From 8057502baf7cf559803e0db7361710d7151d11cb Mon Sep 17 00:00:00 2001 From: Javan lacerda Date: Tue, 13 Aug 2024 20:18:40 +0000 Subject: [PATCH] improving logs Signed-off-by: Javan lacerda --- pkg/identity/ciprovider/principal.go | 25 ++++++++++++++++++----- pkg/identity/ciprovider/principal_test.go | 5 ++++- 2 files changed, 24 insertions(+), 6 deletions(-) diff --git a/pkg/identity/ciprovider/principal.go b/pkg/identity/ciprovider/principal.go index cf3abd7fc..6ad9874de 100644 --- a/pkg/identity/ciprovider/principal.go +++ b/pkg/identity/ciprovider/principal.go @@ -18,6 +18,7 @@ import ( "bytes" "context" "crypto/x509" + "encoding/json" "fmt" "html/template" "net/url" @@ -47,8 +48,10 @@ func getTokenClaims(token *oidc.IDToken) (map[string]string, error) { // It makes string interpolation for a given string by using the // templates syntax https://pkg.go.dev/text/template -// Issuer added as a parameter for having a richer log -func applyTemplateOrReplace(extValueTemplate string, tokenClaims map[string]string, issuerMetadata map[string]string, issuer string) (string, error) { +// logMetadata added as a parameter for having a richer log +func applyTemplateOrReplace( + extValueTemplate string, tokenClaims map[string]string, + issuerMetadata map[string]string, logMetadata map[string]string) (string, error) { // Here we merge the data from was claimed by the id token with the // default data provided by the yaml file. @@ -82,7 +85,10 @@ func applyTemplateOrReplace(extValueTemplate string, tokenClaims map[string]stri } claimValue, ok := mergedData[extValueTemplate] if !ok { - return "", fmt.Errorf("value <%s> not present in either claims or defaults. Issuer: %s", extValueTemplate, issuer) + var prettyJSON bytes.Buffer + inrec, _ := json.Marshal(logMetadata) + json.Indent(&prettyJSON, inrec, "", "\t") + return "", fmt.Errorf("value <%s> not present in either claims or defaults. %s", extValueTemplate, prettyJSON.String()) } return claimValue, nil } @@ -123,7 +129,12 @@ func (principal ciPrincipal) Embed(_ context.Context, cert *x509.Certificate) er if strings.TrimSpace(principal.ClaimsMetadata.SubjectAlternativeNameTemplate) == "" { return fmt.Errorf("SubjectAlternativeNameTemplate should not be empty. Issuer: %s", principal.Token.Issuer) } - subjectAlternativeName, err := applyTemplateOrReplace(principal.ClaimsMetadata.SubjectAlternativeNameTemplate, claims, defaults, principal.Token.Issuer) + subjectAlternativeName, err := applyTemplateOrReplace( + principal.ClaimsMetadata.SubjectAlternativeNameTemplate, claims, defaults, + map[string]string{ + "Issuer": principal.Token.Issuer, + "ExtensionName": "SubjectAlternativeName", + }) if err != nil { return err } @@ -146,7 +157,11 @@ func (principal ciPrincipal) Embed(_ context.Context, cert *x509.Certificate) er if strings.TrimSpace(s) == "" || vType.Field(i).Name == "Issuer" { continue } - extValue, err := applyTemplateOrReplace(s, claims, defaults, principal.Token.Issuer) + extValue, err := applyTemplateOrReplace(s, claims, defaults, + map[string]string{ + "Issuer": principal.Token.Issuer, + "ExtensionName": vType.Field(i).Name, + }) if err != nil { return err } diff --git a/pkg/identity/ciprovider/principal_test.go b/pkg/identity/ciprovider/principal_test.go index 33cc51c6f..aafae57cf 100644 --- a/pkg/identity/ciprovider/principal_test.go +++ b/pkg/identity/ciprovider/principal_test.go @@ -313,7 +313,10 @@ func TestApplyTemplateOrReplace(t *testing.T) { for name, test := range tests { t.Run(name, func(t *testing.T) { - res, err := applyTemplateOrReplace(test.Template, tokenClaims, issuerMetadata, "https://token.actions.githubusercontent.com") + res, err := applyTemplateOrReplace(test.Template, tokenClaims, issuerMetadata, + map[string]string{ + "Issuer": "https://token.actions.githubusercontent.com", + }) if res != test.ExpectedResult { t.Errorf("expected result don't matches: Expected %s, received: %s, error: %v", test.ExpectedResult, res, err)