From d8d75fc35a433f684cc7d5c32311a0504ab62325 Mon Sep 17 00:00:00 2001
From: jmxnzo <jakob.lammering@ruhr-uni-bochum.de>
Date: Wed, 18 Dec 2024 11:53:42 +0100
Subject: [PATCH] cli: do not log single validation failure on error level,
 concatenating errors in caller function

---
 internal/attestation/snp/validator.go | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/internal/attestation/snp/validator.go b/internal/attestation/snp/validator.go
index 86aa59fc0..59579b192 100644
--- a/internal/attestation/snp/validator.go
+++ b/internal/attestation/snp/validator.go
@@ -58,10 +58,13 @@ func (v *Validator) OID() asn1.ObjectIdentifier {
 func (v *Validator) Validate(attDocRaw []byte, nonce []byte, peerPublicKey []byte) (err error) {
 	v.logger.Info("Validate called", "nonce", hex.EncodeToString(nonce))
 	defer func() {
+		// Note: We tolerate Validate() to fail for validators without matching configuration. Only 1 of n validators has to succeed.
+		// Thus the error handling of the validators takes place in the calling function verifyEmbeddedReport().
+		// Do not log any errors in the subroutines and use info to still provide insights of the validation processes.
 		if err != nil {
-			v.logger.Error("Validation failed", "error", err)
+			v.logger.Info("Validation failed", "nonce", hex.EncodeToString(nonce), "error", err)
 		} else {
-			v.logger.Info("Validation successful")
+			v.logger.Info("Validation successful", "nonce", hex.EncodeToString(nonce))
 		}
 	}()