os.Exit(1) 205 202 } 206 203 if ident.Handle.IsInvalidHandle() { 207 - l.Error("Error resolving handle", "invalid handle", didOrHandle) 204 + slog.Error("Error resolving handle", "invalid handle", didOrHandle) 208 205 fmt.Fprintf(os.Stderr, "error resolving handle: invalid handle\n") 209 206 os.Exit(1) 210 207 } 211 208 return ident 212 209 } 213 210 214 - func isPushPermitted(l *slog.Logger, user, qualifiedRepoName, endpoint string) bool { 211 + func isPushPermitted(user, qualifiedRepoName, endpoint string) bool { 215 212 u, _ := url.Parse(endpoint + "/push-allowed") 216 213 q := u.Query() 217 214 q.Add("user", user) ··· 220 217 221 218 req, err := http.Get(u.String()) 222 219 if err != nil { 223 - l.Error("Error verifying permissions", "error", err) 220 + slog.Error("Error verifying permissions", "error", err) 224 221 fmt.Fprintf(os.Stderr, "error verifying permissions: %v\n", err) 225 222 os.Exit(1) 226 223 } 227 224 228 - l.Info("Checking push permission", 225 + slog.Info("checking push permission", 229 226 "url", u.String(), 230 227 "status", req.Status) 231 228

History

1 round 7 comments
sign up or login to add to the discussion
oppi.li submitted #0
1 commit
expand
6336c9d3
guard: supress logging
3/3 success
expand
build.yml
fmt.yml
test.yml
expand 7 comments
boltless.me

I've moved part of the guard logics to internal server in #700 which also address this issue a bit (ignore all outdated title/description, see the commit.)

Do we want to move all guard logics to internal server instead? would be helpful in other directions too e.g. greeting with user handle in ssh -T

boltless.me

I've moved part of the guard logics to internal server in #700 which also address this issue a bit (ignore all outdated title/description, see the commit.)

Do we want to move all guard logics to internal server instead? would be helpful in other directions too e.g. greeting with user handle in ssh -T

boltless.me

uhh why the comment is duplicated. I pressed the button once. I lost the network log after second comment so can't check what happend.

oppi.li

that could be interesting. perhaps we could convert the knot keys command to do something similar as well.

oppi.li

that change can be sumbmitted independent of the rest of the stack, it is a bit hard to merge now because it is it the middle of the other changes in that patch.

boltless.me

Can we merge the stack below the #684? #684 is there only to share my dev setup but I think all 702~701 are fine to merge.

oppi.li

this PR is no longer required!

closed without merging