rebase and cleanup

google · Sep 24, 2024 · 891f275 · 891f275
1 parent 6912fda
commit 891f275
Show file tree

Hide file tree

Showing 6 changed files with 18 additions and 61 deletions.
diff --git a/launcher/agent/agent.go b/launcher/agent/agent.go
@@ -11,7 +11,6 @@ import (
 	"crypto"
 	"fmt"
 	"io"
-	"log"
 	"log/slog"
 	"net/http"
 	"sync"
@@ -175,7 +174,7 @@ func (a *agent) Refresh(ctx context.Context) error {
 	return nil
 }
 
-func fetchContainerImageSignatures(ctx context.Context, fetcher signaturediscovery.Fetcher, targetRepos []string, retry backoff.BackOff, logger *log.Logger) []oci.Signature {
+func fetchContainerImageSignatures(ctx context.Context, fetcher signaturediscovery.Fetcher, targetRepos []string, retry backoff.BackOff, logger *slog.Logger) []oci.Signature {
 	signatures := make([][]oci.Signature, len(targetRepos))
 
 	var wg sync.WaitGroup
@@ -194,10 +193,10 @@ func fetchContainerImageSignatures(ctx context.Context, fetcher signaturediscove
 				},
 				retry,
 				func(err error, _ time.Duration) {
-					logger.Printf("Failed to fetch container image signatures from repo %q: %v", targetRepo, err)
+					logger.Error("Failed to fetch container image signatures from repo: "+err.Error(), slog.String("repo", targetRepo))
 				})
 			if err != nil {
-				logger.Printf("Failed all attempts to refresh container signatures from repo %q: %v", targetRepo, err)
+				logger.Error("Failed all attempts to refresh container signatures from repo: "+err.Error(), slog.String("repo", targetRepo))
 			} else {
 				signatures[index] = sigs
 			}

diff --git a/launcher/agent/agent_test.go b/launcher/agent/agent_test.go
@@ -6,7 +6,7 @@ import (
 	"crypto/rsa"
 	"encoding/base64"
 	"fmt"
-	"log"
+	"log/slog"
 	"math"
 	"runtime"
 	"sync"
@@ -119,11 +119,7 @@ func TestAttest(t *testing.T) {
 
 			verifierClient := fake.NewClient(fakeSigner)
 
-<<<<<<< HEAD
-			agent, err := CreateAttestationAgent(tpm, client.AttestationKeyECC, verifierClient, tc.principalIDTokenFetcher, tc.containerSignaturesFetcher, tc.launchSpec, log.Default())
-=======
 			agent, err := CreateAttestationAgent(tpm, client.AttestationKeyECC, verifierClient, tc.principalIDTokenFetcher, tc.containerSignaturesFetcher, tc.launchSpec, slog.Default())
->>>>>>> 4b0af5d (fix conflicts)
 			if err != nil {
 				t.Fatalf("failed to create an attestation agent %v", err)
 			}
@@ -300,7 +296,7 @@ func TestFetchContainerImageSignatures(t *testing.T) {
 			testRetryPolicy.MaxElapsedTime = time.Millisecond
 
 			sdClient := signaturediscovery.NewFakeClient()
-			gotSigs := fetchContainerImageSignatures(ctx, sdClient, tc.targetRepos, testRetryPolicy, log.Default())
+			gotSigs := fetchContainerImageSignatures(ctx, sdClient, tc.targetRepos, testRetryPolicy, slog.Default())
 			if len(gotSigs) != len(tc.wantBase64Sigs) {
 				t.Errorf("fetchContainerImageSignatures did not return expected signatures for test case %s, got signatures length %d, but want %d", tc.name, len(gotSigs), len(tc.wantBase64Sigs))
 			}
@@ -504,7 +500,7 @@ func TestFetchContainerImageSignatures_RetriesOnFailure(t *testing.T) {
 				}
 			}
 
-			gotSigs := fetchContainerImageSignatures(ctx, sdClient, repos, backoff.WithMaxRetries(b, 2), log.Default())
+			gotSigs := fetchContainerImageSignatures(ctx, sdClient, repos, backoff.WithMaxRetries(b, 2), slog.Default())
 
 			if len(gotSigs) != len(wantSigs) {
 				t.Errorf("fetchContainerImageSignatures did not return expected signatures for test case %s, got signatures length %d, but want %d", tc.name, len(gotSigs), len(wantSigs))

diff --git a/launcher/container_runner.go b/launcher/container_runner.go
@@ -518,7 +518,7 @@ func (r *ContainerRunner) Run(ctx context.Context) error {
 	}
 
 	// create and start the TEE server
-	r.logger.Println("EnableOnDemandAttestation is enabled: initializing TEE server.")
+	r.logger.Info("EnableOnDemandAttestation is enabled: initializing TEE server.")
 	teeServer, err := teeserver.New(ctx, path.Join(launcherfile.HostTmpPath, teeServerSocket), r.attestAgent, r.logger)
 	if err != nil {
 		return fmt.Errorf("failed to create the TEE server: %v", err)

diff --git a/launcher/internal/experiments/experiments.go b/launcher/internal/experiments/experiments.go
@@ -4,7 +4,6 @@ package experiments
 import (
 	"encoding/json"
 	"fmt"
-	"log/slog"
 	"os"
 )
 
@@ -43,15 +42,3 @@ func readJSONInput(b []byte) (Experiments, error) {
 	}
 	return experiments, nil
 }
-
-// Log takes a structured logger and uses it to log the launcher's experiment flags.
-func (e Experiments) Log(logger *slog.Logger) {
-	logger.Info("Experiment settings",
-		slog.Bool("test_feature", e.EnableTestFeatureForImage),
-		slog.Bool("signed_container_image", e.EnableSignedContainerImage),
-		slog.Bool("on_demand_attestation", e.EnableOnDemandAttestation),
-		slog.Bool("memory_monitoring", e.EnableMemoryMonitoring),
-		slog.Bool("signed_container_cache", e.EnableSignedContainerCache),
-		slog.Bool("measure_memory_monitoring", e.EnableMeasureMemoryMonitor),
-	)
-}
diff --git a/launcher/launcher/main.go b/launcher/launcher/main.go
@@ -59,9 +59,7 @@ func main() {
 	var err error
 	ctx := context.Background()
 
-	logger = slog.Default()
-	// log.Default() outputs to stderr; change to stdout.
-	// log.SetOutput(os.Stdout)
+	logger = slog.New(slog.NewTextHandler(os.Stdout, nil))
 	defer func() {
 		os.Exit(exitCode)
 	}()
@@ -90,7 +88,7 @@ func main() {
 	}
 
 	if err := os.MkdirAll(launcherfile.HostTmpPath, 0744); err != nil {
-		logger.Printf("failed to create %s: %v", launcherfile.HostTmpPath, err)
+		logger.Error(fmt.Sprintf("failed to create %s: %v", launcherfile.HostTmpPath, err))
 	}
 
 	// Get RestartPolicy and IsHardened from spec
@@ -104,28 +102,6 @@ func main() {
 		return
 	}
 
-<<<<<<< HEAD
-=======
-	if err := os.MkdirAll(launcherfile.HostTmpPath, 0744); err != nil {
-		logger.Warn(fmt.Sprintf("failed to create %s: %v", launcherfile.HostTmpPath, err))
-	}
-	experimentsFile := path.Join(launcherfile.HostTmpPath, experimentDataFile)
-
-	args := fmt.Sprintf("-output=%s", experimentsFile)
-	err = exec.Command(binaryPath, args).Run()
-	if err != nil {
-		logger.Warn(fmt.Sprintf("failure during experiment sync: %v\n", err))
-	}
-
-	e, err := experiments.New(experimentsFile)
-	if err != nil {
-		logger.Warn(fmt.Sprintf("failed to read experiment file: %v\n", err))
-		// do not fail if experiment retrieval fails
-	}
-	e.Log(logger)
-	launchSpec.Experiments = e
-
->>>>>>> cdd18a2 (text handler and experiment logging)
 	defer func() {
 		// Catch panic to attempt to output to Cloud Logging.
 		if r := recover(); r != nil {
@@ -134,9 +110,9 @@ func main() {
 		}
 		msg, ok := rcMessage[exitCode]
 		if ok {
-			logger.Info(exitMessage, "exit_code", exitCode, "exit_msg", msg)
+			logger.Info(exitMessage, slog.Int("exit_code", exitCode), slog.String("exit_msg", msg))
 		} else {
-			logger.Info(exitMessage, "exit_code", exitCode)
+			logger.Info(exitMessage, slog.Int("exit_code", exitCode))
 		}
 	}()
 	if err = startLauncher(launchSpec, serialConsole); err != nil {
@@ -223,8 +199,7 @@ func startLauncher(launchSpec spec.LaunchSpec, serialConsole *os.File) error {
 	}
 	gceAk.Close()
 
-	ctx := context.Background()
-	token, err := registryauth.RetrieveAuthToken(ctx, mdsClient)
+	token, err := registryauth.RetrieveAuthToken(context.Background(), mdsClient)
 	if err != nil {
 		logger.Info(fmt.Sprintf("failed to retrieve auth token: %v, using empty auth for image pulling\n", err))
 	}
@@ -235,7 +210,7 @@ func startLauncher(launchSpec spec.LaunchSpec, serialConsole *os.File) error {
 	}
 	logger.Info("Launch completed", "latency_sec", uptime)
 
-	ctx = namespaces.WithNamespace(ctx, namespaces.Default)
+	ctx := namespaces.WithNamespace(context.Background(), namespaces.Default)
 	r, err := launcher.NewRunner(ctx, containerdClient, token, launchSpec, mdsClient, tpm, logger, serialConsole)
 	if err != nil {
 		return err

diff --git a/launcher/spec/launch_spec.go b/launcher/spec/launch_spec.go
@@ -7,7 +7,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"log"
+	"log/slog"
 	"os"
 	"os/exec"
 	"path"
@@ -217,7 +217,7 @@ func (s *LaunchSpec) UnmarshalJSON(b []byte) error {
 // input to the GCE instance custom metadata and return a LaunchSpec.
 // ImageRef (tee-image-reference) is required, will return an error if
 // ImageRef is not presented in the metadata.
-func GetLaunchSpec(ctx context.Context, logger *log.Logger, client *metadata.Client) (LaunchSpec, error) {
+func GetLaunchSpec(ctx context.Context, logger *slog.Logger, client *metadata.Client) (LaunchSpec, error) {
 	data, err := client.GetWithContext(ctx, instanceAttributesQuery)
 	if err != nil {
 		return LaunchSpec{}, err
@@ -271,17 +271,17 @@ func isHardened(kernelCmd string) bool {
 	return false
 }
 
-func fetchExperiments(logger *log.Logger) experiments.Experiments {
+func fetchExperiments(logger *slog.Logger) experiments.Experiments {
 	experimentsFile := path.Join(launcherfile.HostTmpPath, experimentDataFile)
 
 	args := fmt.Sprintf("-output=%s", experimentsFile)
 	err := exec.Command(binaryPath, args).Run()
 	if err != nil {
-		logger.Printf("failure during experiment sync: %v\n", err)
+		logger.Error(fmt.Sprintf("failure during experiment sync: %v\n", err))
 	}
 	e, err := experiments.New(experimentsFile)
 	if err != nil {
-		logger.Printf("failed to read experiment file: %v\n", err)
+		logger.Error(fmt.Sprintf("failed to read experiment file: %v\n", err))
 		// do not fail if experiment retrieval fails
 	}
 	return e