cli: do not log single validation failure on error level, concatenati…

…ng errors in caller function
edgelesssys · Dec 18, 2024 · d8d75fc · d8d75fc
1 parent 1955338
commit d8d75fc
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/internal/attestation/snp/validator.go b/internal/attestation/snp/validator.go
@@ -58,10 +58,13 @@ func (v *Validator) OID() asn1.ObjectIdentifier {
 func (v *Validator) Validate(attDocRaw []byte, nonce []byte, peerPublicKey []byte) (err error) {
 	v.logger.Info("Validate called", "nonce", hex.EncodeToString(nonce))
 	defer func() {
+		// Note: We tolerate Validate() to fail for validators without matching configuration. Only 1 of n validators has to succeed.
+		// Thus the error handling of the validators takes place in the calling function verifyEmbeddedReport().
+		// Do not log any errors in the subroutines and use info to still provide insights of the validation processes.
 		if err != nil {
-			v.logger.Error("Validation failed", "error", err)
+			v.logger.Info("Validation failed", "nonce", hex.EncodeToString(nonce), "error", err)
 		} else {
-			v.logger.Info("Validation successful")
+			v.logger.Info("Validation successful", "nonce", hex.EncodeToString(nonce))
 		}
 	}()