chore(ci): enable sloglint

.golangci.yaml

@@ -56,7 +56,7 @@ linters:
     - revive
     # - recvcheck
     - rowserrcheck
-    # - sloglint
+    - sloglint
     - spancheck
     - sqlclosecheck
     # - staticcheck
@@ -127,18 +127,23 @@ linters:
       packages:
         - github.com/jackc/pgx/v5
     sloglint:
-      kv-only: true
+      kv-only: false
       no-mixed-args: true
       static-msg: true
-      attr-only: false
-      no-raw-keys: true
+      attr-only: true
+      no-raw-keys: false
       msg-style: lowercased
       key-naming-case: snake
       forbidden-keys:
         - time
         - level
         - msg
         - source
+        - request
+        - req
+        - auth
+        - authorization
+        - token
       args-on-sep-lines: true
     tagliatelle:
       case:

examples/cmd/attributes.go

@@ -92,7 +92,7 @@ func listAttributes(cmd *cobra.Command) error {
 		if err != nil {
 			return err
 		}
-		slog.Info(fmt.Sprintf("found %d namespaces", len(listResp.GetNamespaces())))
+		slog.Info("found namespaces", slog.Int("count", len(listResp.GetNamespaces())))
 		for _, n := range listResp.GetNamespaces() {
 			nsuris = append(nsuris, n.GetFqn())
 		}
@@ -111,7 +111,10 @@ func listAttributes(cmd *cobra.Command) error {
 		if err != nil {
 			return err
 		}
-		slog.Info(fmt.Sprintf("found %d attributes in namespace", len(lsr.GetAttributes())), "ns", n)
+		slog.Info("found attributes in namespace",
+			slog.Int("count", len(lsr.GetAttributes())),
+			slog.String("ns", n),
+		)
 		for _, a := range lsr.GetAttributes() {
 			if longformat {
 				fmt.Printf("%s\t%s\n", a.GetFqn(), a.GetId())
@@ -133,12 +136,15 @@ func listAttributes(cmd *cobra.Command) error {
 func nsuuid(ctx context.Context, s *sdk.SDK, u string) (string, error) {
 	url, err := url.Parse(u)
 	if err != nil {
-		slog.Error("namespace url.Parse", "err", err, "url", u)
+		slog.Error("namespace url.Parse",
+			slog.String("url", u),
+			slog.Any("error", err),
+		)
 		return "", errors.Join(err, ErrInvalidArgument)
 	}
 	listResp, err := s.Namespaces.ListNamespaces(ctx, &namespaces.ListNamespacesRequest{})
 	if err != nil {
-		slog.Error("ListNamespaces", "err", err)
+		slog.Error("failed to ListNamespaces", slog.Any("error", err))
 		return "", errors.Join(err, ErrInvalidArgument)
 	}
 	for _, n := range listResp.GetNamespaces() {
@@ -155,7 +161,7 @@ func attruuid(ctx context.Context, s *sdk.SDK, nsu, fqn string) (string, error)
 		State:     common.ActiveStateEnum_ACTIVE_STATE_ENUM_ANY,
 	})
 	if err != nil {
-		slog.Error("ListAttributes", "err", err)
+		slog.Error("failed to ListAttributes", slog.Any("error", err))
 		return "", errors.Join(err, ErrInvalidArgument)
 	}
 	for _, a := range resp.GetAttributes() {
@@ -169,7 +175,7 @@ func attruuid(ctx context.Context, s *sdk.SDK, nsu, fqn string) (string, error)
 func avuuid(ctx context.Context, s *sdk.SDK, auuid, vs string) (string, error) {
 	resp, err := s.Attributes.GetAttribute(ctx, &attributes.GetAttributeRequest{Id: auuid})
 	if err != nil {
-		slog.Error("GetAttribute", "err", err)
+		slog.Error("failed to GetAttribute", slog.Any("error", err))
 		return "", errors.Join(err, ErrInvalidArgument)
 	}
 	for _, v := range resp.GetAttribute().GetValues() {
@@ -183,12 +189,12 @@ func avuuid(ctx context.Context, s *sdk.SDK, auuid, vs string) (string, error) {
 func addNamespace(ctx context.Context, s *sdk.SDK, u string) (string, error) {
 	url, err := url.Parse(u)
 	if err != nil {
-		slog.Error("url.Parse", "err", err)
+		slog.Error("url.Parse", slog.Any("error", err))
 		return "", errors.Join(err, ErrInvalidArgument)
 	}
 	resp, err := s.Namespaces.CreateNamespace(ctx, &namespaces.CreateNamespaceRequest{Name: url.Hostname()})
 	if err != nil {
-		slog.Error("CreateNamespace", "err", err)
+		slog.Error("failed to CreateNamespace", slog.Any("error", err))
 		return "", errors.Join(err, ErrInvalidArgument)
 	}
 	return resp.GetNamespace().GetId(), nil
@@ -213,26 +219,32 @@ func addAttribute(cmd *cobra.Command) error {
 		nsu, err = addNamespace(cmd.Context(), s, auth)
 	}
 	if err != nil {
-		slog.Error("upsertNamespace", "err", err)
+		slog.Error("upsertNamespace", slog.Any("error", err))
 		return err
 	}
 	attrEl, err := url.PathUnescape(m[2])
 	if err != nil {
-		slog.Error("url.PathUnescape(attr)", "err", err, "attr", m[2])
+		slog.Error("url.PathUnescape(attr)",
+			slog.String("attr", m[2]),
+			slog.Any("error", err),
+		)
 		return err
 	}
 	aid, err := upsertAttr(cmd.Context(), s, nsu, attrEl, values)
 	if err != nil {
 		return err
 	}
-	slog.Info("created attribute", "passedin", attrEl, "id", aid)
+	slog.Info("created attribute",
+		slog.String("passedin", attrEl),
+		slog.String("id", aid),
+	)
 	return nil
 }
 
 func removeAttribute(cmd *cobra.Command) error {
 	s, err := newSDK()
 	if err != nil {
-		slog.Error("could not connect", "err", err)
+		slog.Error("could not connect", slog.Any("error", err))
 		return err
 	}
 	defer s.Close()
@@ -258,20 +270,32 @@ func removeAttribute(cmd *cobra.Command) error {
 				Fqn: strings.ToLower(attr),
 			})
 			if err != nil {
-				slog.Error("UnsafeDeleteAttribute", "err", err, "id", auuid)
+				slog.Error("failed to UnsafeDeleteAttribute",
+					slog.String("id", auuid),
+					slog.Any("error", err),
+				)
 				return err
 			}
-			slog.Info("deleted attribute", "attr", attr, "resp", resp)
+			slog.Info("deleted attribute",
+				slog.String("attr", attr),
+				slog.Any("resp", resp),
+			)
 			return nil
 		}
 		resp, err := s.Attributes.DeactivateAttribute(cmd.Context(), &attributes.DeactivateAttributeRequest{
 			Id: auuid,
 		})
 		if err != nil {
-			slog.Error("DeactivateAttribute", "err", err, "id", auuid)
+			slog.Error("failed to DeactivateAttribute",
+				slog.String("id", auuid),
+				slog.Any("error", err),
+			)
 			return err
 		}
-		slog.Info("deactivated attribute", "attr", attr, "resp", resp)
+		slog.Info("deactivated attribute",
+			slog.String("attr", attr),
+			slog.Any("resp", resp),
+		)
 		return nil
 	}
 
@@ -286,19 +310,33 @@ func removeAttribute(cmd *cobra.Command) error {
 				Fqn: strings.ToLower(attr + "/value/" + url.PathEscape(v)),
 			})
 			if err != nil {
-				slog.Error("UnsafeDeleteAttributeValue", "err", err, "id", avu)
+				slog.Error("failed to UnsafeDeleteAttributeValue",
+					slog.Any("error", err),
+					slog.String("id", avu),
+				)
 				return err
 			}
-			slog.Info("deactivated attribute value", "attr", attr, "value", v, "resp", r)
+			slog.Info("deactivated attribute value",
+				slog.String("attr", attr),
+				slog.String("value", v),
+				slog.Any("resp", r),
+			)
 		} else {
 			r, err := s.Attributes.DeactivateAttributeValue(cmd.Context(), &attributes.DeactivateAttributeValueRequest{
 				Id: avu,
 			})
 			if err != nil {
-				slog.Error("DeactivateAttributeValue", "err", err, "id", avu)
+				slog.Error("failed to DeactivateAttributeValue",
+					slog.String("id", avu),
+					slog.Any("error", err),
+				)
 				return err
 			}
-			slog.Info("deactivated attribute value", "attr", attr, "value", v, "resp", r)
+			slog.Info("deactivated attribute value",
+				slog.String("attr", attr),
+				slog.String("value", v),
+				slog.Any("resp", r),
+			)
 		}
 	}
 	return nil
@@ -325,7 +363,14 @@ func upsertAttr(ctx context.Context, s *sdk.SDK, auth, name string, values []str
 		Values:      values,
 	})
 	if err != nil {
-		slog.Error("CreateAttribute", "err", err, "auth", auth, "name", name, "values", values, "rule", ruler())
+		//nolint:sloglint // safe to log auth in examples
+		slog.Error("failed to CreateAttribute",
+			slog.String("auth", auth),
+			slog.String("name", name),
+			slog.Any("values", values),
+			slog.Any("rule", ruler()),
+			slog.Any("error", err),
+		)
 		return "", err
 	}
 	return av.GetAttribute().GetId(), nil

examples/cmd/authorization.go

@@ -63,21 +63,22 @@ func authorizationExamples() error {
 	})
 
 	decisionRequest := &authorization.GetDecisionsRequest{DecisionRequests: drs}
-	slog.Info("Submitting decision request: " + protojson.Format(decisionRequest))
+	//nolint:sloglint // safe to log request in example code
+	slog.Info("submitting decision", slog.String("request", protojson.Format(decisionRequest)))
 	decisionResponse, err := s.Authorization.GetDecisions(context.Background(), decisionRequest)
 	if err != nil {
 		return err
 	}
-	slog.Info("Received decision response: " + protojson.Format(decisionResponse))
+	slog.Info("received decision response", slog.String("response", protojson.Format(decisionResponse)))
 
 	// map response back to entity chain id
 	decisionsByEntityChain := make(map[string]*authorization.DecisionResponse)
 	for _, dr := range decisionResponse.GetDecisionResponses() {
 		decisionsByEntityChain[dr.GetEntityChainId()] = dr
 	}
 
-	slog.Info("decision for bob: " + protojson.Format(decisionsByEntityChain["ec1"]))
-	slog.Info("decision for alice: " + protojson.Format(decisionsByEntityChain["ec2"]))
+	slog.Info("decision for bob", slog.String("decision", protojson.Format(decisionsByEntityChain["ec1"])))
+	slog.Info("decision for alice", slog.String("decision", protojson.Format(decisionsByEntityChain["ec2"])))
 	return nil
 }
 

examples/cmd/kas.go

@@ -68,14 +68,14 @@ func init() {
 func listKases(cmd *cobra.Command) error {
 	s, err := newSDK()
 	if err != nil {
-		slog.Error("could not connect", "err", err)
+		slog.Error("could not connect", slog.Any("error", err))
 		return err
 	}
 	defer s.Close()
 
 	r, err := s.KeyAccessServerRegistry.ListKeyAccessServers(cmd.Context(), &kasregistry.ListKeyAccessServersRequest{})
 	if err != nil {
-		slog.Error("ListKeyAccessServers", "error", err)
+		slog.Error("failed to ListKeyAccessServers", slog.Any("error", err))
 		return err
 	}
 
@@ -99,7 +99,7 @@ func listKases(cmd *cobra.Command) error {
 func upsertKasRegistration(ctx context.Context, s *sdk.SDK, uri string, pk *policy.PublicKey) (string, error) {
 	r, err := s.KeyAccessServerRegistry.ListKeyAccessServers(ctx, &kasregistry.ListKeyAccessServersRequest{})
 	if err != nil {
-		slog.Error("ListKeyAccessServers", "err", err)
+		slog.Error("failed to ListKeyAccessServers", slog.Any("error", err))
 		return "", err
 	}
 	for _, ki := range r.GetKeyAccessServers() {
@@ -118,7 +118,7 @@ func upsertKasRegistration(ctx context.Context, s *sdk.SDK, uri string, pk *poli
 			}
 			_, err := s.KeyAccessServerRegistry.DeleteKeyAccessServer(ctx, &kasregistry.DeleteKeyAccessServerRequest{Id: ki.GetId()})
 			if err != nil {
-				slog.Error("DeleteKeyAccessServer", "err", err)
+				slog.Error("failed to DeleteKeyAccessServer", slog.Any("error", err))
 				return "", err
 			}
 			// Do we have a unique constraint on kas uri?
@@ -137,7 +137,11 @@ func upsertKasRegistration(ctx context.Context, s *sdk.SDK, uri string, pk *poli
 		PublicKey: pk,
 	})
 	if err != nil {
-		slog.Error("CreateKeyAccessServer", "uri", uri, "publicKey", uri+"/v2/kas_public_key")
+		slog.Error("failed to CreateKeyAccessServer",
+			slog.String("uri", uri),
+			slog.String("public_key", uri+"/v2/kas_public_key"),
+			slog.Any("error", err),
+		)
 		return "", err
 	}
 	return ur.GetKeyAccessServer().GetId(), nil
@@ -156,7 +160,7 @@ func algString2Proto(a string) policy.KasPublicKeyAlgEnum {
 func updateKas(cmd *cobra.Command) error {
 	s, err := newSDK()
 	if err != nil {
-		slog.Error("could not connect", "err", err)
+		slog.Error("could not connect", slog.Any("error", err))
 		return err
 	}
 	defer s.Close()
@@ -198,29 +202,33 @@ func updateKas(cmd *cobra.Command) error {
 	if err != nil {
 		return err
 	}
-	slog.Info("registered kas", "passedin", attr, "id", kasid, "kas", kas)
+	slog.Info("registered kas",
+		slog.String("passedin", attr),
+		slog.String("id", kasid),
+		slog.String("kas", kas),
+	)
 	return nil
 }
 
 func removeKas(cmd *cobra.Command) error {
 	s, err := newSDK()
 	if err != nil {
-		slog.Error("could not connect", "err", err)
+		slog.Error("could not connect", slog.Any("error", err))
 		return err
 	}
 	defer s.Close()
 
 	r, err := s.KeyAccessServerRegistry.ListKeyAccessServers(cmd.Context(), &kasregistry.ListKeyAccessServersRequest{})
 	if err != nil {
-		slog.Error("ListKeyAccessServers", "err", err)
+		slog.Error("failed to ListKeyAccessServers", slog.Any("error", err))
 		return err
 	}
 	deletedSomething := false
 	for _, ki := range r.GetKeyAccessServers() {
 		if strings.ToLower(kas) == strings.ToLower(ki.GetUri()) {
 			_, err := s.KeyAccessServerRegistry.DeleteKeyAccessServer(cmd.Context(), &kasregistry.DeleteKeyAccessServerRequest{Id: ki.GetId()})
 			if err != nil {
-				slog.Error("DeleteKeyAccessServer", "err", err)
+				slog.Error("failed to DeleteKeyAccessServer", slog.Any("error", err))
 				return err
 			}
 			deletedSomething = true
@@ -230,6 +238,6 @@ func removeKas(cmd *cobra.Command) error {
 		return fmt.Errorf("nothing deleted; [%s] not found", kas)
 	}
 
-	slog.Info("deleted kas registration", "kas", kas)
+	slog.Info("deleted kas registration", slog.String("kas", kas))
 	return nil
 }