From 93e71bd82a741e0387fe44daf5d8cb8bd77aa235 Mon Sep 17 00:00:00 2001 From: Anton Miniailo Date: Thu, 15 Feb 2024 09:26:41 -0500 Subject: [PATCH 1/5] Fix logging output for 'teleport configure' commands. --- lib/integrations/awsoidc/access_graph_aws_sync.go | 2 +- .../awsoidc/deployservice_iam_config.go | 2 +- lib/integrations/awsoidc/eice_iam_config.go | 2 +- lib/integrations/awsoidc/eks_iam_config.go | 2 +- lib/integrations/awsoidc/idp_iam_config.go | 2 +- tool/teleport/common/teleport.go | 15 +++++++++++++++ 6 files changed, 20 insertions(+), 5 deletions(-) diff --git a/lib/integrations/awsoidc/access_graph_aws_sync.go b/lib/integrations/awsoidc/access_graph_aws_sync.go index a37982693480d..087b52c096e82 100644 --- a/lib/integrations/awsoidc/access_graph_aws_sync.go +++ b/lib/integrations/awsoidc/access_graph_aws_sync.go @@ -20,11 +20,11 @@ package awsoidc import ( "context" - "log" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/service/iam" "github.com/gravitational/trace" + log "github.com/sirupsen/logrus" awslib "github.com/gravitational/teleport/lib/cloud/aws" ) diff --git a/lib/integrations/awsoidc/deployservice_iam_config.go b/lib/integrations/awsoidc/deployservice_iam_config.go index a3e5c0964369a..4e3fcbb0859e5 100644 --- a/lib/integrations/awsoidc/deployservice_iam_config.go +++ b/lib/integrations/awsoidc/deployservice_iam_config.go @@ -20,13 +20,13 @@ package awsoidc import ( "context" - "log" "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/service/iam" "github.com/aws/aws-sdk-go-v2/service/sts" "github.com/gravitational/trace" + log "github.com/sirupsen/logrus" awsapiutils "github.com/gravitational/teleport/api/utils/aws" awslib "github.com/gravitational/teleport/lib/cloud/aws" diff --git a/lib/integrations/awsoidc/eice_iam_config.go b/lib/integrations/awsoidc/eice_iam_config.go index 58703551888f7..198e3051d277a 100644 --- a/lib/integrations/awsoidc/eice_iam_config.go +++ b/lib/integrations/awsoidc/eice_iam_config.go @@ -20,11 +20,11 @@ package awsoidc import ( "context" - "log" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/service/iam" "github.com/gravitational/trace" + log "github.com/sirupsen/logrus" awslib "github.com/gravitational/teleport/lib/cloud/aws" ) diff --git a/lib/integrations/awsoidc/eks_iam_config.go b/lib/integrations/awsoidc/eks_iam_config.go index 413c4e5634154..5de77ede7a046 100644 --- a/lib/integrations/awsoidc/eks_iam_config.go +++ b/lib/integrations/awsoidc/eks_iam_config.go @@ -20,11 +20,11 @@ package awsoidc import ( "context" - "log" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/service/iam" "github.com/gravitational/trace" + log "github.com/sirupsen/logrus" awslib "github.com/gravitational/teleport/lib/cloud/aws" ) diff --git a/lib/integrations/awsoidc/idp_iam_config.go b/lib/integrations/awsoidc/idp_iam_config.go index ed54808bb93a5..348a6f9aa2b58 100644 --- a/lib/integrations/awsoidc/idp_iam_config.go +++ b/lib/integrations/awsoidc/idp_iam_config.go @@ -20,7 +20,6 @@ package awsoidc import ( "context" - "log" "net/url" "github.com/aws/aws-sdk-go-v2/aws" @@ -28,6 +27,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/iam" "github.com/aws/aws-sdk-go-v2/service/sts" "github.com/gravitational/trace" + log "github.com/sirupsen/logrus" "github.com/gravitational/teleport/api/types" awslib "github.com/gravitational/teleport/lib/cloud/aws" diff --git a/tool/teleport/common/teleport.go b/tool/teleport/common/teleport.go index 29d1e72b16071..6287b0121301a 100644 --- a/tool/teleport/common/teleport.go +++ b/tool/teleport/common/teleport.go @@ -958,6 +958,9 @@ func onJoinOpenSSH(clf config.CommandLineFlags, conf *servicecfg.Config) error { func onIntegrationConfDeployService(params config.IntegrationConfDeployServiceIAM) error { ctx := context.Background() + // Ensure we print output to the user. LogLevel at this point was set to Error. + log.SetLevel(log.InfoLevel) + iamClient, err := awsoidc.NewDeployServiceIAMConfigureClient(ctx, params.Region) if err != nil { return trace.Wrap(err) @@ -980,6 +983,9 @@ func onIntegrationConfDeployService(params config.IntegrationConfDeployServiceIA func onIntegrationConfEICEIAM(params config.IntegrationConfEICEIAM) error { ctx := context.Background() + // Ensure we print output to the user. LogLevel at this point was set to Error. + log.SetLevel(log.InfoLevel) + iamClient, err := awsoidc.NewEICEIAMConfigureClient(ctx, params.Region) if err != nil { return trace.Wrap(err) @@ -999,6 +1005,9 @@ func onIntegrationConfEICEIAM(params config.IntegrationConfEICEIAM) error { func onIntegrationConfEKSIAM(params config.IntegrationConfEKSIAM) error { ctx := context.Background() + // Ensure we print output to the user. LogLevel at this point was set to Error. + log.SetLevel(log.InfoLevel) + iamClient, err := awsoidc.NewEKSIAMConfigureClient(ctx, params.Region) if err != nil { return trace.Wrap(err) @@ -1018,6 +1027,9 @@ func onIntegrationConfEKSIAM(params config.IntegrationConfEKSIAM) error { func onIntegrationConfAWSOIDCIdP(params config.IntegrationConfAWSOIDCIdP) error { ctx := context.Background() + // Ensure we print output to the user. LogLevel at this point was set to Error. + log.SetLevel(log.InfoLevel) + iamClient, err := awsoidc.NewIdPIAMConfigureClient(ctx) if err != nil { return trace.Wrap(err) @@ -1101,6 +1113,9 @@ func onIntegrationConfExternalAuditCmd(params easconfig.ExternalAuditStorageConf func onIntegrationConfAccessGraphAWSSync(params config.IntegrationConfAccessGraphAWSSync) error { ctx := context.Background() + // Ensure we print output to the user. LogLevel at this point was set to Error. + log.SetLevel(log.InfoLevel) + iamClient, err := awsoidc.NewAccessGraphIAMConfigureClient(ctx) if err != nil { return trace.Wrap(err) From bd145f47d27ad84ea97d6a05f4e6fb4e317cf748 Mon Sep 17 00:00:00 2001 From: Anton Miniailo Date: Fri, 16 Feb 2024 02:09:51 -0500 Subject: [PATCH 2/5] Change imported log package name and don't overwrite debug level. --- .../awsoidc/access_graph_aws_sync.go | 4 ++-- .../awsoidc/deployservice_iam_config.go | 10 ++++---- lib/integrations/awsoidc/eice_iam_config.go | 4 ++-- lib/integrations/awsoidc/eks_iam_config.go | 4 ++-- lib/integrations/awsoidc/idp_iam_config.go | 8 +++---- .../awsoidc/listdatabases_iam_config.go | 4 ++-- tool/teleport/common/teleport.go | 24 ++++++++++++++----- 7 files changed, 35 insertions(+), 23 deletions(-) diff --git a/lib/integrations/awsoidc/access_graph_aws_sync.go b/lib/integrations/awsoidc/access_graph_aws_sync.go index 087b52c096e82..833c722eecef7 100644 --- a/lib/integrations/awsoidc/access_graph_aws_sync.go +++ b/lib/integrations/awsoidc/access_graph_aws_sync.go @@ -24,7 +24,7 @@ import ( "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/service/iam" "github.com/gravitational/trace" - log "github.com/sirupsen/logrus" + "github.com/sirupsen/logrus" awslib "github.com/gravitational/teleport/lib/cloud/aws" ) @@ -108,6 +108,6 @@ func ConfigureAccessGraphSyncIAM(ctx context.Context, clt AccessGraphIAMConfigur return trace.Wrap(err) } - log.Printf("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleTAGPolicy, req.IntegrationRole) + logrus.Printf("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleTAGPolicy, req.IntegrationRole) return nil } diff --git a/lib/integrations/awsoidc/deployservice_iam_config.go b/lib/integrations/awsoidc/deployservice_iam_config.go index 4e3fcbb0859e5..ca9b55a7d1d60 100644 --- a/lib/integrations/awsoidc/deployservice_iam_config.go +++ b/lib/integrations/awsoidc/deployservice_iam_config.go @@ -26,7 +26,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/iam" "github.com/aws/aws-sdk-go-v2/service/sts" "github.com/gravitational/trace" - log "github.com/sirupsen/logrus" + "github.com/sirupsen/logrus" awsapiutils "github.com/gravitational/teleport/api/utils/aws" awslib "github.com/gravitational/teleport/lib/cloud/aws" @@ -245,7 +245,7 @@ func createBoundaryPolicyForTaskRole(ctx context.Context, clt DeployServiceIAMCo return trace.Wrap(convertedErr) } - log.Printf("TaskRole: Boundary Policy %q created.\n", req.TaskRoleBoundaryPolicyName) + logrus.Printf("TaskRole: Boundary Policy %q created.\n", req.TaskRoleBoundaryPolicyName) return nil } @@ -275,7 +275,7 @@ func createTaskRole(ctx context.Context, clt DeployServiceIAMConfigureClient, re return trace.Wrap(convertedErr) } - log.Printf("TaskRole: Role %q created with Boundary %q.\n", req.TaskRole, policyARNForRoleBoundary) + logrus.Printf("TaskRole: Role %q created with Boundary %q.\n", req.TaskRole, policyARNForRoleBoundary) return nil } @@ -302,7 +302,7 @@ func addPolicyToTaskRole(ctx context.Context, clt DeployServiceIAMConfigureClien return trace.Wrap(err) } - log.Printf("TaskRole: IAM Policy %q added to Role %q.\n", req.TaskRole, req.TaskRole) + logrus.Printf("TaskRole: IAM Policy %q added to Role %q.\n", req.TaskRole, req.TaskRole) return nil } @@ -331,6 +331,6 @@ func addPolicyToIntegrationRole(ctx context.Context, clt DeployServiceIAMConfigu return trace.Wrap(err) } - log.Printf("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleDeployServicePolicy, req.IntegrationRole) + logrus.Printf("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleDeployServicePolicy, req.IntegrationRole) return nil } diff --git a/lib/integrations/awsoidc/eice_iam_config.go b/lib/integrations/awsoidc/eice_iam_config.go index 198e3051d277a..0d726d229d211 100644 --- a/lib/integrations/awsoidc/eice_iam_config.go +++ b/lib/integrations/awsoidc/eice_iam_config.go @@ -24,7 +24,7 @@ import ( "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/service/iam" "github.com/gravitational/trace" - log "github.com/sirupsen/logrus" + "github.com/sirupsen/logrus" awslib "github.com/gravitational/teleport/lib/cloud/aws" ) @@ -142,6 +142,6 @@ func ConfigureEICEIAM(ctx context.Context, clt EICEIAMConfigureClient, req EICEI return trace.Wrap(err) } - log.Printf("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleEICEPolicy, req.IntegrationRole) + logrus.Printf("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleEICEPolicy, req.IntegrationRole) return nil } diff --git a/lib/integrations/awsoidc/eks_iam_config.go b/lib/integrations/awsoidc/eks_iam_config.go index 5de77ede7a046..f021ec66dcc32 100644 --- a/lib/integrations/awsoidc/eks_iam_config.go +++ b/lib/integrations/awsoidc/eks_iam_config.go @@ -24,7 +24,7 @@ import ( "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/service/iam" "github.com/gravitational/trace" - log "github.com/sirupsen/logrus" + "github.com/sirupsen/logrus" awslib "github.com/gravitational/teleport/lib/cloud/aws" ) @@ -129,6 +129,6 @@ func ConfigureEKSIAM(ctx context.Context, clt EKSIAMConfigureClient, req EKSIAMC return trace.Wrap(err) } - log.Printf("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleEKSPolicy, req.IntegrationRole) + logrus.Printf("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleEKSPolicy, req.IntegrationRole) return nil } diff --git a/lib/integrations/awsoidc/idp_iam_config.go b/lib/integrations/awsoidc/idp_iam_config.go index 348a6f9aa2b58..12c10488be6e1 100644 --- a/lib/integrations/awsoidc/idp_iam_config.go +++ b/lib/integrations/awsoidc/idp_iam_config.go @@ -27,7 +27,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/iam" "github.com/aws/aws-sdk-go-v2/service/sts" "github.com/gravitational/trace" - log "github.com/sirupsen/logrus" + "github.com/sirupsen/logrus" "github.com/gravitational/teleport/api/types" awslib "github.com/gravitational/teleport/lib/cloud/aws" @@ -158,7 +158,7 @@ func ConfigureIdPIAM(ctx context.Context, clt IdPIAMConfigureClient, req IdPIAMC if err != nil { return trace.Wrap(err) } - log.Printf("Using the following thumbprint: %s", thumbprint) + logrus.Printf("Using the following thumbprint: %s", thumbprint) createOIDCResp, err := clt.CreateOpenIDConnectProvider(ctx, &iam.CreateOpenIDConnectProviderInput{ ThumbprintList: []string{thumbprint}, @@ -172,13 +172,13 @@ func ConfigureIdPIAM(ctx context.Context, clt IdPIAMConfigureClient, req IdPIAMC } return trace.Wrap(err) } - log.Printf("IAM OpenID Connect Provider created: url=%q arn=%q.", req.ProxyPublicAddress, aws.ToString(createOIDCResp.OpenIDConnectProviderArn)) + logrus.Printf("IAM OpenID Connect Provider created: url=%q arn=%q.", req.ProxyPublicAddress, aws.ToString(createOIDCResp.OpenIDConnectProviderArn)) createdIdpIAMRoleArn, err := createIdPIAMRole(ctx, clt, req) if err != nil { return trace.Wrap(err) } - log.Printf("IAM Role created: name=%q arn=%q", req.IntegrationRole, aws.ToString(createdIdpIAMRoleArn)) + logrus.Printf("IAM Role created: name=%q arn=%q", req.IntegrationRole, aws.ToString(createdIdpIAMRoleArn)) return nil } diff --git a/lib/integrations/awsoidc/listdatabases_iam_config.go b/lib/integrations/awsoidc/listdatabases_iam_config.go index bfe7cc2973503..2e10762624ac7 100644 --- a/lib/integrations/awsoidc/listdatabases_iam_config.go +++ b/lib/integrations/awsoidc/listdatabases_iam_config.go @@ -23,7 +23,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/iam" "github.com/gravitational/trace" - log "github.com/sirupsen/logrus" + "github.com/sirupsen/logrus" awslib "github.com/gravitational/teleport/lib/cloud/aws" ) @@ -93,7 +93,7 @@ func ConfigureListDatabasesIAM(ctx context.Context, clt ListDatabasesIAMConfigur return trace.Wrap(err) } - log.WithFields(log.Fields{ + logrus.WithFields(logrus.Fields{ "policy": defaultPolicyNameForListDatabases, "role": req.IntegrationRole, }).Info("Added Inline Policy to IAM Role") diff --git a/tool/teleport/common/teleport.go b/tool/teleport/common/teleport.go index 6287b0121301a..f7811aed51f53 100644 --- a/tool/teleport/common/teleport.go +++ b/tool/teleport/common/teleport.go @@ -959,7 +959,9 @@ func onIntegrationConfDeployService(params config.IntegrationConfDeployServiceIA ctx := context.Background() // Ensure we print output to the user. LogLevel at this point was set to Error. - log.SetLevel(log.InfoLevel) + if log.GetLevel() < log.InfoLevel { + log.SetLevel(log.InfoLevel) + } iamClient, err := awsoidc.NewDeployServiceIAMConfigureClient(ctx, params.Region) if err != nil { @@ -984,7 +986,9 @@ func onIntegrationConfEICEIAM(params config.IntegrationConfEICEIAM) error { ctx := context.Background() // Ensure we print output to the user. LogLevel at this point was set to Error. - log.SetLevel(log.InfoLevel) + if log.GetLevel() < log.InfoLevel { + log.SetLevel(log.InfoLevel) + } iamClient, err := awsoidc.NewEICEIAMConfigureClient(ctx, params.Region) if err != nil { @@ -1006,7 +1010,9 @@ func onIntegrationConfEKSIAM(params config.IntegrationConfEKSIAM) error { ctx := context.Background() // Ensure we print output to the user. LogLevel at this point was set to Error. - log.SetLevel(log.InfoLevel) + if log.GetLevel() < log.InfoLevel { + log.SetLevel(log.InfoLevel) + } iamClient, err := awsoidc.NewEKSIAMConfigureClient(ctx, params.Region) if err != nil { @@ -1028,7 +1034,9 @@ func onIntegrationConfAWSOIDCIdP(params config.IntegrationConfAWSOIDCIdP) error ctx := context.Background() // Ensure we print output to the user. LogLevel at this point was set to Error. - log.SetLevel(log.InfoLevel) + if log.GetLevel() < log.InfoLevel { + log.SetLevel(log.InfoLevel) + } iamClient, err := awsoidc.NewIdPIAMConfigureClient(ctx) if err != nil { @@ -1053,7 +1061,9 @@ func onIntegrationConfListDatabasesIAM(params config.IntegrationConfListDatabase // Ensure we show progress to the user. // LogLevel at this point is set to Error. - log.SetLevel(log.InfoLevel) + if log.GetLevel() < log.InfoLevel { + log.SetLevel(log.InfoLevel) + } if params.Region == "" { return trace.BadParameter("region is required") @@ -1114,7 +1124,9 @@ func onIntegrationConfAccessGraphAWSSync(params config.IntegrationConfAccessGrap ctx := context.Background() // Ensure we print output to the user. LogLevel at this point was set to Error. - log.SetLevel(log.InfoLevel) + if log.GetLevel() < log.InfoLevel { + log.SetLevel(log.InfoLevel) + } iamClient, err := awsoidc.NewAccessGraphIAMConfigureClient(ctx) if err != nil { From 87895350806f0356ea75c0e0e9df2686f153a346 Mon Sep 17 00:00:00 2001 From: Anton Miniailo Date: Fri, 16 Feb 2024 17:34:00 -0500 Subject: [PATCH 3/5] Use Infof() instead of Printf() --- lib/integrations/awsoidc/access_graph_aws_sync.go | 2 +- lib/integrations/awsoidc/deployservice_iam_config.go | 8 ++++---- lib/integrations/awsoidc/eice_iam_config.go | 2 +- lib/integrations/awsoidc/eks_iam_config.go | 2 +- lib/integrations/awsoidc/idp_iam_config.go | 6 +++--- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/integrations/awsoidc/access_graph_aws_sync.go b/lib/integrations/awsoidc/access_graph_aws_sync.go index 833c722eecef7..cf9903b3231a8 100644 --- a/lib/integrations/awsoidc/access_graph_aws_sync.go +++ b/lib/integrations/awsoidc/access_graph_aws_sync.go @@ -108,6 +108,6 @@ func ConfigureAccessGraphSyncIAM(ctx context.Context, clt AccessGraphIAMConfigur return trace.Wrap(err) } - logrus.Printf("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleTAGPolicy, req.IntegrationRole) + logrus.Infof("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleTAGPolicy, req.IntegrationRole) return nil } diff --git a/lib/integrations/awsoidc/deployservice_iam_config.go b/lib/integrations/awsoidc/deployservice_iam_config.go index ca9b55a7d1d60..3a59e6c9694b3 100644 --- a/lib/integrations/awsoidc/deployservice_iam_config.go +++ b/lib/integrations/awsoidc/deployservice_iam_config.go @@ -245,7 +245,7 @@ func createBoundaryPolicyForTaskRole(ctx context.Context, clt DeployServiceIAMCo return trace.Wrap(convertedErr) } - logrus.Printf("TaskRole: Boundary Policy %q created.\n", req.TaskRoleBoundaryPolicyName) + logrus.Infof("TaskRole: Boundary Policy %q created.\n", req.TaskRoleBoundaryPolicyName) return nil } @@ -275,7 +275,7 @@ func createTaskRole(ctx context.Context, clt DeployServiceIAMConfigureClient, re return trace.Wrap(convertedErr) } - logrus.Printf("TaskRole: Role %q created with Boundary %q.\n", req.TaskRole, policyARNForRoleBoundary) + logrus.Infof("TaskRole: Role %q created with Boundary %q.\n", req.TaskRole, policyARNForRoleBoundary) return nil } @@ -302,7 +302,7 @@ func addPolicyToTaskRole(ctx context.Context, clt DeployServiceIAMConfigureClien return trace.Wrap(err) } - logrus.Printf("TaskRole: IAM Policy %q added to Role %q.\n", req.TaskRole, req.TaskRole) + logrus.Infof("TaskRole: IAM Policy %q added to Role %q.\n", req.TaskRole, req.TaskRole) return nil } @@ -331,6 +331,6 @@ func addPolicyToIntegrationRole(ctx context.Context, clt DeployServiceIAMConfigu return trace.Wrap(err) } - logrus.Printf("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleDeployServicePolicy, req.IntegrationRole) + logrus.Infof("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleDeployServicePolicy, req.IntegrationRole) return nil } diff --git a/lib/integrations/awsoidc/eice_iam_config.go b/lib/integrations/awsoidc/eice_iam_config.go index 0d726d229d211..70854b12f8f82 100644 --- a/lib/integrations/awsoidc/eice_iam_config.go +++ b/lib/integrations/awsoidc/eice_iam_config.go @@ -142,6 +142,6 @@ func ConfigureEICEIAM(ctx context.Context, clt EICEIAMConfigureClient, req EICEI return trace.Wrap(err) } - logrus.Printf("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleEICEPolicy, req.IntegrationRole) + logrus.Infof("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleEICEPolicy, req.IntegrationRole) return nil } diff --git a/lib/integrations/awsoidc/eks_iam_config.go b/lib/integrations/awsoidc/eks_iam_config.go index f021ec66dcc32..ec5936769eb3f 100644 --- a/lib/integrations/awsoidc/eks_iam_config.go +++ b/lib/integrations/awsoidc/eks_iam_config.go @@ -129,6 +129,6 @@ func ConfigureEKSIAM(ctx context.Context, clt EKSIAMConfigureClient, req EKSIAMC return trace.Wrap(err) } - logrus.Printf("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleEKSPolicy, req.IntegrationRole) + logrus.Infof("IntegrationRole: IAM Policy %q added to Role %q\n", req.IntegrationRoleEKSPolicy, req.IntegrationRole) return nil } diff --git a/lib/integrations/awsoidc/idp_iam_config.go b/lib/integrations/awsoidc/idp_iam_config.go index 12c10488be6e1..27e1f3da91079 100644 --- a/lib/integrations/awsoidc/idp_iam_config.go +++ b/lib/integrations/awsoidc/idp_iam_config.go @@ -158,7 +158,7 @@ func ConfigureIdPIAM(ctx context.Context, clt IdPIAMConfigureClient, req IdPIAMC if err != nil { return trace.Wrap(err) } - logrus.Printf("Using the following thumbprint: %s", thumbprint) + logrus.Infof("Using the following thumbprint: %s", thumbprint) createOIDCResp, err := clt.CreateOpenIDConnectProvider(ctx, &iam.CreateOpenIDConnectProviderInput{ ThumbprintList: []string{thumbprint}, @@ -172,13 +172,13 @@ func ConfigureIdPIAM(ctx context.Context, clt IdPIAMConfigureClient, req IdPIAMC } return trace.Wrap(err) } - logrus.Printf("IAM OpenID Connect Provider created: url=%q arn=%q.", req.ProxyPublicAddress, aws.ToString(createOIDCResp.OpenIDConnectProviderArn)) + logrus.Infof("IAM OpenID Connect Provider created: url=%q arn=%q.", req.ProxyPublicAddress, aws.ToString(createOIDCResp.OpenIDConnectProviderArn)) createdIdpIAMRoleArn, err := createIdPIAMRole(ctx, clt, req) if err != nil { return trace.Wrap(err) } - logrus.Printf("IAM Role created: name=%q arn=%q", req.IntegrationRole, aws.ToString(createdIdpIAMRoleArn)) + logrus.Infof("IAM Role created: name=%q arn=%q", req.IntegrationRole, aws.ToString(createdIdpIAMRoleArn)) return nil } From 0ea804f3105d14ef04d4f775177ebc1e68589c2c Mon Sep 17 00:00:00 2001 From: Anton Miniailo Date: Tue, 20 Feb 2024 22:33:30 -0500 Subject: [PATCH 4/5] Use InitLogger to reset loglevel --- tool/teleport/common/teleport.go | 27 ++++++++------------------- 1 file changed, 8 insertions(+), 19 deletions(-) diff --git a/tool/teleport/common/teleport.go b/tool/teleport/common/teleport.go index f7811aed51f53..dbbf3bc1eca7b 100644 --- a/tool/teleport/common/teleport.go +++ b/tool/teleport/common/teleport.go @@ -21,6 +21,7 @@ package common import ( "context" "fmt" + log "github.com/sirupsen/logrus" "io" "log/slog" "net/url" @@ -39,7 +40,6 @@ import ( "github.com/aws/aws-sdk-go-v2/service/s3" "github.com/aws/aws-sdk-go-v2/service/sts" "github.com/gravitational/trace" - log "github.com/sirupsen/logrus" "golang.org/x/exp/maps" "github.com/gravitational/teleport" @@ -959,9 +959,7 @@ func onIntegrationConfDeployService(params config.IntegrationConfDeployServiceIA ctx := context.Background() // Ensure we print output to the user. LogLevel at this point was set to Error. - if log.GetLevel() < log.InfoLevel { - log.SetLevel(log.InfoLevel) - } + utils.InitLogger(utils.LoggingForDaemon, slog.LevelInfo) iamClient, err := awsoidc.NewDeployServiceIAMConfigureClient(ctx, params.Region) if err != nil { @@ -986,9 +984,7 @@ func onIntegrationConfEICEIAM(params config.IntegrationConfEICEIAM) error { ctx := context.Background() // Ensure we print output to the user. LogLevel at this point was set to Error. - if log.GetLevel() < log.InfoLevel { - log.SetLevel(log.InfoLevel) - } + utils.InitLogger(utils.LoggingForDaemon, slog.LevelInfo) iamClient, err := awsoidc.NewEICEIAMConfigureClient(ctx, params.Region) if err != nil { @@ -1010,9 +1006,8 @@ func onIntegrationConfEKSIAM(params config.IntegrationConfEKSIAM) error { ctx := context.Background() // Ensure we print output to the user. LogLevel at this point was set to Error. - if log.GetLevel() < log.InfoLevel { - log.SetLevel(log.InfoLevel) - } + utils.InitLogger(utils.LoggingForDaemon, slog.LevelInfo) + _ = log.GetLevel() iamClient, err := awsoidc.NewEKSIAMConfigureClient(ctx, params.Region) if err != nil { @@ -1034,9 +1029,7 @@ func onIntegrationConfAWSOIDCIdP(params config.IntegrationConfAWSOIDCIdP) error ctx := context.Background() // Ensure we print output to the user. LogLevel at this point was set to Error. - if log.GetLevel() < log.InfoLevel { - log.SetLevel(log.InfoLevel) - } + utils.InitLogger(utils.LoggingForDaemon, slog.LevelInfo) iamClient, err := awsoidc.NewIdPIAMConfigureClient(ctx) if err != nil { @@ -1061,9 +1054,7 @@ func onIntegrationConfListDatabasesIAM(params config.IntegrationConfListDatabase // Ensure we show progress to the user. // LogLevel at this point is set to Error. - if log.GetLevel() < log.InfoLevel { - log.SetLevel(log.InfoLevel) - } + utils.InitLogger(utils.LoggingForDaemon, slog.LevelInfo) if params.Region == "" { return trace.BadParameter("region is required") @@ -1124,9 +1115,7 @@ func onIntegrationConfAccessGraphAWSSync(params config.IntegrationConfAccessGrap ctx := context.Background() // Ensure we print output to the user. LogLevel at this point was set to Error. - if log.GetLevel() < log.InfoLevel { - log.SetLevel(log.InfoLevel) - } + utils.InitLogger(utils.LoggingForDaemon, slog.LevelInfo) iamClient, err := awsoidc.NewAccessGraphIAMConfigureClient(ctx) if err != nil { From 232c9f83318d415033cca8907c4e6220ff13a93e Mon Sep 17 00:00:00 2001 From: Anton Miniailo Date: Tue, 20 Feb 2024 22:54:26 -0500 Subject: [PATCH 5/5] Remove unneeded code. --- tool/teleport/common/teleport.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/tool/teleport/common/teleport.go b/tool/teleport/common/teleport.go index dbbf3bc1eca7b..54ac3625e8a53 100644 --- a/tool/teleport/common/teleport.go +++ b/tool/teleport/common/teleport.go @@ -21,7 +21,6 @@ package common import ( "context" "fmt" - log "github.com/sirupsen/logrus" "io" "log/slog" "net/url" @@ -1007,7 +1006,6 @@ func onIntegrationConfEKSIAM(params config.IntegrationConfEKSIAM) error { // Ensure we print output to the user. LogLevel at this point was set to Error. utils.InitLogger(utils.LoggingForDaemon, slog.LevelInfo) - _ = log.GetLevel() iamClient, err := awsoidc.NewEKSIAMConfigureClient(ctx, params.Region) if err != nil {