storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/cmd/logger/config.go (about) 1 /* 2 * MinIO Cloud Storage, (C) 2019 MinIO, Inc. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package logger 18 19 import ( 20 "strings" 21 22 "storj.io/minio/cmd/config" 23 "storj.io/minio/pkg/env" 24 ) 25 26 // Console logger target 27 type Console struct { 28 Enabled bool `json:"enabled"` 29 } 30 31 // HTTP logger target 32 type HTTP struct { 33 Enabled bool `json:"enabled"` 34 Endpoint string `json:"endpoint"` 35 AuthToken string `json:"authToken"` 36 ClientCert string `json:"clientCert"` 37 ClientKey string `json:"clientKey"` 38 } 39 40 // Config console and http logger targets 41 type Config struct { 42 Console Console `json:"console"` 43 HTTP map[string]HTTP `json:"http"` 44 Audit map[string]HTTP `json:"audit"` 45 } 46 47 // HTTP endpoint logger 48 const ( 49 Endpoint = "endpoint" 50 AuthToken = "auth_token" 51 ClientCert = "client_cert" 52 ClientKey = "client_key" 53 54 EnvLoggerWebhookEnable = "MINIO_LOGGER_WEBHOOK_ENABLE" 55 EnvLoggerWebhookEndpoint = "MINIO_LOGGER_WEBHOOK_ENDPOINT" 56 EnvLoggerWebhookAuthToken = "MINIO_LOGGER_WEBHOOK_AUTH_TOKEN" 57 58 EnvAuditWebhookEnable = "MINIO_AUDIT_WEBHOOK_ENABLE" 59 EnvAuditWebhookEndpoint = "MINIO_AUDIT_WEBHOOK_ENDPOINT" 60 EnvAuditWebhookAuthToken = "MINIO_AUDIT_WEBHOOK_AUTH_TOKEN" 61 EnvAuditWebhookClientCert = "MINIO_AUDIT_WEBHOOK_CLIENT_CERT" 62 EnvAuditWebhookClientKey = "MINIO_AUDIT_WEBHOOK_CLIENT_KEY" 63 ) 64 65 // Default KVS for loggerHTTP and loggerAuditHTTP 66 var ( 67 DefaultKVS = config.KVS{ 68 config.KV{ 69 Key: config.Enable, 70 Value: config.EnableOff, 71 }, 72 config.KV{ 73 Key: Endpoint, 74 Value: "", 75 }, 76 config.KV{ 77 Key: AuthToken, 78 Value: "", 79 }, 80 } 81 DefaultAuditKVS = config.KVS{ 82 config.KV{ 83 Key: config.Enable, 84 Value: config.EnableOff, 85 }, 86 config.KV{ 87 Key: Endpoint, 88 Value: "", 89 }, 90 config.KV{ 91 Key: AuthToken, 92 Value: "", 93 }, 94 config.KV{ 95 Key: ClientCert, 96 Value: "", 97 }, 98 config.KV{ 99 Key: ClientKey, 100 Value: "", 101 }, 102 } 103 ) 104 105 // NewConfig - initialize new logger config. 106 func NewConfig() Config { 107 cfg := Config{ 108 // Console logging is on by default 109 Console: Console{ 110 Enabled: true, 111 }, 112 HTTP: make(map[string]HTTP), 113 Audit: make(map[string]HTTP), 114 } 115 116 // Create an example HTTP logger 117 cfg.HTTP[config.Default] = HTTP{ 118 Endpoint: "https://username:password@example.com/api", 119 } 120 121 // Create an example Audit logger 122 cfg.Audit[config.Default] = HTTP{ 123 Endpoint: "https://username:password@example.com/api/audit", 124 } 125 126 return cfg 127 } 128 129 func lookupLegacyConfig() (Config, error) { 130 cfg := NewConfig() 131 132 var loggerTargets []string 133 envs := env.List(legacyEnvLoggerHTTPEndpoint) 134 for _, k := range envs { 135 target := strings.TrimPrefix(k, legacyEnvLoggerHTTPEndpoint+config.Default) 136 if target == legacyEnvLoggerHTTPEndpoint { 137 target = config.Default 138 } 139 loggerTargets = append(loggerTargets, target) 140 } 141 142 // Load HTTP logger from the environment if found 143 for _, target := range loggerTargets { 144 endpointEnv := legacyEnvLoggerHTTPEndpoint 145 if target != config.Default { 146 endpointEnv = legacyEnvLoggerHTTPEndpoint + config.Default + target 147 } 148 endpoint := env.Get(endpointEnv, "") 149 if endpoint == "" { 150 continue 151 } 152 cfg.HTTP[target] = HTTP{ 153 Enabled: true, 154 Endpoint: endpoint, 155 } 156 } 157 158 // List legacy audit ENVs if any. 159 var loggerAuditTargets []string 160 envs = env.List(legacyEnvAuditLoggerHTTPEndpoint) 161 for _, k := range envs { 162 target := strings.TrimPrefix(k, legacyEnvAuditLoggerHTTPEndpoint+config.Default) 163 if target == legacyEnvAuditLoggerHTTPEndpoint { 164 target = config.Default 165 } 166 loggerAuditTargets = append(loggerAuditTargets, target) 167 } 168 169 for _, target := range loggerAuditTargets { 170 endpointEnv := legacyEnvAuditLoggerHTTPEndpoint 171 if target != config.Default { 172 endpointEnv = legacyEnvAuditLoggerHTTPEndpoint + config.Default + target 173 } 174 endpoint := env.Get(endpointEnv, "") 175 if endpoint == "" { 176 continue 177 } 178 cfg.Audit[target] = HTTP{ 179 Enabled: true, 180 Endpoint: endpoint, 181 } 182 } 183 184 return cfg, nil 185 186 } 187 188 // LookupConfig - lookup logger config, override with ENVs if set. 189 func LookupConfig(scfg config.Config) (Config, error) { 190 // Lookup for legacy environment variables first 191 cfg, err := lookupLegacyConfig() 192 if err != nil { 193 return cfg, err 194 } 195 196 envs := env.List(EnvLoggerWebhookEndpoint) 197 var loggerTargets []string 198 for _, k := range envs { 199 target := strings.TrimPrefix(k, EnvLoggerWebhookEndpoint+config.Default) 200 if target == EnvLoggerWebhookEndpoint { 201 target = config.Default 202 } 203 loggerTargets = append(loggerTargets, target) 204 } 205 206 var loggerAuditTargets []string 207 envs = env.List(EnvAuditWebhookEndpoint) 208 for _, k := range envs { 209 target := strings.TrimPrefix(k, EnvAuditWebhookEndpoint+config.Default) 210 if target == EnvAuditWebhookEndpoint { 211 target = config.Default 212 } 213 loggerAuditTargets = append(loggerAuditTargets, target) 214 } 215 216 // Load HTTP logger from the environment if found 217 for _, target := range loggerTargets { 218 if v, ok := cfg.HTTP[target]; ok && v.Enabled { 219 // This target is already enabled using the 220 // legacy environment variables, ignore. 221 continue 222 } 223 enableEnv := EnvLoggerWebhookEnable 224 if target != config.Default { 225 enableEnv = EnvLoggerWebhookEnable + config.Default + target 226 } 227 enable, err := config.ParseBool(env.Get(enableEnv, "")) 228 if err != nil || !enable { 229 continue 230 } 231 endpointEnv := EnvLoggerWebhookEndpoint 232 if target != config.Default { 233 endpointEnv = EnvLoggerWebhookEndpoint + config.Default + target 234 } 235 authTokenEnv := EnvLoggerWebhookAuthToken 236 if target != config.Default { 237 authTokenEnv = EnvLoggerWebhookAuthToken + config.Default + target 238 } 239 cfg.HTTP[target] = HTTP{ 240 Enabled: true, 241 Endpoint: env.Get(endpointEnv, ""), 242 AuthToken: env.Get(authTokenEnv, ""), 243 } 244 } 245 246 for _, target := range loggerAuditTargets { 247 if v, ok := cfg.Audit[target]; ok && v.Enabled { 248 // This target is already enabled using the 249 // legacy environment variables, ignore. 250 continue 251 } 252 enableEnv := EnvAuditWebhookEnable 253 if target != config.Default { 254 enableEnv = EnvAuditWebhookEnable + config.Default + target 255 } 256 enable, err := config.ParseBool(env.Get(enableEnv, "")) 257 if err != nil || !enable { 258 continue 259 } 260 endpointEnv := EnvAuditWebhookEndpoint 261 if target != config.Default { 262 endpointEnv = EnvAuditWebhookEndpoint + config.Default + target 263 } 264 authTokenEnv := EnvAuditWebhookAuthToken 265 if target != config.Default { 266 authTokenEnv = EnvAuditWebhookAuthToken + config.Default + target 267 } 268 clientCertEnv := EnvAuditWebhookClientCert 269 if target != config.Default { 270 clientCertEnv = EnvAuditWebhookClientCert + config.Default + target 271 } 272 clientKeyEnv := EnvAuditWebhookClientKey 273 if target != config.Default { 274 clientKeyEnv = EnvAuditWebhookClientKey + config.Default + target 275 } 276 err = config.EnsureCertAndKey(env.Get(clientCertEnv, ""), env.Get(clientKeyEnv, "")) 277 if err != nil { 278 return cfg, err 279 } 280 cfg.Audit[target] = HTTP{ 281 Enabled: true, 282 Endpoint: env.Get(endpointEnv, ""), 283 AuthToken: env.Get(authTokenEnv, ""), 284 ClientCert: env.Get(clientCertEnv, ""), 285 ClientKey: env.Get(clientKeyEnv, ""), 286 } 287 } 288 289 for starget, kv := range scfg[config.LoggerWebhookSubSys] { 290 if l, ok := cfg.HTTP[starget]; ok && l.Enabled { 291 // Ignore this HTTP logger config since there is 292 // a target with the same name loaded and enabled 293 // from the environment. 294 continue 295 } 296 subSysTarget := config.LoggerWebhookSubSys 297 if starget != config.Default { 298 subSysTarget = config.LoggerWebhookSubSys + config.SubSystemSeparator + starget 299 } 300 if err := config.CheckValidKeys(subSysTarget, kv, DefaultKVS); err != nil { 301 return cfg, err 302 } 303 enabled, err := config.ParseBool(kv.Get(config.Enable)) 304 if err != nil { 305 return cfg, err 306 } 307 if !enabled { 308 continue 309 } 310 cfg.HTTP[starget] = HTTP{ 311 Enabled: true, 312 Endpoint: kv.Get(Endpoint), 313 AuthToken: kv.Get(AuthToken), 314 } 315 } 316 317 for starget, kv := range scfg[config.AuditWebhookSubSys] { 318 if l, ok := cfg.Audit[starget]; ok && l.Enabled { 319 // Ignore this audit config since another target 320 // with the same name is already loaded and enabled 321 // in the shell environment. 322 continue 323 } 324 subSysTarget := config.AuditWebhookSubSys 325 if starget != config.Default { 326 subSysTarget = config.AuditWebhookSubSys + config.SubSystemSeparator + starget 327 } 328 if err := config.CheckValidKeys(subSysTarget, kv, DefaultAuditKVS); err != nil { 329 return cfg, err 330 } 331 enabled, err := config.ParseBool(kv.Get(config.Enable)) 332 if err != nil { 333 return cfg, err 334 } 335 if !enabled { 336 continue 337 } 338 err = config.EnsureCertAndKey(kv.Get(ClientCert), kv.Get(ClientKey)) 339 if err != nil { 340 return cfg, err 341 } 342 cfg.Audit[starget] = HTTP{ 343 Enabled: true, 344 Endpoint: kv.Get(Endpoint), 345 AuthToken: kv.Get(AuthToken), 346 ClientCert: kv.Get(ClientCert), 347 ClientKey: kv.Get(ClientKey), 348 } 349 } 350 351 return cfg, nil 352 }