From c3c3e9087bc15e058eac89b5b130cc73e90c6d33 Mon Sep 17 00:00:00 2001 From: Anis Elleuch Date: Tue, 28 Apr 2020 23:20:40 +0100 Subject: [PATCH] config: More fixes in parsing Audit & Logger env variables (#9474) - Add support of missed legacy Logger webhook - Disable enabling Audit or logger if _ENABLE if not explicitly set to "on". --- cmd/logger/config.go | 100 +++++++++++++++++++++++++++++++++---------- cmd/logger/legacy.go | 3 +- 2 files changed, 79 insertions(+), 24 deletions(-) diff --git a/cmd/logger/config.go b/cmd/logger/config.go index bcb73f6a7..dc520f832 100644 --- a/cmd/logger/config.go +++ b/cmd/logger/config.go @@ -112,9 +112,72 @@ func NewConfig() Config { return cfg } +func lookupLegacyConfig() (Config, error) { + cfg := NewConfig() + + var loggerTargets []string + envs := env.List(legacyEnvLoggerHTTPEndpoint) + for _, k := range envs { + target := strings.TrimPrefix(k, legacyEnvLoggerHTTPEndpoint+config.Default) + if target == legacyEnvLoggerHTTPEndpoint { + target = config.Default + } + loggerTargets = append(loggerTargets, target) + } + + // Load HTTP logger from the environment if found + for _, target := range loggerTargets { + endpointEnv := legacyEnvLoggerHTTPEndpoint + if target != config.Default { + endpointEnv = legacyEnvLoggerHTTPEndpoint + config.Default + target + } + endpoint := env.Get(endpointEnv, "") + if endpoint == "" { + continue + } + cfg.HTTP[target] = HTTP{ + Enabled: true, + Endpoint: endpoint, + } + } + + // List legacy audit ENVs if any. + var loggerAuditTargets []string + envs = env.List(legacyEnvAuditLoggerHTTPEndpoint) + for _, k := range envs { + target := strings.TrimPrefix(k, legacyEnvAuditLoggerHTTPEndpoint+config.Default) + if target == legacyEnvAuditLoggerHTTPEndpoint { + target = config.Default + } + loggerAuditTargets = append(loggerAuditTargets, target) + } + + for _, target := range loggerAuditTargets { + endpointEnv := legacyEnvAuditLoggerHTTPEndpoint + if target != config.Default { + endpointEnv = legacyEnvAuditLoggerHTTPEndpoint + config.Default + target + } + endpoint := env.Get(endpointEnv, "") + if endpoint == "" { + continue + } + cfg.Audit[target] = HTTP{ + Enabled: true, + Endpoint: endpoint, + } + } + + return cfg, nil + +} + // LookupConfig - lookup logger config, override with ENVs if set. func LookupConfig(scfg config.Config) (Config, error) { - cfg := NewConfig() + // Lookup for legacy environment variables first + cfg, err := lookupLegacyConfig() + if err != nil { + return cfg, err + } envs := env.List(EnvLoggerWebhookEndpoint) var loggerTargets []string @@ -136,23 +199,18 @@ func LookupConfig(scfg config.Config) (Config, error) { loggerAuditTargets = append(loggerAuditTargets, target) } - // List legacy ENVs if any. - envs = env.List(EnvAuditLoggerHTTPEndpoint) - for _, k := range envs { - target := strings.TrimPrefix(k, EnvAuditLoggerHTTPEndpoint+config.Default) - if target == EnvAuditLoggerHTTPEndpoint { - target = config.Default - } - loggerAuditTargets = append(loggerAuditTargets, target) - } - // Load HTTP logger from the environment if found for _, target := range loggerTargets { + if v, ok := cfg.HTTP[target]; ok && v.Enabled { + // This target is already enabled using the + // legacy environment variables, ignore. + continue + } enableEnv := EnvLoggerWebhookEnable if target != config.Default { enableEnv = EnvLoggerWebhookEnable + config.Default + target } - enable, err := config.ParseBool(env.Get(enableEnv, config.EnableOn)) + enable, err := config.ParseBool(env.Get(enableEnv, "")) if err != nil || !enable { continue } @@ -172,11 +230,16 @@ func LookupConfig(scfg config.Config) (Config, error) { } for _, target := range loggerAuditTargets { + if v, ok := cfg.Audit[target]; ok && v.Enabled { + // This target is already enabled using the + // legacy environment variables, ignore. + continue + } enableEnv := EnvAuditWebhookEnable if target != config.Default { enableEnv = EnvAuditWebhookEnable + config.Default + target } - enable, err := config.ParseBool(env.Get(enableEnv, config.EnableOn)) + enable, err := config.ParseBool(env.Get(enableEnv, "")) if err != nil || !enable { continue } @@ -184,21 +247,13 @@ func LookupConfig(scfg config.Config) (Config, error) { if target != config.Default { endpointEnv = EnvAuditWebhookEndpoint + config.Default + target } - legacyEndpointEnv := EnvAuditLoggerHTTPEndpoint - if target != config.Default { - legacyEndpointEnv = EnvAuditLoggerHTTPEndpoint + config.Default + target - } - endpoint := env.Get(legacyEndpointEnv, "") - if endpoint == "" { - endpoint = env.Get(endpointEnv, "") - } authTokenEnv := EnvAuditWebhookAuthToken if target != config.Default { authTokenEnv = EnvAuditWebhookAuthToken + config.Default + target } cfg.Audit[target] = HTTP{ Enabled: true, - Endpoint: endpoint, + Endpoint: env.Get(endpointEnv, ""), AuthToken: env.Get(authTokenEnv, ""), } } @@ -217,7 +272,6 @@ func LookupConfig(scfg config.Config) (Config, error) { if err := config.CheckValidKeys(subSysTarget, kv, DefaultKVS); err != nil { return cfg, err } - enabled, err := config.ParseBool(kv.Get(config.Enable)) if err != nil { return cfg, err diff --git a/cmd/logger/legacy.go b/cmd/logger/legacy.go index 06f2cb878..0d37a665d 100644 --- a/cmd/logger/legacy.go +++ b/cmd/logger/legacy.go @@ -20,7 +20,8 @@ import "github.com/minio/minio/cmd/config" // Legacy envs const ( - EnvAuditLoggerHTTPEndpoint = "MINIO_AUDIT_LOGGER_HTTP_ENDPOINT" + legacyEnvAuditLoggerHTTPEndpoint = "MINIO_AUDIT_LOGGER_HTTP_ENDPOINT" + legacyEnvLoggerHTTPEndpoint = "MINIO_LOGGER_HTTP_ENDPOINT" ) // SetLoggerHTTPAudit - helper for migrating older config to newer KV format.