chore: temporarily add more logs

Signed-off-by: Shahram Kalantari <[email protected]>
shahramk64 · Nov 1, 2024 · 628cfc3 · 628cfc3
1 parent 49cf040
commit 628cfc3
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 9 deletions.
diff --git a/pkg/certificateprovider/azurekeyvault/provider.go b/pkg/certificateprovider/azurekeyvault/provider.go
@@ -32,6 +32,7 @@ import (
 	"github.com/ratify-project/ratify/pkg/certificateprovider"
 	"github.com/ratify-project/ratify/pkg/certificateprovider/azurekeyvault/types"
 	"github.com/ratify-project/ratify/pkg/metrics"
+	"github.com/sirupsen/logrus"
 	"golang.org/x/crypto/pkcs12"
 
 	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
@@ -96,7 +97,7 @@ func (s *akvCertProvider) GetCertificates(ctx context.Context, attrib map[string
 
 	logger.GetLogger(ctx, logOpt).Debugf("vaultURI %s", keyvaultURI)
 
-	kvClientSecrets, err := initializeKvClient(azureCloudEnv.KeyVaultEndpoint, tenantID, workloadIdentityClientID)
+	kvClientSecrets, err := initializeKvClient(ctx, azureCloudEnv.KeyVaultEndpoint, tenantID, workloadIdentityClientID)
 	if err != nil {
 		return nil, nil, re.ErrorCodePluginInitFailure.NewError(re.CertProvider, providerName, re.AKVLink, err, "failed to get keyvault client", re.HideStackTrace)
 	}
@@ -209,9 +210,11 @@ func parseAzureEnvironment(cloudName string) (*azure.Environment, error) {
 	return &env, err
 }
 
-func initializeKvClient(keyVaultEndpoint, tenantID, clientID string) (*azsecrets.Client, error) {
+func initializeKvClient(ctx context.Context, keyVaultEndpoint, tenantID, clientID string) (*azsecrets.Client, error) {
 	// Trim any trailing slash from the endpoint
 	kvEndpoint := strings.TrimSuffix(keyVaultEndpoint, "/")
+	logger.GetLogger(ctx, logOpt).Infof("kvEndpoint: '%s'", kvEndpoint)
+	logrus.WithContext(ctx).Infof("kvEndpoint: '%s'", kvEndpoint)
 
 	// Create the workload identity credential for authentication
 	credential, err := azidentity.NewWorkloadIdentityCredential(&azidentity.WorkloadIdentityCredentialOptions{
@@ -221,24 +224,28 @@ func initializeKvClient(keyVaultEndpoint, tenantID, clientID string) (*azsecrets
 	if err != nil {
 		return nil, re.ErrorCodeAuthDenied.WithDetail("failed to create workload identity credential").WithRemediation(re.AKVLink).WithError(err)
 	}
+	logger.GetLogger(ctx, logOpt).Infof("credential created successfully")
 
 	// create azsecrets client
 	kvClientSecrets, err := azsecrets.NewClient(kvEndpoint, credential, nil)
 	if err != nil {
 		return nil, re.ErrorCodeConfigInvalid.WithDetail("Failed to create Key Vault client").WithRemediation(re.AKVLink).WithError(err)
 	}
+	logger.GetLogger(ctx, logOpt).Infof("azsecrets kvclient created successfully")
 
 	return kvClientSecrets, nil
 }
 
 // Parse the secret bundle and return an array of certificates
 // In a certificate chain scenario, all certificates from root to leaf will be returned
 func getCertsFromSecretBundle(ctx context.Context, secretBundle azsecrets.SecretBundle, certName string) ([]*x509.Certificate, []map[string]string, error) {
+	logger.GetLogger(ctx, logOpt).Debugf("running getCertFromSecretBundle")
 	if secretBundle.ContentType == nil || secretBundle.Value == nil || secretBundle.ID == nil {
 		return nil, nil, re.ErrorCodeCertInvalid.NewError(re.CertProvider, providerName, re.EmptyLink, nil, "found invalid secret bundle for certificate  %s, contentType, value, and id must not be nil", re.HideStackTrace)
 	}
 
 	version := getObjectVersion(string(*secretBundle.ID))
+	logger.GetLogger(ctx, logOpt).Debugf("version: '%s'", version)
 
 	// This aligns with notation akv implementation
 	// akv plugin supports both PKCS12 and PEM. https://github.com/Azure/notation-azure-kv/blob/558e7345ef8318783530de6a7a0a8420b9214ba8/Notation.Plugin.AzureKeyVault/KeyVault/KeyVaultClient.cs#L192

diff --git a/pkg/certificateprovider/azurekeyvault/provider_test.go b/pkg/certificateprovider/azurekeyvault/provider_test.go
@@ -101,7 +101,7 @@ func SkipTestInitializeKVClient(t *testing.T) {
 	}
 
 	for i := range testEnvs {
-		kvClientSecrets, err := initializeKvClient(testEnvs[i].KeyVaultEndpoint, "", "")
+		kvClientSecrets, err := initializeKvClient(context.TODO(), testEnvs[i].KeyVaultEndpoint, "", "")
 		assert.NoError(t, err)
 		assert.NotNil(t, kvClientSecrets)
 		// assert.NotNil(t, kvBaseClient.Authorizer)

diff --git a/pkg/keymanagementprovider/azurekeyvault/provider.go b/pkg/keymanagementprovider/azurekeyvault/provider.go
@@ -36,6 +36,7 @@ import (
 	"github.com/ratify-project/ratify/pkg/keymanagementprovider/config"
 	"github.com/ratify-project/ratify/pkg/keymanagementprovider/factory"
 	"github.com/ratify-project/ratify/pkg/metrics"
+	"github.com/sirupsen/logrus"
 	"golang.org/x/crypto/pkcs12"
 
 	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
@@ -127,7 +128,7 @@ func (f *akvKMProviderFactory) Create(_ string, keyManagementProviderConfig conf
 
 	logger.GetLogger(context.Background(), logOpt).Debugf("vaultURI %s", provider.vaultURI)
 
-	kvClientKeys, kvClientSecrets, err := initKVClient(provider.cloudEnv.KeyVaultEndpoint, provider.tenantID, provider.clientID)
+	kvClientKeys, kvClientSecrets, err := initKVClient(context.Background(), provider.cloudEnv.KeyVaultEndpoint, provider.tenantID, provider.clientID)
 	if err != nil {
 		return nil, re.ErrorCodePluginInitFailure.NewError(re.KeyManagementProvider, ProviderName, re.AKVLink, err, "failed to create keyvault client", re.HideStackTrace)
 	}
@@ -233,9 +234,11 @@ func parseAzureEnvironment(cloudName string) (*azure.Environment, error) {
 	return &env, err
 }
 
-func initializeKvClient(keyVaultEndpoint, tenantID, clientID string) (*azkeys.Client, *azsecrets.Client, error) {
+func initializeKvClient(ctx context.Context, keyVaultEndpoint, tenantID, clientID string) (*azkeys.Client, *azsecrets.Client, error) {
 	// Trim any trailing slash from the endpoint
 	kvEndpoint := strings.TrimSuffix(keyVaultEndpoint, "/")
+	logger.GetLogger(ctx, logOpt).Infof("kvEndpoint: '%s'", kvEndpoint)
+	logrus.WithContext(ctx).Infof("kvEndpoint: '%s'", kvEndpoint)
 
 	// Create the workload identity credential for authentication
 	credential, err := azidentity.NewWorkloadIdentityCredential(&azidentity.WorkloadIdentityCredentialOptions{
@@ -245,17 +248,23 @@ func initializeKvClient(keyVaultEndpoint, tenantID, clientID string) (*azkeys.Cl
 	if err != nil {
 		return nil, nil, re.ErrorCodeAuthDenied.WithDetail("failed to create workload identity credential").WithRemediation(re.AKVLink).WithError(err)
 	}
+	logger.GetLogger(ctx, logOpt).Infof("credential created successfully")
+	logrus.WithContext(ctx).Infof("credential created successfully")
 
 	// create azkeys client
 	kvClientKeys, err := azkeys.NewClient(kvEndpoint, credential, nil)
 	if err != nil {
 		return nil, nil, re.ErrorCodeConfigInvalid.WithDetail("Failed to create Key Vault client").WithRemediation(re.AKVLink).WithError(err)
 	}
+	logger.GetLogger(ctx, logOpt).Infof("azkeys kvclient created successfully")
+	logrus.WithContext(ctx).Infof("azkeys kvclient created successfully")
 	// create azsecrets client
 	kvClientSecrets, err := azsecrets.NewClient(kvEndpoint, credential, nil)
 	if err != nil {
 		return nil, nil, re.ErrorCodeConfigInvalid.WithDetail("Failed to create Key Vault client").WithRemediation(re.AKVLink).WithError(err)
 	}
+	logger.GetLogger(ctx, logOpt).Infof("azsecrets kvclient created successfully")
+	logrus.WithContext(ctx).Infof("azsecrets kvclient created successfully")
 
 	return kvClientKeys, kvClientSecrets, nil
 }

diff --git a/pkg/keymanagementprovider/azurekeyvault/provider_test.go b/pkg/keymanagementprovider/azurekeyvault/provider_test.go
@@ -64,7 +64,7 @@ func SkipTestInitializeKVClient(t *testing.T) {
 	}
 
 	for i := range testEnvs {
-		kvClientkeys, kvClientSecrets, err := initializeKvClient(testEnvs[i].KeyVaultEndpoint, "", "")
+		kvClientkeys, kvClientSecrets, err := initializeKvClient(context.TODO(), testEnvs[i].KeyVaultEndpoint, "", "")
 		assert.NoError(t, err)
 		assert.NotNil(t, kvClientkeys)
 		assert.NotNil(t, kvClientSecrets)
@@ -176,7 +176,7 @@ func TestCreate(t *testing.T) {
 	}
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			initKVClient = func(_, _, _ string) (*azkeys.Client, *azsecrets.Client, error) {
+			initKVClient = func(_ context.Context, _, _, _ string) (*azkeys.Client, *azsecrets.Client, error) {
 				return &azkeys.Client{}, &azsecrets.Client{}, nil
 			}
 			_, err := factory.Create("v1", tc.config, "")
@@ -227,7 +227,7 @@ func TestGetKeys(t *testing.T) {
 		},
 	}
 
-	initKVClient = func(_, _, _ string) (*azkeys.Client, *azsecrets.Client, error) {
+	initKVClient = func(_ context.Context, _, _, _ string) (*azkeys.Client, *azsecrets.Client, error) {
 		return &azkeys.Client{}, &azsecrets.Client{}, nil
 	}
 	provider, err := factory.Create("v1", config, "")
@@ -550,7 +550,7 @@ func TestInitializeKvClient(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			_, _, err := initializeKvClient(tt.kvEndpoint, tt.tenantID, tt.clientID)
+			_, _, err := initializeKvClient(context.Background(), tt.kvEndpoint, tt.tenantID, tt.clientID)
 			if tt.expectedErr != (err != nil) {
 				t.Fatalf("expected error: %v, got: %v", tt.expectedErr, err)
 			}