From 0109031e63f9e4dd079fc9737a1a4626d9f0e8fa Mon Sep 17 00:00:00 2001 From: Mitchell Hashimoto Date: Sat, 4 Apr 2015 11:39:58 -0700 Subject: [PATCH] vault: pass a logger around to logical backends --- logical/framework/backend.go | 18 ++++++++++++++++++ logical/logical.go | 12 ++++++++++++ vault/mount.go | 8 +++++++- vault/router_test.go | 6 ++++++ 4 files changed, 43 insertions(+), 1 deletion(-) diff --git a/logical/framework/backend.go b/logical/framework/backend.go index b1d0730816..39014eda9f 100644 --- a/logical/framework/backend.go +++ b/logical/framework/backend.go @@ -2,6 +2,8 @@ package framework import ( "fmt" + "io/ioutil" + "log" "regexp" "sort" "strings" @@ -49,6 +51,7 @@ type Backend struct { Rollback RollbackFunc RollbackMinAge time.Duration + logger *log.Logger once sync.Once pathsRe []*regexp.Regexp } @@ -123,6 +126,21 @@ func (b *Backend) SpecialPaths() *logical.Paths { return b.PathsSpecial } +// logical.Backend impl. +func (b *Backend) SetLogger(logger *log.Logger) { + b.logger = logger +} + +// Logger can be used to get the logger. If no logger has been set, +// the logs will be discarded. +func (b *Backend) Logger() *log.Logger { + if b.logger != nil { + return b.logger + } + + return log.New(ioutil.Discard, "", 0) +} + // Route looks up the path that would be used for a given path string. func (b *Backend) Route(path string) *Path { result, _ := b.route(path) diff --git a/logical/logical.go b/logical/logical.go index 259249f80b..60a08bdf6a 100644 --- a/logical/logical.go +++ b/logical/logical.go @@ -1,5 +1,9 @@ package logical +import ( + "log" +) + // Backend interface must be implemented to be "mountable" at // a given path. Requests flow through a router which has various mount // points that flow to a logical backend. The logic of each backend is flexible, @@ -20,6 +24,14 @@ type Backend interface { // ends in '*' then it is a prefix-based match. The '*' can only appear // at the end. SpecialPaths() *Paths + + // SetLogger is called to set the logger for the backend. The backend + // should use this logger. The log should not contain any secrets. + // It should not be assumed that this function will be called every time. + // + // SetLogger will not be called by Vault core in parallel, and + // therefore doesn't need any lock protection. + SetLogger(*log.Logger) } // Factory is the factory function to create a logical backend. diff --git a/vault/mount.go b/vault/mount.go index 128ca72cca..d6769a1aa5 100644 --- a/vault/mount.go +++ b/vault/mount.go @@ -460,7 +460,13 @@ func (c *Core) newLogicalBackend(t string, conf map[string]string) (logical.Back return nil, fmt.Errorf("unknown backend type: %s", t) } - return f(conf) + b, err := f(conf) + if err != nil { + return nil, err + } + + b.SetLogger(c.logger) + return b, nil } // defaultMountTable creates a default mount table diff --git a/vault/router_test.go b/vault/router_test.go index 0f57a1683d..08a61045be 100644 --- a/vault/router_test.go +++ b/vault/router_test.go @@ -2,6 +2,7 @@ package vault import ( "fmt" + "log" "strings" "testing" @@ -14,6 +15,7 @@ type NoopBackend struct { Paths []string Requests []*logical.Request Response *logical.Response + Logger *log.Logger } func (n *NoopBackend) HandleRequest(req *logical.Request) (*logical.Response, error) { @@ -34,6 +36,10 @@ func (n *NoopBackend) SpecialPaths() *logical.Paths { } } +func (n *NoopBackend) SetLogger(l *log.Logger) { + n.Logger = l +} + func TestRouter_Mount(t *testing.T) { r := NewRouter() _, barrier, _ := mockBarrier(t)