fix: initial creation of child logging

package.json

@@ -16,7 +16,7 @@
     "name": "UDS Core",
     "uuid": "uds-core",
     "onError": "reject",
-    "logLevel": "debug",
+    "logLevel": "info",
     "alwaysIgnore": {
       "namespaces": [
         "uds-dev-stack",
@@ -27,7 +27,8 @@
     "env": {
       "UDS_DOMAIN": "###ZARF_VAR_DOMAIN###",
       "UDS_ALLOW_ALL_NS_EXEMPTIONS": "###ZARF_VAR_ALLOW_ALL_NS_EXEMPTIONS###",
-      "UDS_SINGLE_TEST": "###ZARF_VAR_UDS_SINGLE_TEST###"
+      "UDS_SINGLE_TEST": "###ZARF_VAR_UDS_SINGLE_TEST###",
+      "UDS_LOG_LEVEL": "###ZARF_VAR_UDS_LOG_LEVEL###"
     }
   },
   "scripts": {

src/pepr/config.ts

@@ -1,4 +1,4 @@
-import { Log } from "pepr";
+import { childLog } from "./logger";
 
 let domain = process.env.UDS_DOMAIN;
 
@@ -16,10 +16,12 @@ export const UDSConfig = {
   allowAllNSExemptions: process.env.UDS_ALLOW_ALL_NS_EXEMPTIONS === "true",
 };
 
-Log.info(UDSConfig, "Loaded UDS Config");
+// configure subproject logger
+const log = childLog("UDS Config");
+log.info(UDSConfig, "Loaded UDS Config");
 
 if (UDSConfig.isSingleTest) {
-  Log.warn(
+  log.warn(
     "Running in single test mode, this will change the behavior of the operator and should only be used for UDS Core development testing.",
   );
 }

src/pepr/istio/index.ts

@@ -1,5 +1,9 @@
 import { Exec, KubeConfig } from "@kubernetes/client-node";
-import { Capability, Log, a } from "pepr";
+import { Capability, a } from "pepr";
+import { childLog } from "../logger";
+
+// configure subproject logger
+const log = childLog("istio");
 
 export const istio = new Capability({
   name: "istio",
@@ -20,13 +24,13 @@ When(a.Pod)
   .WithLabel("batch.kubernetes.io/job-name")
   .WithLabel("service.istio.io/canonical-name")
   .Watch(async pod => {
-    Log.info(
+    log.info(
       pod,
       `Processing Pod ${pod.metadata?.namespace}/${pod.metadata?.name} for istio job termination`,
     );
 
     if (!pod.metadata?.name || !pod.metadata.namespace) {
-      Log.error(pod, `Invalid Pod definition`);
+      log.error(pod, `Invalid Pod definition`);
       return;
     }
 
@@ -42,7 +46,7 @@ When(a.Pod)
     if (pod.status?.phase == "Running") {
       // Check all container statuses
       if (!pod.status.containerStatuses) {
-        Log.error(pod, `Invalid container status in Pod`);
+        log.error(pod, `Invalid container status in Pod`);
         return;
       }
       const shouldTerminate = pod.status.containerStatuses
@@ -55,7 +59,7 @@ When(a.Pod)
         // Mark the pod as seen
         inProgress.add(key);
 
-        Log.info(`Attempting to terminate sidecar for ${key}`);
+        log.info(`Attempting to terminate sidecar for ${key}`);
         try {
           const kc = new KubeConfig();
           kc.loadFromDefault();
@@ -72,9 +76,9 @@ When(a.Pod)
             true,
           );
 
-          Log.info(`Terminated sidecar for ${key}`);
+          log.info(`Terminated sidecar for ${key}`);
         } catch (err) {
-          Log.error({ err }, `Failed to terminate the sidecar for ${key}`);
+          log.error({ err }, `Failed to terminate the sidecar for ${key}`);
 
           // Remove the pod from the seen list
           inProgress.delete(key);

src/pepr/logger.ts

@@ -0,0 +1,15 @@
+import { Log } from "pepr";
+
+export function childLog(subproject: string) {
+  const childLog = Log.child({ subproject: subproject });
+
+  // Handle commands that do not template the env vars
+  let logLevel = process.env.UDS_LOG_LEVEL;
+  if (!logLevel || logLevel === "###ZARF_VAR_UDS_LOG_LEVEL###") {
+    logLevel = "debug";
+  }
+
+  childLog.level = logLevel;
+
+  return childLog;
+}

src/pepr/operator/controllers/exemptions/exemption-store.ts

@@ -1,7 +1,10 @@
-import { Log } from "pepr";
+import { childLog } from "../../../logger";
 import { StoredMatcher } from "../../../policies";
 import { Matcher, Policy, UDSExemption } from "../../crd";
 
+// configure subproject logger
+const log = childLog("operator.controllers.exemptions");
+
 export type PolicyOwnerMap = Map<string, UDSExemption>;
 export type PolicyMap = Map<Policy, StoredMatcher[]>;
 let policyExemptionMap: PolicyMap;
@@ -34,7 +37,7 @@ function addMatcher(matcher: Matcher, p: Policy, owner: string = ""): void {
 }
 
 // Iterate through each exemption block of CR and add matchers to PolicyMap
-function add(exemption: UDSExemption, log: boolean = true) {
+function add(exemption: UDSExemption, logger: boolean = true) {
   // Remove any existing exemption for this owner, in case of WatchPhase.Modified
   remove(exemption);
   const owner = exemption.metadata?.uid || "";
@@ -45,8 +48,8 @@ function add(exemption: UDSExemption, log: boolean = true) {
     for (const p of policies) {
       // Append the matcher to the list of stored matchers for this policy
       addMatcher(e.matcher, p, owner);
-      if (log) {
-        Log.debug(`Added exemption to ${p}: ${JSON.stringify(e.matcher)}`);
+      if (logger) {
+        log.debug(`Added exemption to ${p}: ${JSON.stringify(e.matcher)}`);
       }
     }
   }
@@ -68,9 +71,9 @@ function remove(exemption: UDSExemption) {
       }
     }
     policyOwnerMap.delete(owner);
-    Log.debug(`Removed all policy exemptions for ${owner}`);
+    log.debug(`Removed all policy exemptions for ${owner}`);
   } else {
-    Log.debug(`No existing exemption for owner ${owner}`);
+    log.debug(`No existing exemption for owner ${owner}`);
   }
 }
 

src/pepr/operator/controllers/istio/injection.ts

@@ -1,7 +1,11 @@
-import { K8s, Log, kind } from "pepr";
+import { K8s, kind } from "pepr";
 
+import { childLog } from "../../../logger";
 import { UDSPackage } from "../../crd";
 
+// configure subproject logger
+const log = childLog("operator.controllers.istio");
+
 const injectionLabel = "istio-injection";
 const injectionAnnotation = "uds.dev/original-istio-injection";
 
@@ -143,7 +147,7 @@ async function killPods(ns: string, enableInjection: boolean) {
     }
 
     for (const pod of group) {
-      Log.info(`Deleting pod ${ns}/${pod.metadata?.name} to enable the istio sidecar`);
+      log.info(`Deleting pod ${ns}/${pod.metadata?.name} to enable the istio sidecar`);
       await K8s(kind.Pod).Delete(pod);
     }
   }

src/pepr/operator/controllers/istio/istio-resources.ts

@@ -1,9 +1,13 @@
-import { K8s, Log } from "pepr";
+import { K8s } from "pepr";
 
-import { IstioVirtualService, IstioServiceEntry, UDSPackage } from "../../crd";
+import { childLog } from "../../../logger";
+import { IstioServiceEntry, IstioVirtualService, UDSPackage } from "../../crd";
 import { getOwnerRef } from "../utils";
-import { generateVirtualService } from "./virtual-service";
 import { generateServiceEntry } from "./service-entry";
+import { generateVirtualService } from "./virtual-service";
+
+// configure subproject logger
+const log = childLog("operator.controllers.istio");
 
 /**
  * Creates a VirtualService and ServiceEntry for each exposed service in the package
@@ -30,7 +34,7 @@ export async function istioResources(pkg: UDSPackage, namespace: string) {
     // Generate a VirtualService for this `expose` entry
     const vsPayload = generateVirtualService(expose, namespace, pkgName, generation, ownerRefs);
 
-    Log.debug(vsPayload, `Applying VirtualService ${vsPayload.metadata?.name}`);
+    log.debug(vsPayload, `Applying VirtualService ${vsPayload.metadata?.name}`);
 
     // Apply the VirtualService and force overwrite any existing policy
     await K8s(IstioVirtualService).Apply(vsPayload, { force: true });
@@ -45,7 +49,7 @@ export async function istioResources(pkg: UDSPackage, namespace: string) {
       continue;
     }
 
-    Log.debug(sePayload, `Applying ServiceEntry ${sePayload.metadata?.name}`);
+    log.debug(sePayload, `Applying ServiceEntry ${sePayload.metadata?.name}`);
 
     // Apply the ServiceEntry and force overwrite any existing policy
     await K8s(IstioServiceEntry).Apply(sePayload, { force: true });
@@ -66,7 +70,7 @@ export async function istioResources(pkg: UDSPackage, namespace: string) {
 
   // Delete any orphaned VirtualServices
   for (const vs of orphanedVS) {
-    Log.debug(vs, `Deleting orphaned VirtualService ${vs.metadata!.name}`);
+    log.debug(vs, `Deleting orphaned VirtualService ${vs.metadata!.name}`);
     await K8s(IstioVirtualService).Delete(vs);
   }
 
@@ -83,7 +87,7 @@ export async function istioResources(pkg: UDSPackage, namespace: string) {
 
   // Delete any orphaned ServiceEntries
   for (const se of orphanedSE) {
-    Log.debug(se, `Deleting orphaned ServiceEntry ${se.metadata!.name}`);
+    log.debug(se, `Deleting orphaned ServiceEntry ${se.metadata!.name}`);
     await K8s(IstioServiceEntry).Delete(se);
   }
 

src/pepr/operator/controllers/keycloak/client-sync.ts

@@ -1,6 +1,7 @@
-import { K8s, Log, fetch, kind } from "pepr";
+import { fetch, K8s, kind } from "pepr";
 
 import { UDSConfig } from "../../../config";
+import { childLog } from "../../../logger";
 import { Store } from "../../common";
 import { Sso, UDSPackage } from "../../crd";
 import { getOwnerRef } from "../utils";
@@ -27,6 +28,9 @@ const x509CertRegex = new RegExp(
   /<[^>]*:X509Certificate[^>]*>((.|[\n\r])*)<\/[^>]*:X509Certificate>/,
 );
 
+// configure subproject logger
+const log = childLog("operator.controller.keycloak");
+
 /**
  * Create or update the Keycloak clients for the package
  *
@@ -67,7 +71,7 @@ export async function purgeSSOClients(pkg: UDSPackage, refs: string[] = []) {
       Store.removeItem(ref);
       await apiCall({ clientId }, "DELETE", token);
     } else {
-      Log.warn(pkg.metadata, `Failed to remove client ${clientId}, token not found`);
+      log.warn(pkg.metadata, `Failed to remove client ${clientId}, token not found`);
     }
   }
 }
@@ -77,7 +81,7 @@ async function syncClient(
   pkg: UDSPackage,
   isRetry = false,
 ) {
-  Log.debug(pkg.metadata, `Processing client request: ${clientReq.clientId}`);
+  log.debug(pkg.metadata, `Processing client request: ${clientReq.clientId}`);
 
   try {
     // Not including the CR data in the ref because Keycloak client IDs must be unique already
@@ -90,10 +94,10 @@ async function syncClient(
 
     // If an existing client is found, update it
     if (token && !isRetry) {
-      Log.debug(pkg.metadata, `Found existing token for ${clientReq.clientId}`);
+      log.debug(pkg.metadata, `Found existing token for ${clientReq.clientId}`);
       client = await apiCall(clientReq, "PUT", token);
     } else {
-      Log.debug(pkg.metadata, `Creating new client for ${clientReq.clientId}`);
+      log.debug(pkg.metadata, `Creating new client for ${clientReq.clientId}`);
       client = await apiCall(clientReq);
     }
 
@@ -131,15 +135,15 @@ async function syncClient(
     const msg =
       `Failed to process client request '${clientReq.clientId}' for ` +
       `${pkg.metadata?.namespace}/${pkg.metadata?.name}. This can occur if a client already exists with the same ID that Pepr isn't tracking.`;
-    Log.error({ err }, msg);
+    log.error({ err }, msg);
 
     if (isRetry) {
-      Log.error(`${msg}, retry failed, aborting`);
+      log.error(`${msg}, retry failed, aborting`);
       throw new Error(`${msg}. RETRY FAILED, aborting: ${JSON.stringify(err)}`);
     }
 
     // Retry the request
-    Log.warn(`${msg}, retrying`);
+    log.warn(pkg.metadata, `Failed to process client request: ${clientReq.clientId}, retrying`);
     return syncClient(clientReq, pkg, true);
   }
 }
@@ -162,7 +166,7 @@ export function handleClientGroups(clientReq: Sso) {
 async function apiCall(sso: Partial<Sso>, method = "POST", authToken = "") {
   // Handle single test mode
   if (UDSConfig.isSingleTest) {
-    Log.warn(`Generating fake client for '${sso.clientId}' in single test mode`);
+    log.warn(`Generating fake client for '${sso.clientId}' in single test mode`);
     return {
       ...sso,
       secret: sso.secret || "fake-secret",
@@ -203,14 +207,14 @@ async function apiCall(sso: Partial<Sso>, method = "POST", authToken = "") {
 
 export function generateSecretData(client: Client, secretTemplate?: { [key: string]: string }) {
   if (secretTemplate) {
-    Log.debug(`Using secret template for client: ${client.clientId}`);
+    log.debug(`Using secret template for client: ${client.clientId}`);
     // Iterate over the secret template entry and process each value
     return templateData(secretTemplate, client);
   }
 
   const stringMap: Record<string, string> = {};
 
-  Log.debug(`Using client data for secret: ${client.clientId}`);
+  log.debug(`Using client data for secret: ${client.clientId}`);
 
   // iterate over the client object and convert all values to strings
   for (const [key, value] of Object.entries(client)) {

src/pepr/operator/controllers/monitoring/service-monitor.ts

@@ -1,9 +1,13 @@
-import { K8s, Log } from "pepr";
+import { K8s } from "pepr";
 
 import { V1OwnerReference } from "@kubernetes/client-node";
-import { Prometheus, UDSPackage, Monitor } from "../../crd";
+import { childLog } from "../../../logger";
+import { Monitor, Prometheus, UDSPackage } from "../../crd";
 import { getOwnerRef, sanitizeResourceName } from "../utils";
 
+// configure subproject logger
+const log = childLog("operator.controllers.monitoring");
+
 /**
  * Generate a service monitor for a service
  *
@@ -15,7 +19,7 @@ export async function serviceMonitor(pkg: UDSPackage, namespace: string) {
   const generation = (pkg.metadata?.generation ?? 0).toString();
   const ownerRefs = getOwnerRef(pkg);
 
-  Log.debug(`Reconciling ServiceMonitors for ${pkgName}`);
+  log.debug(`Reconciling ServiceMonitors for ${pkgName}`);
 
   // Get the list of monitored services
   const monitorList = pkg.spec?.monitor ?? [];
@@ -27,7 +31,7 @@ export async function serviceMonitor(pkg: UDSPackage, namespace: string) {
     for (const monitor of monitorList) {
       const payload = generateServiceMonitor(monitor, namespace, pkgName, generation, ownerRefs);
 
-      Log.debug(payload, `Applying ServiceMonitor ${payload.metadata?.name}`);
+      log.debug(payload, `Applying ServiceMonitor ${payload.metadata?.name}`);
 
       // Apply the ServiceMonitor and force overwrite any existing policy
       await K8s(Prometheus.ServiceMonitor).Apply(payload, { force: true });
@@ -48,7 +52,7 @@ export async function serviceMonitor(pkg: UDSPackage, namespace: string) {
 
     // Delete any orphaned ServiceMonitors
     for (const sm of orphanedSM) {
-      Log.debug(sm, `Deleting orphaned ServiceMonitor ${sm.metadata!.name}`);
+      log.debug(sm, `Deleting orphaned ServiceMonitor ${sm.metadata!.name}`);
       await K8s(Prometheus.ServiceMonitor).Delete(sm);
     }
   } catch (err) {