From e7684e7f6da7c789d03311fe2df855c687aa7fa6 Mon Sep 17 00:00:00 2001 From: Isman Firmansyah Date: Tue, 3 Jan 2023 19:16:56 +0700 Subject: [PATCH] feat(docker-jans): enable prefix and group for stdout logs (#3481) * feat(docker-jans): enable prefix and group for stdout logs * fix: add stdout log prefix Co-authored-by: moabu <47318409+moabu@users.noreply.github.com> --- .../charts/config/templates/configmaps.yaml | 4 ++ charts/janssen/values.yaml | 10 ++++- docker-jans-auth-server/Dockerfile | 8 ++-- docker-jans-auth-server/README.md | 6 +++ docker-jans-auth-server/jetty/log4j2.xml | 18 +++++++- docker-jans-auth-server/scripts/bootstrap.py | 9 +++- docker-jans-config-api/Dockerfile | 11 ++--- docker-jans-config-api/README.md | 16 +++++++- docker-jans-config-api/jetty/log4j2.xml | 41 ++++++++++++++++--- ...j2-adminui.xml.tmpl => log4j2-adminui.xml} | 9 ++-- docker-jans-config-api/scripts/bootstrap.py | 17 ++++++-- docker-jans-fido2/Dockerfile | 11 ++--- docker-jans-fido2/README.md | 6 +++ docker-jans-fido2/jetty/log4j2.xml | 8 +++- docker-jans-fido2/scripts/bootstrap.py | 12 ++++-- docker-jans-scim/Dockerfile | 11 ++--- docker-jans-scim/README.md | 6 +++ docker-jans-scim/jetty/log4j2.xml | 16 +++++++- docker-jans-scim/scripts/bootstrap.py | 9 +++- 19 files changed, 185 insertions(+), 43 deletions(-) rename docker-jans-config-api/plugins/admin-ui/{log4j2-adminui.xml.tmpl => log4j2-adminui.xml} (82%) diff --git a/charts/janssen/charts/config/templates/configmaps.yaml b/charts/janssen/charts/config/templates/configmaps.yaml index c1412bd6a36..ae22534c6d1 100644 --- a/charts/janssen/charts/config/templates/configmaps.yaml +++ b/charts/janssen/charts/config/templates/configmaps.yaml @@ -73,6 +73,7 @@ data: | replace "scriptLogLevel" "script_log_level" | replace "auditStatsLogTarget" "audit_log_target" | replace "auditStatsLogLevel" "audit_log_level" + | replace "enableStdoutLogPrefix" "enable_stdout_log_prefix" | squote }} {{- if index .Values "global" "config-api" "enabled" }} @@ -88,6 +89,7 @@ data: | replace "ldapStatsLogLevel" "ldap_stats_log_level" | replace "scriptLogTarget" "script_log_target" | replace "scriptLogLevel" "script_log_level" + | replace "enableStdoutLogPrefix" "enable_stdout_log_prefix" | squote }} {{- end }} @@ -152,6 +154,7 @@ data: | replace "ldapStatsLogLevel" "ldap_stats_log_level" | replace "scriptLogTarget" "script_log_target" | replace "scriptLogLevel" "script_log_level" + | replace "enableStdoutLogPrefix" "enable_stdout_log_prefix" | squote }} {{- end }} @@ -162,6 +165,7 @@ data: | replace "fido2LogLevel" "fido2_log_level" | replace "persistenceLogTarget" "persistence_log_target" | replace "persistenceLogLevel" "persistence_log_level" + | replace "enableStdoutLogPrefix" "enable_stdout_log_prefix" | squote }} {{- end }} diff --git a/charts/janssen/values.yaml b/charts/janssen/values.yaml index 3e47fe8379a..ac4466ae3a1 100644 --- a/charts/janssen/values.yaml +++ b/charts/janssen/values.yaml @@ -518,6 +518,8 @@ global: enabled: true # -- App loggers can be configured to define where the logs will be redirected to and the level of each in which it should be displayed. appLoggers: + # -- Enable log prefixing which enables prepending the STDOUT logs with the file name. i.e auth-server-script ===> 2022-12-20 17:49:55,744 INFO + enableStdoutLogPrefix: "true" # -- jans-auth.log target authLogTarget: "STDOUT" # -- jans-auth.log level @@ -611,13 +613,15 @@ global: enabled: true # -- App loggers can be configured to define where the logs will be redirected to and the level of each in which it should be displayed. appLoggers: + # -- Enable log prefixing which enables prepending the STDOUT logs with the file name. i.e config-api_persistence ===> 2022-12-20 17:49:55,744 INFO + enableStdoutLogPrefix: "true" # -- configapi.log target configApiLogTarget: "STDOUT" # -- configapi.log level configApiLogLevel: "INFO" # -- config-api_persistence.log target persistenceLogTarget: "FILE" - # -- jans-auth_persistence.log level + # -- config-api_persistence.log level persistenceLogLevel: "INFO" # -- config-api_persistence_duration.log target persistenceDurationLogTarget: "FILE" @@ -644,6 +648,8 @@ global: enabled: true # -- App loggers can be configured to define where the logs will be redirected to and the level of each in which it should be displayed. appLoggers: + # -- Enable log prefixing which enables prepending the STDOUT logs with the file name. i.e fido2 ===> 2022-12-20 17:49:55,744 INFO + enableStdoutLogPrefix: "true" # -- fido2.log target fido2LogTarget: "STDOUT" # -- fido2.log level @@ -693,6 +699,8 @@ global: enabled: true # -- App loggers can be configured to define where the logs will be redirected to and the level of each in which it should be displayed. appLoggers: + # -- Enable log prefixing which enables prepending the STDOUT logs with the file name. i.e jans-scim ===> 2022-12-20 17:49:55,744 INFO + enableStdoutLogPrefix: "true" # -- jans-scim.log target scimLogTarget: "STDOUT" # -- jans-scim.log level diff --git a/docker-jans-auth-server/Dockerfile b/docker-jans-auth-server/Dockerfile index 9c7d5b98cc4..ed11d9fc00b 100644 --- a/docker-jans-auth-server/Dockerfile +++ b/docker-jans-auth-server/Dockerfile @@ -15,7 +15,7 @@ RUN apk update \ # Jetty # ===== -ARG JETTY_VERSION=11.0.11 +ARG JETTY_VERSION=11.0.13 ARG JETTY_HOME=/opt/jetty ARG JETTY_BASE=/opt/jans/jetty ARG JETTY_USER_HOME_LIB=/home/jetty/lib @@ -67,7 +67,7 @@ RUN mkdir -p ${JETTY_BASE}/jans-auth/webapps \ && zip -d jans-auth.war WEB-INF/jetty-web.xml \ && zip -r jans-auth.war WEB-INF/jetty-env.xml \ && cp jans-auth.war ${JETTY_BASE}/jans-auth/webapps/jans-auth.war \ - && java -jar ${JETTY_HOME}/start.jar jetty.home=${JETTY_HOME} jetty.base=${JETTY_BASE}/jans-auth --add-module=server,deploy,annotations,resources,http,http-forwarded,threadpool,jsp,websocket,cdi-decorate,jmx,stats \ + && java -jar ${JETTY_HOME}/start.jar jetty.home=${JETTY_HOME} jetty.base=${JETTY_BASE}/jans-auth --add-module=server,deploy,annotations,resources,http,http-forwarded,threadpool,jsp,websocket,cdi-decorate,jmx,stats,logging-log4j2 --approve-all-licenses \ && rm -rf /tmp/jans-auth.war /tmp/WEB-INF # =========== @@ -274,7 +274,7 @@ RUN mkdir -p ${JETTY_BASE}/jans-auth/custom/pages \ COPY certs /etc/certs COPY jetty/jans-auth_web_resources.xml ${JETTY_BASE}/jans-auth/webapps/ COPY jetty/agama_web_resources.xml ${JETTY_BASE}/jans-auth/webapps/ -COPY jetty/log4j2.xml ${JETTY_BASE}/jans-auth/resources/ +COPY jetty/log4j2.xml /app/templates COPY conf/*.tmpl /app/templates/ COPY scripts /app/scripts RUN chmod +x /app/scripts/entrypoint.sh @@ -286,7 +286,7 @@ COPY --chown=1000:0 jetty/jans-auth.xml ${JETTY_BASE}/jans-auth/webapps/ # adjust ownership and permission RUN chmod -R g=u ${JETTY_BASE}/jans-auth/custom \ - && chmod -R g=u ${JETTY_BASE}/jans-auth/resources \ + && chmod 664 ${JETTY_BASE}/jans-auth/resources/log4j2.xml \ && chmod -R g=u ${JETTY_BASE}/jans-auth/logs \ && chmod -R g=u /etc/certs \ && chmod -R g=u /etc/jans \ diff --git a/docker-jans-auth-server/README.md b/docker-jans-auth-server/README.md index ddfde1c8459..8960783f103 100644 --- a/docker-jans-auth-server/README.md +++ b/docker-jans-auth-server/README.md @@ -138,6 +138,12 @@ The following key-value pairs are the defaults: } ``` +To enable prefix on `STDOUT` logging, set the `enable_stdout_log_prefix` key. Example: + +``` +{"auth_log_target":"STDOUT","script_log_target":"STDOUT","enable_stdout_log_prefix":true} +``` + ### Hybrid mapping As per v1.0.1, hybrid persistence supports all available persistence types. To configure hybrid persistence and its data mapping, follow steps below: diff --git a/docker-jans-auth-server/jetty/log4j2.xml b/docker-jans-auth-server/jetty/log4j2.xml index 8ed7a305a40..faea5ac828a 100644 --- a/docker-jans-auth-server/jetty/log4j2.xml +++ b/docker-jans-auth-server/jetty/log4j2.xml @@ -1,9 +1,12 @@ + + + - + @@ -100,53 +103,66 @@ + -http + -persistence + -persistence + -persistence + -persistence-duration + -persistence-duration + -persistence-duration + -ldap-stats + -script + -script + -script + -script + -audit diff --git a/docker-jans-auth-server/scripts/bootstrap.py b/docker-jans-auth-server/scripts/bootstrap.py index 95d68325be6..2bb65eb9fbd 100644 --- a/docker-jans-auth-server/scripts/bootstrap.py +++ b/docker-jans-auth-server/scripts/bootstrap.py @@ -20,6 +20,7 @@ from jans.pycloudlib.utils import cert_to_truststore from jans.pycloudlib.utils import get_server_certificate from jans.pycloudlib.utils import generate_keystore +from jans.pycloudlib.utils import as_boolean from keystore_mod import modify_keystore_path @@ -251,6 +252,7 @@ def configure_logging(): "script_log_level": "INFO", "audit_log_target": "FILE", "audit_log_level": "INFO", + "log_prefix": "", } # pre-populate custom config; format is JSON string of ``dict`` @@ -300,10 +302,13 @@ def configure_logging(): if config[key] == "FILE": config[key] = value - logfile = "/opt/jans/jetty/jans-auth/resources/log4j2.xml" - with open(logfile) as f: + if as_boolean(custom_config.get("enable_stdout_log_prefix")): + config["log_prefix"] = "${sys:log.console.prefix}%X{log.console.group} - " + + with open("/app/templates/log4j2.xml") as f: txt = f.read() + logfile = "/opt/jans/jetty/jans-auth/resources/log4j2.xml" tmpl = Template(txt) with open(logfile, "w") as f: f.write(tmpl.safe_substitute(config)) diff --git a/docker-jans-config-api/Dockerfile b/docker-jans-config-api/Dockerfile index f75c86d7e51..da7007bdad0 100644 --- a/docker-jans-config-api/Dockerfile +++ b/docker-jans-config-api/Dockerfile @@ -15,7 +15,7 @@ RUN apk update \ # Jetty # ===== -ARG JETTY_VERSION=11.0.11 +ARG JETTY_VERSION=11.0.13 ARG JETTY_HOME=/opt/jetty ARG JETTY_BASE=/opt/jans/jetty ARG JETTY_USER_HOME_LIB=/home/jetty/lib @@ -54,7 +54,7 @@ RUN mkdir -p ${JETTY_BASE}/jans-config-api/webapps \ && zip -d jans-config-api.war WEB-INF/jetty-web.xml \ && zip -r jans-config-api.war WEB-INF/jetty-env.xml \ && cp jans-config-api.war ${JETTY_BASE}/jans-config-api/webapps/jans-config-api.war \ - && java -jar ${JETTY_HOME}/start.jar jetty.home=${JETTY_HOME} jetty.base=${JETTY_BASE}/jans-config-api --add-module=server,deploy,annotations,resources,http,http-forwarded,threadpool,jsp,websocket,cdi-decorate,jmx,stats \ + && java -jar ${JETTY_HOME}/start.jar jetty.home=${JETTY_HOME} jetty.base=${JETTY_BASE}/jans-config-api --add-module=server,deploy,annotations,resources,http,http-forwarded,threadpool,jsp,websocket,cdi-decorate,jmx,stats,logging-log4j2 --approve-all-licenses \ && rm -rf /tmp/jans-config-api.war /tmp/WEB-INF # Ports exposed by config-api @@ -256,7 +256,7 @@ RUN mkdir -p /etc/certs \ ${JETTY_BASE}/common/libs/couchbase RUN touch /etc/hosts.back -COPY jetty/log4j2.xml ${JETTY_BASE}/jans-config-api/resources/ +COPY jetty/log4j2.xml /app/templates/ COPY conf/*.tmpl /app/templates/ COPY plugins /app/plugins COPY templates /app/templates @@ -273,7 +273,7 @@ COPY --chown=1000:0 jetty/jans-config-api.xml ${JETTY_BASE}/jans-config-api/weba # adjust ownership and permission RUN chmod -R g=u ${JETTY_BASE}/jans-config-api/custom \ - && chmod -R g=u ${JETTY_BASE}/jans-config-api/resources \ + && chmod 664 ${JETTY_BASE}/jans-config-api/resources/log4j2.xml \ && chmod -R g=u ${JETTY_BASE}/jans-config-api/logs \ && chmod -R g=u /etc/certs \ && chmod -R g=u /etc/jans \ @@ -284,7 +284,8 @@ RUN chmod -R g=u ${JETTY_BASE}/jans-config-api/custom \ && chmod -R g=u /app/templates/jans-config-api \ && chown -R 1000:0 ${JETTY_BASE}/common/libs \ && chown -R 1000:0 /usr/share/java \ - && chown -R 1000:0 /opt/prometheus + && chown -R 1000:0 /opt/prometheus \ + && chown -R 1000:0 /app/plugins USER 1000 diff --git a/docker-jans-config-api/README.md b/docker-jans-config-api/README.md index b61040f6b5e..aa2a0a44b52 100644 --- a/docker-jans-config-api/README.md +++ b/docker-jans-config-api/README.md @@ -127,10 +127,18 @@ The following key-value pairs are the defaults: "ldap_stats_log_target": "FILE", "ldap_stats_log_level": "INFO", "script_log_target": "FILE", - "script_log_level": "INFO" + "script_log_level": "INFO", + "audit_log_target": "FILE", + "audit_log_level": "INFO" } ``` +To enable prefix on `STDOUT` logging, set the `enable_stdout_log_prefix` key. Example: + +``` +{"config_api_log_target":"STDOUT","script_log_target":"STDOUT","enable_stdout_log_prefix":true} +``` + ### Configure plugin loggers Plugin loggers can be configured to define where the logs will be redirected and what is the level the logs should be displayed. @@ -160,6 +168,12 @@ The following key-value pairs are the defaults: } ``` +To enable prefix on `STDOUT` logging, set the `enable_stdout_log_prefix` key. Example: + +``` +{"admin_ui_log_target":"STDOUT","enable_stdout_log_prefix":true} +``` + ### Hybrid mapping As per v1.0.1, hybrid persistence supports all available persistence types. To configure hybrid persistence and its data mapping, follow steps below: diff --git a/docker-jans-config-api/jetty/log4j2.xml b/docker-jans-config-api/jetty/log4j2.xml index 4622fd48627..078be8415eb 100644 --- a/docker-jans-config-api/jetty/log4j2.xml +++ b/docker-jans-config-api/jetty/log4j2.xml @@ -1,8 +1,11 @@ + + + - + @@ -14,6 +17,15 @@ + + + + + + + + + @@ -60,53 +72,70 @@ + + -audit + + + + -persistence + -persistence - + + -persistence - + + -persistence-duration + -persistence-duration + -persistence-duration + -ldap-stats + -script + -script + -script - + + -script - + - + + diff --git a/docker-jans-config-api/plugins/admin-ui/log4j2-adminui.xml.tmpl b/docker-jans-config-api/plugins/admin-ui/log4j2-adminui.xml similarity index 82% rename from docker-jans-config-api/plugins/admin-ui/log4j2-adminui.xml.tmpl rename to docker-jans-config-api/plugins/admin-ui/log4j2-adminui.xml index 0a246703c20..b5fbad21ce9 100644 --- a/docker-jans-config-api/plugins/admin-ui/log4j2-adminui.xml.tmpl +++ b/docker-jans-config-api/plugins/admin-ui/log4j2-adminui.xml @@ -1,9 +1,12 @@ + + + - + @@ -31,11 +34,11 @@ - + /admin-ui-audit - + /admin-ui diff --git a/docker-jans-config-api/scripts/bootstrap.py b/docker-jans-config-api/scripts/bootstrap.py index 0947a0c5ca3..00fbd9e6c03 100644 --- a/docker-jans-config-api/scripts/bootstrap.py +++ b/docker-jans-config-api/scripts/bootstrap.py @@ -165,6 +165,9 @@ def configure_logging(): "ldap_stats_log_level": "INFO", "script_log_target": "FILE", "script_log_level": "INFO", + "audit_log_target": "FILE", + "audit_log_level": "INFO", + "log_prefix": "", } # pre-populate custom config; format is JSON string of ``dict`` @@ -207,6 +210,7 @@ def configure_logging(): "persistence_duration_log_target": "JANS_CONFIGAPI_PERSISTENCE_DURATION_FILE", "ldap_stats_log_target": "JANS_CONFIGAPI_PERSISTENCE_LDAP_STATISTICS_FILE", "script_log_target": "JANS_CONFIGAPI_SCRIPT_LOG_FILE", + "audit_log_target": "AUDIT_FILE", } for key, value in config.items(): @@ -218,10 +222,13 @@ def configure_logging(): else: config[key] = file_aliases[key] - logfile = "/opt/jans/jetty/jans-config-api/resources/log4j2.xml" - with open(logfile) as f: + if as_boolean(custom_config.get("enable_stdout_log_prefix")): + config["log_prefix"] = "${sys:log.console.prefix}%X{log.console.group} - " + + with open("/app/templates/log4j2.xml") as f: txt = f.read() + logfile = "/opt/jans/jetty/jans-config-api/resources/log4j2.xml" tmpl = Template(txt) with open(logfile, "w") as f: f.write(tmpl.safe_substitute(config)) @@ -234,6 +241,7 @@ def configure_admin_ui_logging(): "admin_ui_log_level": "INFO", "admin_ui_audit_log_target": "FILE", "admin_ui_audit_log_level": "INFO", + "log_prefix": "", } # pre-populate custom config; format is JSON string of ``dict`` @@ -284,7 +292,10 @@ def configure_admin_ui_logging(): else: config[key] = file_aliases[key] - with open("/app/plugins/admin-ui/log4j2-adminui.xml.tmpl") as f: + if as_boolean(custom_config.get("enable_stdout_log_prefix")): + config["log_prefix"] = "${sys:log.console.prefix}%X{log.console.group} - " + + with open("/app/plugins/admin-ui/log4j2-adminui.xml") as f: txt = f.read() tmpl = Template(txt) diff --git a/docker-jans-fido2/Dockerfile b/docker-jans-fido2/Dockerfile index 0fb29b68864..4cc40ac746d 100644 --- a/docker-jans-fido2/Dockerfile +++ b/docker-jans-fido2/Dockerfile @@ -15,7 +15,7 @@ RUN apk update \ # Jetty # ===== -ARG JETTY_VERSION=11.0.11 +ARG JETTY_VERSION=11.0.13 ARG JETTY_HOME=/opt/jetty ARG JETTY_BASE=/opt/jans/jetty ARG JETTY_USER_HOME_LIB=/home/jetty/lib @@ -47,7 +47,7 @@ RUN mkdir -p ${JETTY_BASE}/jans-fido2/webapps \ && zip -d jans-fido2.war WEB-INF/jetty-web.xml \ && zip -r jans-fido2.war WEB-INF/jetty-env.xml \ && cp jans-fido2.war ${JETTY_BASE}/jans-fido2/webapps/jans-fido2.war \ - && java -jar ${JETTY_HOME}/start.jar jetty.home=${JETTY_HOME} jetty.base=${JETTY_BASE}/jans-fido2 --add-module=server,deploy,resources,http,http-forwarded,threadpool,jsp,cdi-decorate,jmx,stats \ + && java -jar ${JETTY_HOME}/start.jar jetty.home=${JETTY_HOME} jetty.base=${JETTY_BASE}/jans-fido2 --add-module=server,deploy,resources,http,http-forwarded,threadpool,jsp,cdi-decorate,jmx,stats,logging-log4j2 --approve-all-licenses \ && rm -rf /tmp/jans-fido2.war /tmp/WEB-INF # ===================== @@ -222,8 +222,7 @@ RUN mkdir -p /etc/certs \ ${JETTY_BASE}/common/libs/couchbase \ /usr/share/java -COPY --chown=1000:0 jetty/jans-fido2.xml ${JETTY_BASE}/jans-fido2/webapps/ -COPY jetty/log4j2.xml ${JETTY_BASE}/jans-fido2/resources/ +COPY jetty/log4j2.xml /app/templates/ COPY conf/*.tmpl /app/templates/ COPY scripts /app/scripts @@ -232,8 +231,10 @@ RUN chmod +x /app/scripts/entrypoint.sh # create non-root user RUN adduser -s /bin/sh -D -G root -u 1000 jetty +COPY --chown=1000:0 jetty/jans-fido2.xml ${JETTY_BASE}/jans-fido2/webapps/ + # adjust ownership and permission -RUN chmod -R g=u ${JETTY_BASE}/jans-fido2/resources \ +RUN chmod 664 ${JETTY_BASE}/jans-fido2/resources/log4j2.xml \ && chmod -R g=u ${JETTY_BASE}/jans-fido2/logs \ && chmod -R g=u /etc/certs \ && chmod -R g=u /etc/jans \ diff --git a/docker-jans-fido2/README.md b/docker-jans-fido2/README.md index 4a0dd1e03fd..d10610e6ac6 100644 --- a/docker-jans-fido2/README.md +++ b/docker-jans-fido2/README.md @@ -117,6 +117,12 @@ The following key-value pairs are the defaults: } ``` +To enable prefix on `STDOUT` logging, set the `enable_stdout_log_prefix` key. Example: + +``` +{"fido2_log_target":"STDOUT","persistence_log_target":"STDOUT","enable_stdout_log_prefix":true} +``` + ### Hybrid mapping As per v1.0.1, hybrid persistence supports all available persistence types. To configure hybrid persistence and its data mapping, follow steps below: diff --git a/docker-jans-fido2/jetty/log4j2.xml b/docker-jans-fido2/jetty/log4j2.xml index 78dba87e737..e7e90925c33 100644 --- a/docker-jans-fido2/jetty/log4j2.xml +++ b/docker-jans-fido2/jetty/log4j2.xml @@ -1,9 +1,12 @@ + + + - + @@ -37,14 +40,17 @@ + -persistence + -persistence + -persistence diff --git a/docker-jans-fido2/scripts/bootstrap.py b/docker-jans-fido2/scripts/bootstrap.py index 45f3d9a3aa3..6bbe585bdae 100644 --- a/docker-jans-fido2/scripts/bootstrap.py +++ b/docker-jans-fido2/scripts/bootstrap.py @@ -21,7 +21,9 @@ from jans.pycloudlib.persistence.spanner import SpannerClient from jans.pycloudlib.persistence.sql import SqlClient from jans.pycloudlib.persistence.utils import PersistenceMapper -from jans.pycloudlib.utils import cert_to_truststore, generate_base64_contents +from jans.pycloudlib.utils import cert_to_truststore +from jans.pycloudlib.utils import generate_base64_contents +from jans.pycloudlib.utils import as_boolean from settings import LOGGING_CONFIG @@ -134,6 +136,7 @@ def configure_logging(): "fido2_log_level": "INFO", "persistence_log_target": "FILE", "persistence_log_level": "INFO", + "log_prefix": "", } # pre-populate custom config; format is JSON string of ``dict`` @@ -178,10 +181,13 @@ def configure_logging(): if config[key] == "FILE": config[key] = value - logfile = "/opt/jans/jetty/jans-fido2/resources/log4j2.xml" - with open(logfile) as f: + if as_boolean(custom_config.get("enable_stdout_log_prefix")): + config["log_prefix"] = "${sys:log.console.prefix}%X{log.console.group} - " + + with open("/app/templates/log4j2.xml") as f: txt = f.read() + logfile = "/opt/jans/jetty/jans-fido2/resources/log4j2.xml" tmpl = Template(txt) with open(logfile, "w") as f: f.write(tmpl.safe_substitute(config)) diff --git a/docker-jans-scim/Dockerfile b/docker-jans-scim/Dockerfile index d2ec607fde2..355d1c0bbed 100644 --- a/docker-jans-scim/Dockerfile +++ b/docker-jans-scim/Dockerfile @@ -15,7 +15,7 @@ RUN apk update \ # Jetty # ===== -ARG JETTY_VERSION=11.0.11 +ARG JETTY_VERSION=11.0.13 ARG JETTY_HOME=/opt/jetty ARG JETTY_BASE=/opt/jans/jetty ARG JETTY_USER_HOME_LIB=/home/jetty/lib @@ -57,7 +57,7 @@ RUN mkdir -p ${JETTY_BASE}/jans-scim/webapps \ && zip -d jans-scim.war WEB-INF/jetty-web.xml \ && zip -r jans-scim.war WEB-INF/jetty-env.xml \ && cp jans-scim.war ${JETTY_BASE}/jans-scim/webapps/jans-scim.war \ - && java -jar ${JETTY_HOME}/start.jar jetty.home=${JETTY_HOME} jetty.base=${JETTY_BASE}/jans-scim --add-module=server,deploy,resources,http,http-forwarded,jsp,websocket,cdi-decorate,jmx,stats \ + && java -jar ${JETTY_HOME}/start.jar jetty.home=${JETTY_HOME} jetty.base=${JETTY_BASE}/jans-scim --add-module=server,deploy,resources,http,http-forwarded,jsp,websocket,cdi-decorate,jmx,stats,logging-log4j2 --approve-all-licenses \ && rm -rf /tmp/jans-scim.war /tmp/WEB-INF # ====== @@ -225,8 +225,7 @@ RUN mkdir -p /etc/certs \ ${JETTY_BASE}/common/libs/couchbase \ /usr/share/java -COPY --chown=1000:0 jetty/jans-scim.xml ${JETTY_BASE}/jans-scim/webapps/ -COPY jetty/log4j2.xml ${JETTY_BASE}/jans-scim/resources/ +COPY jetty/log4j2.xml /app/templates/ COPY conf/*.tmpl /app/templates/ COPY templates /app/templates @@ -236,8 +235,10 @@ RUN chmod +x /app/scripts/entrypoint.sh # create non-root user RUN adduser -s /bin/sh -D -G root -u 1000 jetty +COPY --chown=1000:0 jetty/jans-scim.xml ${JETTY_BASE}/jans-scim/webapps/ + # adjust ownership -RUN chmod -R g=u ${JETTY_BASE}/jans-scim/resources \ +RUN chmod 664 ${JETTY_BASE}/jans-scim/resources/log4j2.xml \ && chmod -R g=u ${JETTY_BASE}/jans-scim/logs \ && chmod -R g=u /etc/certs \ && chmod -R g=u /etc/jans \ diff --git a/docker-jans-scim/README.md b/docker-jans-scim/README.md index d8d2173598e..635b11fb3ec 100644 --- a/docker-jans-scim/README.md +++ b/docker-jans-scim/README.md @@ -123,6 +123,12 @@ The following key-value pairs are the defaults: } ``` +To enable prefix on `STDOUT` logging, set the `enable_stdout_log_prefix` key. Example: + +``` +{"scim_log_target":"STDOUT","persistence_log_target":"STDOUT","enable_stdout_log_prefix":true} +``` + ### Hybrid mapping As per v1.0.1, hybrid persistence supports all available persistence types. To configure hybrid persistence and its data mapping, follow steps below: diff --git a/docker-jans-scim/jetty/log4j2.xml b/docker-jans-scim/jetty/log4j2.xml index 7be20c7343c..b1c701abbed 100644 --- a/docker-jans-scim/jetty/log4j2.xml +++ b/docker-jans-scim/jetty/log4j2.xml @@ -1,8 +1,11 @@ + + + - + @@ -62,45 +65,56 @@ + -persistence + -persistence + -persistence + -persistence-duration + -persistence-duration + -persistence-duration + -ldap-stats + -script + -script + -script + -script diff --git a/docker-jans-scim/scripts/bootstrap.py b/docker-jans-scim/scripts/bootstrap.py index 6ec93a83f3c..77222d884a4 100644 --- a/docker-jans-scim/scripts/bootstrap.py +++ b/docker-jans-scim/scripts/bootstrap.py @@ -30,6 +30,7 @@ from jans.pycloudlib.utils import encode_text from jans.pycloudlib.utils import generate_base64_contents from jans.pycloudlib.utils import get_random_chars +from jans.pycloudlib.utils import as_boolean from settings import LOGGING_CONFIG from utils import parse_swagger_file @@ -155,6 +156,7 @@ def configure_logging(): "ldap_stats_log_level": "INFO", "script_log_target": "FILE", "script_log_level": "INFO", + "log_prefix": "", } # pre-populate custom config; format is JSON string of ``dict`` @@ -202,10 +204,13 @@ def configure_logging(): if config[key] == "FILE": config[key] = value - logfile = "/opt/jans/jetty/jans-scim/resources/log4j2.xml" - with open(logfile) as f: + if as_boolean(custom_config.get("enable_stdout_log_prefix")): + config["log_prefix"] = "${sys:log.console.prefix}%X{log.console.group} - " + + with open("/app/templates/log4j2.xml") as f: txt = f.read() + logfile = "/opt/jans/jetty/jans-scim/resources/log4j2.xml" tmpl = Template(txt) with open(logfile, "w") as f: f.write(tmpl.safe_substitute(config))