Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(proxy-injector): handle proxy-log-level with quotes #13480

Merged
merged 1 commit into from
Dec 13, 2024
Merged

fix(proxy-injector): handle proxy-log-level with quotes #13480

merged 1 commit into from
Dec 13, 2024

Conversation

olix0r
Copy link
Member

@olix0r olix0r commented Dec 12, 2024
edited
Loading

The proxy accepts log filters in the form target[fields...]=level, where a
field may include a value match. This leads to log filters like
linkerd[name="outbound"]=debug.

When a log filter is configured via annotation or Helm, the proxy-injector fails
to properly quote the log environment variable, leading to a failure to patch
resources properly.

To fix this, this change ensures that the log level is quoted, which properly
escapes any quotes in the filter itself.

@olix0r olix0r force-pushed the ver/log-level-quoting branch from 772aab5 to b35fa5f Compare December 12, 2024 23:02
@adleong
Copy link
Member

adleong commented Dec 12, 2024

For my education, can you give an example of an incorrectly quoted value generated by the old code and then what a properly quoted value generated by the new code looks like?

@olix0r
Copy link
Member Author

olix0r commented Dec 12, 2024
edited
Loading

@adleong

For my education, can you give an example of an incorrectly quoted value generated by the old code and then what a properly quoted value generated by the new code looks like?

linkerd2/controller/proxy-injector/fake/data/pod-inject-enabled-log-level.yaml

Lines 6 to 7 in b35fa5f

annotations:
config.linkerd.io/proxy-log-level: linkerd[name="inbound"]=trace,linkerd[name="outbound"]=debug,info

should render as:

linkerd2/controller/proxy-injector/fake/data/pod-log-level.json

Line 155 in b35fa5f

"value": "linkerd[name=\"inbound\"]=trace,linkerd[name=\"outbound\"]=debug,info,[{headers}]=off,[{request}]=off"

Without the fix, the generated yaml from

linkerd2/charts/partials/templates/_proxy.tpl

Line 37 in c16f08c

value: "{{.Values.proxy.logLevel}}{{ if not (eq .Values.proxy.logHTTPHeaders "insecure") }},[{headers}]=off,[{request}]=off{{ end }}"

renders as:

value: "linkerd[name="inbound"]=trace,linkerd[name="outbound"]=debug,info,[{headers}]=off,[{request}]=off"

This isn't valid YAML.

:; yq . <<EOF
value: "linkerd[name="inbound"]=trace,linkerd[name="outbound"]=debug,info,[{headers}]=off,[{request}]=off" 
EOF
Error: bad file '-': yaml: did not find expected key

We need to use quote to escape the inner quotes.

:; yq . <<EOF
value: "linkerd[name=\"inbound\"]=trace,linkerd[name=\"outbound\"]=debug,info,[{headers}]=off,[{request}]=off"
EOF
value: "linkerd[name=\"inbound\"]=trace,linkerd[name=\"outbound\"]=debug,info,[{headers}]=off,[{request}]=off"

Base automatically changed from ver/proxy-injector-cleanup to main December 12, 2024 23:39
@olix0r
fix(proxy-injector): handle proxy-log-level with quotes
a63c85f 
The proxy accepts log filters in the form `target[fields...]=level`, where a
field may include a value match. This leads to log filters like
`linkerd[name="outbound"]=debug`.

When a log filter is configured via annotation or Helm, the proxy-injector fails
to properly quote the log environment variable, leading to a failure to patch
resources properly.

To fix this, this change ensures that the log level is quoted, which properly
escapes any quotes in the filter itself.
@olix0r olix0r force-pushed the ver/log-level-quoting branch from b35fa5f to a63c85f Compare December 12, 2024 23:48
@olix0r olix0r marked this pull request as ready for review December 12, 2024 23:48
@olix0r olix0r requested a review from a team as a code owner December 12, 2024 23:48
@olix0r olix0r enabled auto-merge (squash) December 13, 2024 00:13
@olix0r olix0r merged commit f5b82f2 into main Dec 13, 2024
40 checks passed
@olix0r olix0r deleted the ver/log-level-quoting branch December 13, 2024 20:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adleong adleong adleong approved these changes

Assignees

@adleong adleong

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@olix0r @adleong