Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cli/genpolicy: by default do not include log-level 'debug' in Contras… #1054

Merged
merged 1 commit into from
Dec 6, 2024
Merged

cli/genpolicy: by default do not include log-level 'debug' in Contras… #1054

merged 1 commit into from
Dec 6, 2024

Conversation

jmxnzo
Copy link
Contributor

@jmxnzo jmxnzo commented Dec 5, 2024
edited
Loading

This PR changes the default logging level of the genpolicy tool back to "info", because re-running the generate step on a deployment with policy annotation results in a runtime error in the Contrast CLI, when matching the genpolicy logging prefix. The runtime error grounds in translating an existing policy annotation, which results in exceeding the buffer size of the scanner used for translation, throwing a 'bufio.Scanner: token too long' error.

Still the RUST_LOG env variable can manually be set to "debug" to allow parsing the debug logs of genpolicy into the Contrast CLI for better troubleshooting, when no policy annotation is already present in the .yml file. Therefore the translation logic added in #1044 is kept in the Contrast CLI for now.

@jmxnzo jmxnzo added the bug fix Fixing a user facing bug label Dec 5, 2024
@jmxnzo jmxnzo requested a review from katexochen December 5, 2024 14:31
@burgerdev
Copy link
Contributor

I found the bug: the log lines including policies exceed the maximum buffer size of bufio: https://pkg.go.dev/bufio#pkg-constants. This leads to an abrupt end of scanner.Scan here, and then nobody reads the tool output and the pipe runs full and blocks.

If scanner.Scan() returns false, scanner.Err() should be checked. If it's not nil, we should consume the remaining input somehow.

burgerdev
burgerdev approved these changes Dec 5, 2024
View reviewed changes
Copy link
Contributor

@burgerdev burgerdev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If there are no objections, I'd like to merge this now in order to make the default settings work now. Let's track and do the bug fix separately.

@jmxnzo
Copy link
Contributor Author

jmxnzo commented Dec 6, 2024

I found the bug: the log lines including policies exceed the maximum buffer size of bufio: https://pkg.go.dev/bufio#pkg-constants. This leads to an abrupt end of scanner.Scan here, and then nobody reads the tool output and the pipe runs full and blocks.

If scanner.Scan() returns false, scanner.Err() should be checked. If it's not nil, we should consume the remaining input somehow.

Yes that's true, i could also reproduce it yesterday. Another option would be to set the buffer of the scanner to another size (see https://pkg.go.dev/bufio#Scanner.Buffer). I'm not sure about which one is preferable for us, so feel free to suggest!

@jmxnzo jmxnzo merged commit 09168b2 into main Dec 6, 2024
11 of 12 checks passed
@jmxnzo jmxnzo deleted the revert/genpolicy-logging-jla branch December 6, 2024 09:23
@jmxnzo jmxnzo mentioned this pull request Dec 9, 2024
Merged
@katexochen katexochen added no changelog PRs not listed in the release notes and removed bug fix Fixing a user facing bug labels Dec 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@burgerdev burgerdev burgerdev approved these changes

@katexochen katexochen Awaiting requested review from katexochen

Assignees
No one assigned
Labels
no changelog PRs not listed in the release notes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jmxnzo @burgerdev @katexochen