Add debug logging configuration and env option for eventhandler (#42169)

* Add debug logging configuration and env option for eventhandler

* moved debug logger setting to highest level

* fix helm test

* remove unused variable setting

* lint fix for eventhandler

* drop EnableDebugLogging and use Debug only

* line changes

Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com>

---------

Co-authored-by: Steven Martin <stevenmartin@stevens-mbp.lan>
Co-authored-by: Tiago Silva <tiago.silva@goteleport.com>
Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com>

examples/chart/event-handler/templates/configmap.yaml

@@ -10,6 +10,7 @@ data:
     timeout = {{ .Values.eventHandler.timeout | toJson }}
     batch = {{ .Values.eventHandler.batch }}
     window-size = {{ default "24h" .Values.eventHandler.windowSize | quote }}
+    debug = {{ default "false" .Values.eventHandler.debug }}
 
     [teleport]
     addr = "{{ .Values.teleport.address }}"

examples/chart/event-handler/tests/__snapshot__/configmap_test.yaml.snap

@@ -7,6 +7,7 @@ should match the snapshot:
         timeout = "10s"
         batch = 20
         window-size = "24h"
+        debug = false
 
         [teleport]
         addr = "teleport.example.com:1234"

examples/chart/event-handler/values.schema.json

@@ -282,7 +282,8 @@
                 {
                     "address": "auth.example.com:3025",
                     "identitySecretName": "teleport-plugin-event-handler-auth-id",
-                    "identitySecretPath": "auth_id"
+                    "identitySecretPath": "auth_id",
+                    "debug": false
                 }
             ],
             "required": [
@@ -329,7 +330,8 @@
                     "storagePath": "/var/lib/teleport/plugins/event-handler/storage",
                     "timeout": "10s",
                     "batch": 20,
-                    "window-size": "12h"
+                    "window-size": "12h",
+                    "debug": false
                 }
             ],
             "required": [
@@ -360,6 +362,14 @@
                     "$id": "#/properties/eventHandler/properties/window-size",
                     "type": "string",
                     "default": "24h"
+                },
+                "debug": {
+                    "$id": "#/properties/eventHandler/properties/debug",
+                    "type": "boolean",
+                    "default": false,
+                    "examples": [
+                        false
+                    ]
                 }
             },
             "additionalProperties": true

examples/chart/event-handler/values.yaml

@@ -20,6 +20,8 @@ eventHandler:
   # for the default window size.
   # The window size should be specified as a duration string, parsed by Go's time.ParseDuration.
   windowSize: "24h"
+  # Optional setting to enable debug logging
+  # debugLogger: true
 
 fluentd:
   url: ""

integrations/event-handler/cli.go

@@ -214,7 +214,7 @@ type CLI struct {
 	Config kong.ConfigFlag `help:"Path to TOML configuration file" optional:"true" short:"c" type:"existingfile" env:"FDFWD_CONFIG"`
 
 	// Debug is a debug logging mode flag
-	Debug bool `help:"Debug logging" short:"d"`
+	Debug bool `help:"Debug logging" short:"d" env:"FDFWD_DEBUG"`
 
 	// Version is the version print command
 	Version struct{} `cmd:"true" help:"Print plugin version"`

integrations/event-handler/cli_test.go

@@ -36,40 +36,119 @@ func TestStartCmdConfig(t *testing.T) {
 		name string
 		args []string
 
-		want StartCmdConfig
+		want CLI
 	}{
 		{
 			name: "standard",
 			args: []string{"start", "--config", "testdata/config.toml"},
-			want: StartCmdConfig{
-				FluentdConfig: FluentdConfig{
-					FluentdURL:        "https://localhost:8888/test.log",
-					FluentdSessionURL: "https://localhost:8888/session",
-					FluentdCert:       path.Join(wd, "testdata", "fake-file"),
-					FluentdKey:        path.Join(wd, "testdata", "fake-file"),
-					FluentdCA:         path.Join(wd, "testdata", "fake-file"),
-				},
-				TeleportConfig: TeleportConfig{
-					TeleportAddr:            "localhost:3025",
-					TeleportIdentityFile:    path.Join(wd, "testdata", "fake-file"),
-					TeleportRefreshEnabled:  true,
-					TeleportRefreshInterval: 2 * time.Minute,
+			want: CLI{
+				Debug: false,
+				Start: StartCmdConfig{
+					FluentdConfig: FluentdConfig{
+						FluentdURL:        "https://localhost:8888/test.log",
+						FluentdSessionURL: "https://localhost:8888/session",
+						FluentdCert:       path.Join(wd, "testdata", "fake-file"),
+						FluentdKey:        path.Join(wd, "testdata", "fake-file"),
+						FluentdCA:         path.Join(wd, "testdata", "fake-file"),
+					},
+					TeleportConfig: TeleportConfig{
+						TeleportAddr:            "localhost:3025",
+						TeleportIdentityFile:    path.Join(wd, "testdata", "fake-file"),
+						TeleportRefreshEnabled:  true,
+						TeleportRefreshInterval: 2 * time.Minute,
+					},
+					IngestConfig: IngestConfig{
+						StorageDir:          "./storage",
+						BatchSize:           20,
+						SkipEventTypes:      map[string]struct{}{},
+						SkipSessionTypesRaw: []string{"print"},
+						SkipSessionTypes: map[string]struct{}{
+							"print": {},
+						},
+						Timeout:     10 * time.Second,
+						Concurrency: 5,
+						WindowSize:  24 * time.Hour,
+					},
+					LockConfig: LockConfig{
+						LockFailedAttemptsCount: 3,
+						LockPeriod:              time.Minute,
+					},
 				},
-				IngestConfig: IngestConfig{
-					StorageDir:          "./storage",
-					BatchSize:           20,
-					SkipEventTypes:      map[string]struct{}{},
-					SkipSessionTypesRaw: []string{"print"},
-					SkipSessionTypes: map[string]struct{}{
-						"print": {},
+			},
+		},
+		{
+			name: "standard with debug enabled flag",
+			args: []string{"--debug", "start", "--config", "testdata/config.toml"},
+			want: CLI{
+				Debug: true,
+				Start: StartCmdConfig{
+					FluentdConfig: FluentdConfig{
+						FluentdURL:        "https://localhost:8888/test.log",
+						FluentdSessionURL: "https://localhost:8888/session",
+						FluentdCert:       path.Join(wd, "testdata", "fake-file"),
+						FluentdKey:        path.Join(wd, "testdata", "fake-file"),
+						FluentdCA:         path.Join(wd, "testdata", "fake-file"),
+					},
+					TeleportConfig: TeleportConfig{
+						TeleportAddr:            "localhost:3025",
+						TeleportIdentityFile:    path.Join(wd, "testdata", "fake-file"),
+						TeleportRefreshEnabled:  true,
+						TeleportRefreshInterval: 2 * time.Minute,
+					},
+					IngestConfig: IngestConfig{
+						StorageDir:          "./storage",
+						BatchSize:           20,
+						SkipEventTypes:      map[string]struct{}{},
+						SkipSessionTypesRaw: []string{"print"},
+						SkipSessionTypes: map[string]struct{}{
+							"print": {},
+						},
+						Timeout:     10 * time.Second,
+						Concurrency: 5,
+						WindowSize:  24 * time.Hour,
+					},
+					LockConfig: LockConfig{
+						LockFailedAttemptsCount: 3,
+						LockPeriod:              time.Minute,
 					},
-					Timeout:     10 * time.Second,
-					Concurrency: 5,
-					WindowSize:  24 * time.Hour,
 				},
-				LockConfig: LockConfig{
-					LockFailedAttemptsCount: 3,
-					LockPeriod:              time.Minute,
+			},
+		},
+		{
+			name: "debug enabled",
+			args: []string{"start", "--config", "testdata/config-debug.toml"},
+			want: CLI{
+				Debug: true,
+				Start: StartCmdConfig{
+					FluentdConfig: FluentdConfig{
+						FluentdURL:        "https://localhost:8888/test.log",
+						FluentdSessionURL: "https://localhost:8888/session",
+						FluentdCert:       path.Join(wd, "testdata", "fake-file"),
+						FluentdKey:        path.Join(wd, "testdata", "fake-file"),
+						FluentdCA:         path.Join(wd, "testdata", "fake-file"),
+					},
+					TeleportConfig: TeleportConfig{
+						TeleportAddr:            "localhost:3025",
+						TeleportIdentityFile:    path.Join(wd, "testdata", "fake-file"),
+						TeleportRefreshEnabled:  true,
+						TeleportRefreshInterval: 2 * time.Minute,
+					},
+					IngestConfig: IngestConfig{
+						StorageDir:          "./storage",
+						BatchSize:           20,
+						SkipEventTypes:      map[string]struct{}{},
+						SkipSessionTypesRaw: []string{"print"},
+						SkipSessionTypes: map[string]struct{}{
+							"print": {},
+						},
+						Timeout:     10 * time.Second,
+						Concurrency: 5,
+						WindowSize:  24 * time.Hour,
+					},
+					LockConfig: LockConfig{
+						LockFailedAttemptsCount: 3,
+						LockPeriod:              time.Minute,
+					},
 				},
 			},
 		},
@@ -88,8 +167,10 @@ func TestStartCmdConfig(t *testing.T) {
 			require.NoError(t, err)
 			_, err = parser.Parse(tc.args)
 			require.NoError(t, err)
-
-			require.Equal(t, tc.want, cli.Start)
+			// reset config file and configure values since we only want to verify Start and Debug fields
+			cli.Config = ""
+			cli.Configure = ConfigureCmdConfig{}
+			require.Equal(t, tc.want, cli)
 		})
 	}
 }

integrations/event-handler/main.go

@@ -56,11 +56,7 @@ func main() {
 	)
 
 	if cli.Debug {
-		err := logger.Setup(logger.Config{Severity: "debug", Output: "stderr"})
-		if err != nil {
-			fmt.Println(trace.DebugReport(err))
-			os.Exit(-1)
-		}
+		enableLogDebug()
 	}
 
 	switch {
@@ -83,6 +79,15 @@ func main() {
 	}
 }
 
+// turn on log debugging
+func enableLogDebug() {
+	err := logger.Setup(logger.Config{Severity: "debug", Output: "stderr"})
+	if err != nil {
+		fmt.Println(trace.DebugReport(err))
+		os.Exit(-1)
+	}
+}
+
 // start spawns the main process
 func start() error {
 	app, err := NewApp(&cli.Start)

integrations/event-handler/testdata/config-debug.toml

@@ -0,0 +1,17 @@
+storage = "./storage" # Plugin will save its state here
+timeout = "10s"
+batch = 20
+debug = true
+
+[forward.fluentd]
+cert = "testdata/fake-file"
+key = "testdata/fake-file"
+ca = "testdata/fake-file"
+url = "https://localhost:8888/test.log"
+session-url = "https://localhost:8888/session"
+
+[teleport]
+addr = "localhost:3025"
+identity = "testdata/fake-file"
+refresh.enabled = true
+refresh.interval = "2m"