diff --git a/agent/consul/acl_authmethod.go b/agent/consul/acl_authmethod.go index a376af53c..ded6ae508 100644 --- a/agent/consul/acl_authmethod.go +++ b/agent/consul/acl_authmethod.go @@ -25,7 +25,7 @@ func (s *Server) loadAuthMethodValidator(idx uint64, method *structs.ACLAuthMeth return v, nil } - v, err := authmethod.NewValidator(method) + v, err := authmethod.NewValidator(s.logger, method) if err != nil { return nil, fmt.Errorf("auth method validator for %q could not be initialized: %v", method.Name, err) } diff --git a/agent/consul/acl_endpoint.go b/agent/consul/acl_endpoint.go index 5d1546c74..9cdb73e16 100644 --- a/agent/consul/acl_endpoint.go +++ b/agent/consul/acl_endpoint.go @@ -2111,7 +2111,7 @@ func (a *ACL) AuthMethodSet(args *structs.ACLAuthMethodSetRequest, reply *struct // Instantiate a validator but do not cache it yet. This will validate the // configuration. - if _, err := authmethod.NewValidator(method); err != nil { + if _, err := authmethod.NewValidator(a.srv.logger, method); err != nil { return fmt.Errorf("Invalid Auth Method: %v", err) } diff --git a/agent/consul/authmethod/authmethods.go b/agent/consul/authmethod/authmethods.go index 013d75ac9..f2f76a850 100644 --- a/agent/consul/authmethod/authmethods.go +++ b/agent/consul/authmethod/authmethods.go @@ -6,6 +6,7 @@ import ( "sync" "github.com/hashicorp/consul/agent/structs" + "github.com/hashicorp/go-hclog" "github.com/mitchellh/mapstructure" ) @@ -24,7 +25,7 @@ type Cache interface { Purge() } -type ValidatorFactory func(method *structs.ACLAuthMethod) (Validator, error) +type ValidatorFactory func(logger hclog.Logger, method *structs.ACLAuthMethod) (Validator, error) type Validator interface { // Name returns the name of the auth method backing this validator. @@ -131,7 +132,7 @@ func (c *authMethodCache) Purge() { // NewValidator instantiates a new Validator for the given auth method // configuration. If no auth method is registered with the provided type an // error is returned. -func NewValidator(method *structs.ACLAuthMethod) (Validator, error) { +func NewValidator(logger hclog.Logger, method *structs.ACLAuthMethod) (Validator, error) { typesMu.RLock() factory, ok := types[method.Type] typesMu.RUnlock() @@ -140,7 +141,9 @@ func NewValidator(method *structs.ACLAuthMethod) (Validator, error) { return nil, fmt.Errorf("no auth method registered with type: %s", method.Type) } - return factory(method) + logger = logger.Named("authmethod").With("type", method.Type, "name", method.Name) + + return factory(logger, method) } // Types returns a sorted list of the names of the registered types. diff --git a/agent/consul/authmethod/kubeauth/k8s.go b/agent/consul/authmethod/kubeauth/k8s.go index 99d95a8df..bea558f77 100644 --- a/agent/consul/authmethod/kubeauth/k8s.go +++ b/agent/consul/authmethod/kubeauth/k8s.go @@ -8,6 +8,7 @@ import ( "github.com/hashicorp/consul/agent/consul/authmethod" "github.com/hashicorp/consul/agent/structs" cleanhttp "github.com/hashicorp/go-cleanhttp" + "github.com/hashicorp/go-hclog" "gopkg.in/square/go-jose.v2/jwt" authv1 "k8s.io/api/authentication/v1" client_metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -20,7 +21,7 @@ import ( func init() { // register this as an available auth method type - authmethod.Register("kubernetes", func(method *structs.ACLAuthMethod) (authmethod.Validator, error) { + authmethod.Register("kubernetes", func(_ hclog.Logger, method *structs.ACLAuthMethod) (authmethod.Validator, error) { v, err := NewValidator(method) if err != nil { return nil, err diff --git a/agent/consul/authmethod/testauth/testing.go b/agent/consul/authmethod/testauth/testing.go index f76053ec4..2b397e935 100644 --- a/agent/consul/authmethod/testauth/testing.go +++ b/agent/consul/authmethod/testauth/testing.go @@ -7,6 +7,7 @@ import ( "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/consul/authmethod" "github.com/hashicorp/consul/agent/structs" + "github.com/hashicorp/go-hclog" "github.com/hashicorp/go-uuid" ) @@ -84,7 +85,7 @@ type Config struct { enterpriseConfig `mapstructure:",squash"` } -func newValidator(method *structs.ACLAuthMethod) (authmethod.Validator, error) { +func newValidator(logger hclog.Logger, method *structs.ACLAuthMethod) (authmethod.Validator, error) { if method.Type != "testing" { return nil, fmt.Errorf("%q is not a testing auth method", method.Name) }