From 1301f689bb0f1f44b66a057c8915f77ac71f30cc Mon Sep 17 00:00:00 2001 From: AVA Monitoring <56961522+avamonitoring@users.noreply.github.com> Date: Mon, 8 Nov 2021 16:25:11 +0100 Subject: [PATCH] feat: configurable health endpoints access logging (#1934) This PR introduces a new boolean configuration parameter that allows turning off logging of health endpoints requests in the access log. The implementation is basically a rip-off from Ory Hydra and the configuration parameter is the same: ``` serve.public.request_log.disable_for_health serve.admin.request_log.disable_for_health ``` The default value is _false_. Co-authored-by: hackerman <3372410+aeneasr@users.noreply.github.com> --- cmd/daemon/serve.go | 18 ++++++++++++++++-- driver/config/config.go | 10 ++++++++++ embedx/config.schema.json | 24 ++++++++++++++++++++++++ 3 files changed, 50 insertions(+), 2 deletions(-) diff --git a/cmd/daemon/serve.go b/cmd/daemon/serve.go index 1db5bd4e37ba..f3124c8c95cd 100644 --- a/cmd/daemon/serve.go +++ b/cmd/daemon/serve.go @@ -82,7 +82,14 @@ func ServePublic(r driver.Registry, wg *sync.WaitGroup, cmd *cobra.Command, args for _, mw := range modifiers.mwf { n.UseFunc(mw) } - n.Use(reqlog.NewMiddlewareFromLogger(l, "public#"+c.SelfPublicURL(nil).String())) + publicLogger := reqlog.NewMiddlewareFromLogger( + l, + "public#"+c.SelfPublicURL(nil).String(), + ) + if r.Config(ctx).DisablePublicHealthRequestLog() { + publicLogger.ExcludePaths(healthx.AliveCheckPath, healthx.ReadyCheckPath) + } + n.Use(publicLogger) n.Use(sqa(ctx, cmd, r)) n.Use(r.PrometheusManager()) @@ -147,7 +154,14 @@ func ServeAdmin(r driver.Registry, wg *sync.WaitGroup, cmd *cobra.Command, args for _, mw := range modifiers.mwf { n.UseFunc(mw) } - n.Use(reqlog.NewMiddlewareFromLogger(l, "admin#"+c.SelfPublicURL(nil).String())) + adminLogger := reqlog.NewMiddlewareFromLogger( + l, + "admin#"+c.SelfPublicURL(nil).String(), + ) + if r.Config(ctx).DisableAdminHealthRequestLog() { + adminLogger.ExcludePaths(healthx.AliveCheckPath, healthx.ReadyCheckPath) + } + n.Use(adminLogger) n.Use(sqa(ctx, cmd, r)) n.Use(r.PrometheusManager()) diff --git a/driver/config/config.go b/driver/config/config.go index bcbc02463c28..a7a71b5beaac 100644 --- a/driver/config/config.go +++ b/driver/config/config.go @@ -64,6 +64,7 @@ const ( ViperKeySecretsDefault = "secrets.default" ViperKeySecretsCookie = "secrets.cookie" ViperKeySecretsCipher = "secrets.cipher" + ViperKeyDisablePublicHealthRequestLog = "serve.public.request_log.disable_for_health" ViperKeyPublicBaseURL = "serve.public.base_url" ViperKeyPublicDomainAliases = "serve.public.domain_aliases" ViperKeyPublicPort = "serve.public.port" @@ -75,6 +76,7 @@ const ( ViperKeyPublicTLSKeyBase64 = "serve.public.tls.key.base64" ViperKeyPublicTLSCertPath = "serve.public.tls.cert.path" ViperKeyPublicTLSKeyPath = "serve.public.tls.key.path" + ViperKeyDisableAdminHealthRequestLog = "serve.admin.request_log.disable_for_health" ViperKeyAdminBaseURL = "serve.admin.base_url" ViperKeyAdminPort = "serve.admin.port" ViperKeyAdminHost = "serve.admin.host" @@ -697,6 +699,10 @@ func (p *Config) baseURL(keyURL, keyHost, keyPort string, defaultPort int) *url. return p.guessBaseURL(keyHost, keyPort, defaultPort) } +func (p *Config) DisablePublicHealthRequestLog() bool { + return p.p.Bool(ViperKeyDisablePublicHealthRequestLog) +} + type DomainAlias struct { BasePath string `json:"base_path"` Scheme string `json:"scheme"` @@ -749,6 +755,10 @@ func (p *Config) SelfPublicURL(r *http.Request) *url.URL { return primary } +func (p *Config) DisableAdminHealthRequestLog() bool { + return p.p.Bool(ViperKeyDisableAdminHealthRequestLog) +} + func (p *Config) SelfAdminURL() *url.URL { return p.baseURL(ViperKeyAdminBaseURL, ViperKeyAdminHost, ViperKeyAdminPort, 4434) } diff --git a/embedx/config.schema.json b/embedx/config.schema.json index 3c54f172c08d..f55a4c380e57 100644 --- a/embedx/config.schema.json +++ b/embedx/config.schema.json @@ -1350,6 +1350,18 @@ "admin": { "type": "object", "properties": { + "request_log": { + "type": "object", + "properties": { + "disable_for_health": { + "title": "Disable health endpoints request logging", + "description": "Disable request logging for /health/alive and /health/ready endpoints", + "type": "boolean", + "default": false + } + }, + "additionalProperties": false + }, "base_url": { "title": "Admin Base URL", "description": "The URL where the admin endpoint is exposed at.", @@ -1388,6 +1400,18 @@ "public": { "type": "object", "properties": { + "request_log": { + "type": "object", + "properties": { + "disable_for_health": { + "title": "Disable health endpoints request logging", + "description": "Disable request logging for /health/alive and /health/ready endpoints", + "type": "boolean", + "default": false + } + }, + "additionalProperties": false + }, "cors": { "type": "object", "additionalProperties": false,