Skip to content

Commit 41feb4f

Browse files
s-z-zs-z-z
committed
feat(certwatcher): add instance-specific logger with cert/key context
Signed-off-by: s-z-z <[email protected]>
1 parent 0f4e99e commit 41feb4f

File tree

1 file changed

+11
-8
lines changed

1 file changed

+11
-8
lines changed

pkg/certwatcher/certwatcher.go

Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@ import (
2626
"time"
2727

2828
"github.com/fsnotify/fsnotify"
29+
"github.com/go-logr/logr"
2930
kerrors "k8s.io/apimachinery/pkg/util/errors"
3031
"k8s.io/apimachinery/pkg/util/sets"
3132
"k8s.io/apimachinery/pkg/util/wait"
@@ -47,6 +48,7 @@ type CertWatcher struct {
4748
currentCert *tls.Certificate
4849
watcher *fsnotify.Watcher
4950
interval time.Duration
51+
log logr.Logger
5052

5153
certPath string
5254
keyPath string
@@ -65,6 +67,7 @@ func New(certPath, keyPath string) (*CertWatcher, error) {
6567
certPath: certPath,
6668
keyPath: keyPath,
6769
interval: defaultWatchInterval,
70+
log: log.WithValues("cert", certPath, "key", keyPath),
6871
}
6972

7073
// Initial read of certificate and key.
@@ -130,14 +133,14 @@ func (cw *CertWatcher) Start(ctx context.Context) error {
130133
ticker := time.NewTicker(cw.interval)
131134
defer ticker.Stop()
132135

133-
log.Info("Starting certificate poll+watcher", "interval", cw.interval)
136+
cw.log.Info("Starting certificate poll+watcher", "interval", cw.interval)
134137
for {
135138
select {
136139
case <-ctx.Done():
137140
return cw.watcher.Close()
138141
case <-ticker.C:
139142
if err := cw.ReadCertificate(); err != nil {
140-
log.Error(err, "failed read certificate")
143+
cw.log.Error(err, "failed read certificate")
141144
}
142145
}
143146
}
@@ -160,7 +163,7 @@ func (cw *CertWatcher) Watch() {
160163
return
161164
}
162165

163-
log.Error(err, "certificate watch error")
166+
cw.log.Error(err, "certificate watch error")
164167
}
165168
}
166169
}
@@ -174,7 +177,7 @@ func (cw *CertWatcher) updateCachedCertificate(cert *tls.Certificate, keyPEMBloc
174177
if cw.currentCert != nil &&
175178
bytes.Equal(cw.currentCert.Certificate[0], cert.Certificate[0]) &&
176179
bytes.Equal(cw.cachedKeyPEMBlock, keyPEMBlock) {
177-
log.V(7).Info("certificate already cached")
180+
cw.log.V(7).Info("certificate already cached")
178181
return false
179182
}
180183
cw.currentCert = cert
@@ -208,7 +211,7 @@ func (cw *CertWatcher) ReadCertificate() error {
208211
return nil
209212
}
210213

211-
log.Info("Updated current TLS certificate")
214+
cw.log.Info("Updated current TLS certificate")
212215

213216
// If a callback is registered, invoke it with the new certificate.
214217
cw.RLock()
@@ -229,15 +232,15 @@ func (cw *CertWatcher) handleEvent(event fsnotify.Event) {
229232
case event.Op.Has(fsnotify.Chmod), event.Op.Has(fsnotify.Remove):
230233
// If the file was removed or renamed, re-add the watch to the previous name
231234
if err := cw.watcher.Add(event.Name); err != nil {
232-
log.Error(err, "error re-watching file")
235+
cw.log.Error(err, "error re-watching file")
233236
}
234237
default:
235238
return
236239
}
237240

238-
log.V(1).Info("certificate event", "event", event)
241+
cw.log.V(1).Info("certificate event", "event", event)
239242
if err := cw.ReadCertificate(); err != nil {
240-
log.Error(err, "error re-reading certificate")
243+
cw.log.Error(err, "error re-reading certificate")
241244
}
242245
}
243246

0 commit comments

Comments
 (0)