Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: improve logging structure #1583

Merged
merged 8 commits into from
May 16, 2024
Merged

fix: improve logging structure #1583

merged 8 commits into from
May 16, 2024
+260 −115

Conversation

kangmingtay
Copy link
Member

@kangmingtay kangmingtay commented May 15, 2024
edited
Loading

What kind of change does this PR introduce?

  • Remove unformatted logs which do not confirm to JSON
  • Previously, we were logging both time (not UTC) and timestamp (in UTC) which is redundant. I've opted to remove timestamp and just log the UTC time as the time field, which is supported by logrus
  • Previously, the request_id was not being logged because it was unable to retrieve the context properly. Now, the request_id field is added to every log entry, which allows us to filter by request_id to see the entire lifecycle of the request
  • Previously, panics weren't being handled properly and they were just logged as text instead of JSON. The server would return an empty reply, which leads to ugly responses like "Unexpected token < in JSON..." if using fetch in JS. Now, the server returns a proper 500 error response: {"code":500,"error_code":"unexpected_failure","msg":"Internal Server Error"}
  • Added tests for recoverer and NewStructuredLogger to prevent regression
  • Remove "request started" log since the request_id can be used to keep track of the entire request lifecycle. This cuts down on the noise to signal ratio as well.

Log format

  • Panics are now logged like this (note the additional fields like panic and stack - which is a dump of the stack trace):
{
  "component":"api",
  "duration":6065700500,
  "level":"info",
  "method":"GET",
  "msg":"request completed",
  "panic":"test panic",
  "path":"/panic",
  "referer":"http://localhost:3001",
  "remote_addr":"127.0.0.1",
  "request_id":"4cde5f20-2c3c-4645-bc75-52d6231e22e2",
  "stack":"goroutine 82 [running]:...rest of stack trace omitted for brevity",
  "status":500,
  "time":"2024-05-15T09:37:42Z"
}
  • Requests that call NewAuditLogEntry will be logged with the auth_event payload in this format (note that the timestamp field no longer exists)
{
  "auth_event": {
    "action": "token_refreshed",
    "actor_id": "733fb34d-a6f2-43e1-976a-8e6a456b6889",
    "actor_name": "Kang Ming Tay",
    "actor_username": "kang.ming1996@gmail.com",
    "actor_via_sso": false,
    "log_type": "token"
  },
  "component": "api",
  "duration": 75945042,
  "level": "info",
  "method": "POST",
  "msg": "request completed",
  "path": "/token",
  "referer": "http://localhost:3001",
  "remote_addr": "127.0.0.1",
  "request_id": "08c7e47b-42f4-44dc-a39b-7275ef5bbb45",
  "status": 200,
  "time": "2024-05-15T09:40:09Z"
}

@kangmingtay kangmingtay requested a review from a team as a code owner May 15, 2024 08:31
@coveralls
Copy link

coveralls commented May 15, 2024
edited
Loading

Pull Request Test Coverage Report for Build 9111276456

Details

  • 97 of 111 (87.39%) changed or added relevant lines in 14 files are covered.
  • 8 unchanged lines in 4 files lost coverage.
  • Overall coverage increased (+0.4%) to 65.836%
Changes Missing Coverage Covered Lines Changed/Added Lines %
internal/api/auth.go 1 2 50.0%
internal/api/samlacs.go 0 1 0.0%
internal/api/token.go 0 1 0.0%
internal/api/verify.go 1 2 50.0%
internal/api/middleware.go 2 4 50.0%
internal/api/token_oidc.go 0 2 0.0%
internal/api/errors.go 17 20 85.0%
internal/utilities/context.go 9 12 75.0%
Files with Coverage Reduction New Missed Lines %
internal/api/api.go 1 86.28%
internal/api/verify.go 1 73.33%
internal/hooks/auth_hooks.go 3 45.45%
internal/models/errors.go 3 45.59%
Totals Coverage Status
Change from base Build 9065702589: 0.4%
Covered Lines: 8423
Relevant Lines: 12794
💛 - Coveralls

@kangmingtay kangmingtay merged commit c22fc15 into master May 16, 2024
2 checks passed
@kangmingtay kangmingtay deleted the km/fix-logging branch May 16, 2024 13:08
@github-actions github-actions bot mentioned this pull request May 13, 2024
Merged
J0 pushed a commit that referenced this pull request May 22, 2024
@github-actions
chore(master): release 2.152.0 (#1574)
b954a48 
🤖 I have created a release *beep* *boop*
---


##
[2.152.0](v2.151.0...v2.152.0)
(2024-05-22)


### Features

* new timeout writer implementation
([#1584](#1584))
([72614a1](72614a1))
* remove legacy lookup in users for one_time_tokens (phase II)
([#1569](#1569))
([39ca026](39ca026))
* update chi version
([#1581](#1581))
([c64ae3d](c64ae3d))
* update openapi spec with identity and is_anonymous fields
([#1573](#1573))
([86a79df](86a79df))


### Bug Fixes

* improve logging structure
([#1583](#1583))
([c22fc15](c22fc15))
* sms verify should update is_anonymous field
([#1580](#1580))
([e5f98cb](e5f98cb))
* use api_external_url domain as localname
([#1575](#1575))
([ed2b490](ed2b490))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
uxodb pushed a commit to uxodb/auth that referenced this pull request Nov 13, 2024
@kangmingtay
fix: improve logging structure (supabase#1583)
d62a61b 
## What kind of change does this PR introduce?
* Remove unformatted logs which do not confirm to JSON
* Previously, we were logging both `time` (not UTC) and `timestamp` (in
UTC) which is redundant. I've opted to remove `timestamp` and just log
the UTC time as the `time` field, which is supported by logrus
* Previously, the `request_id` was not being logged because it was
unable to retrieve the context properly. Now, the `request_id` field is
added to every log entry, which allows us to filter by `request_id` to
see the entire lifecycle of the request
* Previously, panics weren't being handled properly and they were just
logged as text instead of JSON. The server would return an empty reply,
which leads to ugly responses like "Unexpected token < in JSON..." if
using fetch in JS. Now, the server returns a proper 500 error response:
`{"code":500,"error_code":"unexpected_failure","msg":"Internal Server
Error"}`
* Added tests for `recoverer` and `NewStructuredLogger` to prevent
regression
* Remove "request started" log since the `request_id` can be used to
keep track of the entire request lifecycle. This cuts down on the noise
to signal ratio as well.


## Log format
* Panics are now logged like this (note the additional fields like
`panic` and `stack` - which is a dump of the stack trace):
```json
{
  "component":"api",
  "duration":6065700500,
  "level":"info",
  "method":"GET",
  "msg":"request completed",
  "panic":"test panic",
  "path":"/panic",
  "referer":"http://localhost:3001",
  "remote_addr":"127.0.0.1",
  "request_id":"4cde5f20-2c3c-4645-bc75-52d6231e22e2",
  "stack":"goroutine 82 [running]:...rest of stack trace omitted for brevity",
  "status":500,
  "time":"2024-05-15T09:37:42Z"
}
```

* Requests that call `NewAuditLogEntry` will be logged with the
`auth_event` payload in this format (note that the timestamp field no
longer exists)
```json
{
  "auth_event": {
    "action": "token_refreshed",
    "actor_id": "733fb34d-a6f2-43e1-976a-8e6a456b6889",
    "actor_name": "Kang Ming Tay",
    "actor_username": "kang.ming1996@gmail.com",
    "actor_via_sso": false,
    "log_type": "token"
  },
  "component": "api",
  "duration": 75945042,
  "level": "info",
  "method": "POST",
  "msg": "request completed",
  "path": "/token",
  "referer": "http://localhost:3001",
  "remote_addr": "127.0.0.1",
  "request_id": "08c7e47b-42f4-44dc-a39b-7275ef5bbb45",
  "status": 200,
  "time": "2024-05-15T09:40:09Z"
}
```
uxodb pushed a commit to uxodb/auth that referenced this pull request Nov 13, 2024
@github-actions
chore(master): release 2.152.0 (supabase#1574)
7082882 
🤖 I have created a release *beep* *boop*
---


##
[2.152.0](supabase/auth@v2.151.0...v2.152.0)
(2024-05-22)


### Features

* new timeout writer implementation
([supabase#1584](supabase#1584))
([72614a1](supabase@72614a1))
* remove legacy lookup in users for one_time_tokens (phase II)
([supabase#1569](supabase#1569))
([39ca026](supabase@39ca026))
* update chi version
([supabase#1581](supabase#1581))
([c64ae3d](supabase@c64ae3d))
* update openapi spec with identity and is_anonymous fields
([supabase#1573](supabase#1573))
([86a79df](supabase@86a79df))


### Bug Fixes

* improve logging structure
([supabase#1583](supabase#1583))
([c22fc15](supabase@c22fc15))
* sms verify should update is_anonymous field
([supabase#1580](supabase#1580))
([e5f98cb](supabase@e5f98cb))
* use api_external_url domain as localname
([supabase#1575](supabase#1575))
([ed2b490](supabase@ed2b490))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
LashaJini pushed a commit to LashaJini/auth that referenced this pull request Nov 13, 2024
@kangmingtay @LashaJini
fix: improve logging structure (supabase#1583)
9865a37 
## What kind of change does this PR introduce?
* Remove unformatted logs which do not confirm to JSON
* Previously, we were logging both `time` (not UTC) and `timestamp` (in
UTC) which is redundant. I've opted to remove `timestamp` and just log
the UTC time as the `time` field, which is supported by logrus
* Previously, the `request_id` was not being logged because it was
unable to retrieve the context properly. Now, the `request_id` field is
added to every log entry, which allows us to filter by `request_id` to
see the entire lifecycle of the request
* Previously, panics weren't being handled properly and they were just
logged as text instead of JSON. The server would return an empty reply,
which leads to ugly responses like "Unexpected token < in JSON..." if
using fetch in JS. Now, the server returns a proper 500 error response:
`{"code":500,"error_code":"unexpected_failure","msg":"Internal Server
Error"}`
* Added tests for `recoverer` and `NewStructuredLogger` to prevent
regression
* Remove "request started" log since the `request_id` can be used to
keep track of the entire request lifecycle. This cuts down on the noise
to signal ratio as well.


## Log format
* Panics are now logged like this (note the additional fields like
`panic` and `stack` - which is a dump of the stack trace):
```json
{
  "component":"api",
  "duration":6065700500,
  "level":"info",
  "method":"GET",
  "msg":"request completed",
  "panic":"test panic",
  "path":"/panic",
  "referer":"http://localhost:3001",
  "remote_addr":"127.0.0.1",
  "request_id":"4cde5f20-2c3c-4645-bc75-52d6231e22e2",
  "stack":"goroutine 82 [running]:...rest of stack trace omitted for brevity",
  "status":500,
  "time":"2024-05-15T09:37:42Z"
}
```

* Requests that call `NewAuditLogEntry` will be logged with the
`auth_event` payload in this format (note that the timestamp field no
longer exists)
```json
{
  "auth_event": {
    "action": "token_refreshed",
    "actor_id": "733fb34d-a6f2-43e1-976a-8e6a456b6889",
    "actor_name": "Kang Ming Tay",
    "actor_username": "kang.ming1996@gmail.com",
    "actor_via_sso": false,
    "log_type": "token"
  },
  "component": "api",
  "duration": 75945042,
  "level": "info",
  "method": "POST",
  "msg": "request completed",
  "path": "/token",
  "referer": "http://localhost:3001",
  "remote_addr": "127.0.0.1",
  "request_id": "08c7e47b-42f4-44dc-a39b-7275ef5bbb45",
  "status": 200,
  "time": "2024-05-15T09:40:09Z"
}
```
LashaJini pushed a commit to LashaJini/auth that referenced this pull request Nov 13, 2024
@github-actions @LashaJini
chore(master): release 2.152.0 (supabase#1574)
88c8d9a 
🤖 I have created a release *beep* *boop*
---


##
[2.152.0](supabase/auth@v2.151.0...v2.152.0)
(2024-05-22)


### Features

* new timeout writer implementation
([supabase#1584](supabase#1584))
([72614a1](supabase@72614a1))
* remove legacy lookup in users for one_time_tokens (phase II)
([supabase#1569](supabase#1569))
([39ca026](supabase@39ca026))
* update chi version
([supabase#1581](supabase#1581))
([c64ae3d](supabase@c64ae3d))
* update openapi spec with identity and is_anonymous fields
([supabase#1573](supabase#1573))
([86a79df](supabase@86a79df))


### Bug Fixes

* improve logging structure
([supabase#1583](supabase#1583))
([c22fc15](supabase@c22fc15))
* sms verify should update is_anonymous field
([supabase#1580](supabase#1580))
([e5f98cb](supabase@e5f98cb))
* use api_external_url domain as localname
([supabase#1575](supabase#1575))
([ed2b490](supabase@ed2b490))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
LashaJini pushed a commit to LashaJini/auth that referenced this pull request Nov 15, 2024
@kangmingtay @LashaJini
fix: improve logging structure (supabase#1583)
1831868 
## What kind of change does this PR introduce?
* Remove unformatted logs which do not confirm to JSON
* Previously, we were logging both `time` (not UTC) and `timestamp` (in
UTC) which is redundant. I've opted to remove `timestamp` and just log
the UTC time as the `time` field, which is supported by logrus
* Previously, the `request_id` was not being logged because it was
unable to retrieve the context properly. Now, the `request_id` field is
added to every log entry, which allows us to filter by `request_id` to
see the entire lifecycle of the request
* Previously, panics weren't being handled properly and they were just
logged as text instead of JSON. The server would return an empty reply,
which leads to ugly responses like "Unexpected token < in JSON..." if
using fetch in JS. Now, the server returns a proper 500 error response:
`{"code":500,"error_code":"unexpected_failure","msg":"Internal Server
Error"}`
* Added tests for `recoverer` and `NewStructuredLogger` to prevent
regression
* Remove "request started" log since the `request_id` can be used to
keep track of the entire request lifecycle. This cuts down on the noise
to signal ratio as well.


## Log format
* Panics are now logged like this (note the additional fields like
`panic` and `stack` - which is a dump of the stack trace):
```json
{
  "component":"api",
  "duration":6065700500,
  "level":"info",
  "method":"GET",
  "msg":"request completed",
  "panic":"test panic",
  "path":"/panic",
  "referer":"http://localhost:3001",
  "remote_addr":"127.0.0.1",
  "request_id":"4cde5f20-2c3c-4645-bc75-52d6231e22e2",
  "stack":"goroutine 82 [running]:...rest of stack trace omitted for brevity",
  "status":500,
  "time":"2024-05-15T09:37:42Z"
}
```

* Requests that call `NewAuditLogEntry` will be logged with the
`auth_event` payload in this format (note that the timestamp field no
longer exists)
```json
{
  "auth_event": {
    "action": "token_refreshed",
    "actor_id": "733fb34d-a6f2-43e1-976a-8e6a456b6889",
    "actor_name": "Kang Ming Tay",
    "actor_username": "kang.ming1996@gmail.com",
    "actor_via_sso": false,
    "log_type": "token"
  },
  "component": "api",
  "duration": 75945042,
  "level": "info",
  "method": "POST",
  "msg": "request completed",
  "path": "/token",
  "referer": "http://localhost:3001",
  "remote_addr": "127.0.0.1",
  "request_id": "08c7e47b-42f4-44dc-a39b-7275ef5bbb45",
  "status": 200,
  "time": "2024-05-15T09:40:09Z"
}
```
LashaJini pushed a commit to LashaJini/auth that referenced this pull request Nov 15, 2024
@github-actions @LashaJini
chore(master): release 2.152.0 (supabase#1574)
488ef3d 
🤖 I have created a release *beep* *boop*
---


##
[2.152.0](supabase/auth@v2.151.0...v2.152.0)
(2024-05-22)


### Features

* new timeout writer implementation
([supabase#1584](supabase#1584))
([72614a1](supabase@72614a1))
* remove legacy lookup in users for one_time_tokens (phase II)
([supabase#1569](supabase#1569))
([39ca026](supabase@39ca026))
* update chi version
([supabase#1581](supabase#1581))
([c64ae3d](supabase@c64ae3d))
* update openapi spec with identity and is_anonymous fields
([supabase#1573](supabase#1573))
([86a79df](supabase@86a79df))


### Bug Fixes

* improve logging structure
([supabase#1583](supabase#1583))
([c22fc15](supabase@c22fc15))
* sms verify should update is_anonymous field
([supabase#1580](supabase#1580))
([e5f98cb](supabase@e5f98cb))
* use api_external_url domain as localname
([supabase#1575](supabase#1575))
([ed2b490](supabase@ed2b490))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@J0 J0 J0 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kangmingtay @coveralls @J0