diff --git a/cmd/kyverno/kyverno.go b/cmd/kyverno/kyverno.go index ff1c3bc972..8cfba43fb0 100644 --- a/cmd/kyverno/kyverno.go +++ b/cmd/kyverno/kyverno.go @@ -1,12 +1,20 @@ package main import ( + goflag "flag" "fmt" "os" + "github.com/nirmata/kyverno/pkg/config" kyverno "github.com/nirmata/kyverno/pkg/kyverno" + flag "github.com/spf13/pflag" ) +func init() { + flag.CommandLine.AddGoFlagSet(goflag.CommandLine) + config.LogDefaultFlags() + flag.Parse() +} func main() { cmd := kyverno.NewDefaultKyvernoCommand() diff --git a/init.go b/init.go index d6840d3590..fe0091c01b 100644 --- a/init.go +++ b/init.go @@ -1,8 +1,7 @@ package main import ( - "log" - + "github.com/golang/glog" client "github.com/nirmata/kyverno/pkg/dclient" tls "github.com/nirmata/kyverno/pkg/tls" "github.com/nirmata/kyverno/pkg/version" @@ -12,17 +11,17 @@ import ( func printVersionInfo() { v := version.GetVersion() - log.Printf("Kyverno version: %s\n", v.BuildVersion) - log.Printf("Kyverno BuildHash: %s\n", v.BuildHash) - log.Printf("Kyverno BuildTime: %s\n", v.BuildTime) + glog.Infof("Kyverno version: %s\n", v.BuildVersion) + glog.Infof("Kyverno BuildHash: %s\n", v.BuildHash) + glog.Infof("Kyverno BuildTime: %s\n", v.BuildTime) } func createClientConfig(kubeconfig string) (*rest.Config, error) { if kubeconfig == "" { - log.Printf("Using in-cluster configuration") + glog.Info("Using in-cluster configuration") return rest.InClusterConfig() } - log.Printf("Using configuration from '%s'", kubeconfig) + glog.Infof("Using configuration from '%s'", kubeconfig) return clientcmd.BuildConfigFromFlags("", kubeconfig) } @@ -36,14 +35,14 @@ func initTlsPemPair(configuration *rest.Config, client *client.Client) (*tls.Tls } tlsPair := client.ReadTlsPair(certProps) if tls.IsTlsPairShouldBeUpdated(tlsPair) { - log.Printf("Generating new key/certificate pair for TLS") + glog.Info("Generating new key/certificate pair for TLS") tlsPair, err = client.GenerateTlsPemPair(certProps) if err != nil { return nil, err } err = client.WriteTlsPair(certProps, tlsPair) if err != nil { - log.Printf("Unable to save TLS pair to the cluster: %v", err) + glog.Errorf("Unable to save TLS pair to the cluster: %v", err) } } return tlsPair, nil diff --git a/pkg/engine/engine.go b/pkg/engine/engine.go index 6ea2c7b24f..a2b10ebac2 100644 --- a/pkg/engine/engine.go +++ b/pkg/engine/engine.go @@ -7,7 +7,7 @@ import ( ) // As the logic to process the policies in stateless, we do not need to define struct and implement behaviors for it -// Instead we expose them as standalone functions passing the logger and the required atrributes +// Instead we expose them as standalone functions passing the required atrributes // The each function returns the changes that need to be applied on the resource // the caller is responsible to apply the changes to the resource diff --git a/pkg/engine/generation.go b/pkg/engine/generation.go index f1f27fedb7..eb91ad3944 100644 --- a/pkg/engine/generation.go +++ b/pkg/engine/generation.go @@ -44,8 +44,8 @@ func applyRuleGenerator(client *client.Client, rawResource []byte, generator *ku namespace := ParseNameFromObject(rawResource) err = client.GenerateResource(*generator, namespace) if err != nil { - return fmt.Errorf("Unable to apply generator for %s %s: %v", generator.Kind, namespace, err) + return fmt.Errorf("Unable to apply generator for %s '%s/%s' : %v", generator.Kind, namespace, generator.Name, err) } - glog.Infof("Successfully applied generator %s", generator.Kind) + glog.Infof("Successfully applied generator %s/%s", generator.Kind, generator.Name) return nil } diff --git a/pkg/engine/mutation.go b/pkg/engine/mutation.go index 3d387d6f55..706cb7347c 100644 --- a/pkg/engine/mutation.go +++ b/pkg/engine/mutation.go @@ -1,8 +1,7 @@ package engine import ( - "log" - + "github.com/golang/glog" kubepolicy "github.com/nirmata/kyverno/pkg/apis/policy/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -22,7 +21,7 @@ func Mutate(policy kubepolicy.Policy, rawResource []byte, gvk metav1.GroupVersio ok := ResourceMeetsDescription(rawResource, rule.ResourceDescription, gvk) if !ok { - log.Printf("Rule \"%s\" is not applicable to resource\n", rule.Name) + glog.Infof("Rule \"%s\" is not applicable to resource\n", rule.Name) continue } @@ -31,7 +30,7 @@ func Mutate(policy kubepolicy.Policy, rawResource []byte, gvk metav1.GroupVersio if rule.Mutation.Overlay != nil { overlayPatches, err := ProcessOverlay(policy, rawResource, gvk) if err != nil { - log.Printf("Overlay application has failed for rule %s in policy %s, err: %v\n", rule.Name, policy.ObjectMeta.Name, err) + glog.Warningf("Overlay application has failed for rule %s in policy %s, err: %v\n", rule.Name, policy.ObjectMeta.Name, err) } else { policyPatches = append(policyPatches, overlayPatches...) } @@ -42,7 +41,7 @@ func Mutate(policy kubepolicy.Policy, rawResource []byte, gvk metav1.GroupVersio if rule.Mutation.Patches != nil { processedPatches, patchedDocument, err = ProcessPatches(rule.Mutation.Patches, patchedDocument) if err != nil { - log.Printf("Patches application has failed for rule %s in policy %s, err: %v\n", rule.Name, policy.ObjectMeta.Name, err) + glog.Warningf("Patches application has failed for rule %s in policy %s, err: %v\n", rule.Name, policy.ObjectMeta.Name, err) } else { policyPatches = append(policyPatches, processedPatches...) } diff --git a/pkg/engine/overlay.go b/pkg/engine/overlay.go index a5b5042b86..5765ee30ef 100644 --- a/pkg/engine/overlay.go +++ b/pkg/engine/overlay.go @@ -3,11 +3,11 @@ package engine import ( "encoding/json" "fmt" - "log" "reflect" "strconv" jsonpatch "github.com/evanphx/json-patch" + "github.com/golang/glog" kubepolicy "github.com/nirmata/kyverno/pkg/apis/policy/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -28,7 +28,7 @@ func ProcessOverlay(policy kubepolicy.Policy, rawResource []byte, gvk metav1.Gro ok := ResourceMeetsDescription(rawResource, rule.ResourceDescription, gvk) if !ok { - log.Printf("Rule \"%s\" is not applicable to resource\n", rule.Name) + glog.Infof("Rule \"%s\" is not applicable to resource\n", rule.Name) continue } diff --git a/pkg/engine/patches.go b/pkg/engine/patches.go index fafd488d70..deed7967bf 100644 --- a/pkg/engine/patches.go +++ b/pkg/engine/patches.go @@ -3,9 +3,9 @@ package engine import ( "encoding/json" "errors" - "log" jsonpatch "github.com/evanphx/json-patch" + "github.com/golang/glog" kubepolicy "github.com/nirmata/kyverno/pkg/apis/policy/v1alpha1" ) @@ -32,7 +32,7 @@ func ProcessPatches(patches []kubepolicy.Patch, resource []byte) ([]PatchBytes, if patch.Operation == "remove" { continue } - log.Printf("Patch failed: patch number = %d, patch Operation = %s, err: %v", i, patch.Operation, err) + glog.Warningf("Patch failed: patch number = %d, patch Operation = %s, err: %v", i, patch.Operation, err) continue } diff --git a/pkg/engine/pattern.go b/pkg/engine/pattern.go index 77ff51ffbd..7b18f3664a 100644 --- a/pkg/engine/pattern.go +++ b/pkg/engine/pattern.go @@ -2,12 +2,13 @@ package engine import ( "fmt" - "log" "math" "regexp" "strconv" "strings" + "github.com/golang/glog" + "github.com/minio/minio/pkg/wildcard" ) @@ -35,7 +36,7 @@ func ValidateValueWithPattern(value, pattern interface{}) bool { case bool: typedValue, ok := value.(bool) if !ok { - log.Printf("Expected bool, found %T", value) + glog.Warningf("Expected bool, found %T", value) return false } return typedPattern == typedValue @@ -50,10 +51,10 @@ func ValidateValueWithPattern(value, pattern interface{}) bool { case nil: return validateValueWithNilPattern(value) case map[string]interface{}, []interface{}: - log.Println("Maps and arrays as patterns are not supported") + glog.Warning("Maps and arrays as patterns are not supported") return false default: - log.Printf("Unknown type as pattern: %T\n", pattern) + glog.Warningf("Unknown type as pattern: %T\n", pattern) return false } } @@ -70,10 +71,10 @@ func validateValueWithIntPattern(value interface{}, pattern int64) bool { return int64(typedValue) == pattern } - log.Printf("Expected int, found float: %f\n", typedValue) + glog.Warningf("Expected int, found float: %f\n", typedValue) return false default: - log.Printf("Expected int, found: %T\n", value) + glog.Warningf("Expected int, found: %T\n", value) return false } } @@ -86,12 +87,12 @@ func validateValueWithFloatPattern(value interface{}, pattern float64) bool { return int(pattern) == value } - log.Printf("Expected float, found int: %d\n", typedValue) + glog.Warningf("Expected float, found int: %d\n", typedValue) return false case float64: return typedValue == pattern default: - log.Printf("Expected float, found: %T\n", value) + glog.Warningf("Expected float, found: %T\n", value) return false } } @@ -111,10 +112,10 @@ func validateValueWithNilPattern(value interface{}) bool { case nil: return true case map[string]interface{}, []interface{}: - log.Println("Maps and arrays could not be checked with nil pattern") + glog.Warningf("Maps and arrays could not be checked with nil pattern") return false default: - log.Printf("Unknown type as value when checking for nil pattern: %T\n", value) + glog.Warningf("Unknown type as value when checking for nil pattern: %T\n", value) return false } } @@ -147,7 +148,7 @@ func validateString(value interface{}, pattern string, operator Operator) bool { if NotEqual == operator || Equal == operator { strValue, ok := value.(string) if !ok { - log.Printf("Expected string, found %T\n", value) + glog.Warningf("Expected string, found %T\n", value) return false } @@ -160,7 +161,7 @@ func validateString(value interface{}, pattern string, operator Operator) bool { return wildcardResult } - log.Println("Operators >, >=, <, <= are not applicable to strings") + glog.Warningf("Operators >, >=, <, <= are not applicable to strings") return false } @@ -168,13 +169,13 @@ func validateNumberWithStr(value interface{}, patternNumber, patternStr string, if "" != patternStr { typedValue, ok := value.(string) if !ok { - log.Printf("Number must have suffix: %s", patternStr) + glog.Warningf("Number must have suffix: %s", patternStr) return false } valueNumber, valueStr := getNumberAndStringPartsFromPattern(typedValue) if !wildcard.Match(patternStr, valueStr) { - log.Printf("Suffix %s has not passed wildcard check: %s", valueStr, patternStr) + glog.Warningf("Suffix %s has not passed wildcard check: %s", valueStr, patternStr) return false } diff --git a/pkg/engine/validation.go b/pkg/engine/validation.go index 3c107e4070..ab9412d8ea 100644 --- a/pkg/engine/validation.go +++ b/pkg/engine/validation.go @@ -3,8 +3,8 @@ package engine import ( "encoding/json" "fmt" - "log" + "github.com/golang/glog" kubepolicy "github.com/nirmata/kyverno/pkg/apis/policy/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -25,7 +25,7 @@ func Validate(policy kubepolicy.Policy, rawResource []byte, gvk metav1.GroupVers ok := ResourceMeetsDescription(rawResource, rule.ResourceDescription, gvk) if !ok { - log.Printf("Rule \"%s\" is not applicable to resource\n", rule.Name) + glog.Infof("Rule \"%s\" is not applicable to resource\n", rule.Name) continue } diff --git a/pkg/kyverno/apply/apply.go b/pkg/kyverno/apply/apply.go index 785cfc15bf..f19d76b878 100644 --- a/pkg/kyverno/apply/apply.go +++ b/pkg/kyverno/apply/apply.go @@ -10,6 +10,7 @@ import ( "path/filepath" "strings" + "github.com/golang/glog" kubepolicy "github.com/nirmata/kyverno/pkg/apis/policy/v1alpha1" "github.com/nirmata/kyverno/pkg/engine" "github.com/spf13/cobra" @@ -29,9 +30,9 @@ func NewCmdApply(in io.Reader, out, errout io.Writer) *cobra.Command { Short: "Apply policy on the resource(s)", Example: applyExample, Run: func(cmd *cobra.Command, args []string) { + defer glog.Flush() var output string policy, resources := complete(args) - for _, resource := range resources { patchedDocument, err := applyPolicy(policy, resource.rawResource, resource.gvk) if err != nil {