From f08bad2579aa4845a461c31a3f149dddddfa352f Mon Sep 17 00:00:00 2001
From: Rhys Arkins <rhys@arkins.net>
Date: Mon, 27 Nov 2023 19:03:27 +0100
Subject: [PATCH] refactor: improve logging for hostRules (#25967)
---
lib/modules/datasource/docker/common.ts | 7 +++++++
lib/util/http/host-rules.ts | 7 +++++++
2 files changed, 14 insertions(+)
diff --git a/lib/modules/datasource/docker/common.ts b/lib/modules/datasource/docker/common.ts
index 891c4bee0e..78845b8ad6 100644
--- a/lib/modules/datasource/docker/common.ts
+++ b/lib/modules/datasource/docker/common.ts
@@ -94,6 +94,7 @@ export async function getAuthHeaders(
url: apiCheckUrl,
});
if (ecrRegex.test(registryHost)) {
+ logger.once.debug(`hostRules: ecr auth for ${registryHost}`);
logger.trace(
{ registryHost, dockerRepository },
`Using ecr auth for Docker registry`,
@@ -109,6 +110,7 @@ export async function getAuthHeaders(
typeof opts.password === 'undefined' &&
typeof opts.token === 'undefined'
) {
+ logger.once.debug(`hostRules: google auth for ${registryHost}`);
logger.trace(
{ registryHost, dockerRepository },
`Using google auth for Docker registry`,
@@ -123,6 +125,7 @@ export async function getAuthHeaders(
);
}
} else if (opts.username && opts.password) {
+ logger.once.debug(`hostRules: basic auth for ${registryHost}`);
logger.trace(
{ registryHost, dockerRepository },
`Using basic auth for Docker registry`,
@@ -133,6 +136,9 @@ export async function getAuthHeaders(
opts.headers = { authorization: `Basic ${auth}` };
} else if (opts.token) {
const authType = opts.authType ?? 'Bearer';
+ logger.once.debug(
+ `hostRules: ${authType} token auth for ${registryHost}`,
+ );
logger.trace(
{ registryHost, dockerRepository },
`Using ${authType} token for Docker registry`,
@@ -154,6 +160,7 @@ export async function getAuthHeaders(
!is.string(authenticateHeader.params.realm) ||
parseUrl(authenticateHeader.params.realm) === null
) {
+ logger.once.debug(`hostRules: testing direct auth for ${registryHost}`);
logger.trace(
{ registryHost, dockerRepository, authenticateHeader },
`Invalid realm, testing direct auth`,
diff --git a/lib/util/http/host-rules.ts b/lib/util/http/host-rules.ts
index 45855dd4bf..7f5b52c293 100644
--- a/lib/util/http/host-rules.ts
+++ b/lib/util/http/host-rules.ts
@@ -9,6 +9,7 @@ import { logger } from '../../logger';
import { hasProxy } from '../../proxy';
import type { HostRule } from '../../types';
import * as hostRules from '../host-rules';
+import { parseUrl } from '../url';
import { dnsLookup } from './dns';
import { keepaliveAgents } from './keepalive';
import type { GotOptions } from './types';
@@ -120,6 +121,7 @@ export function applyHostRules<GotOptions extends HostRulesGotOptions>(
const options: GotOptions = { ...inOptions };
const foundRules = findMatchingRules(options, url);
const { username, password, token, enabled, authType } = foundRules;
+ const host = parseUrl(url)?.host;
if (options.noAuth) {
logger.trace({ url }, `Authorization disabled`);
} else if (
@@ -127,17 +129,22 @@ export function applyHostRules<GotOptions extends HostRulesGotOptions>(
is.nonEmptyString(options.password) ||
is.nonEmptyString(options.token)
) {
+ logger.once.debug(`hostRules: authentication already set for ${host}`);
logger.trace({ url }, `Authorization already set`);
} else if (password !== undefined) {
+ logger.once.debug(`hostRules: applying Basic authentication for ${host}`);
logger.trace({ url }, `Applying Basic authentication`);
options.username = username;
options.password = password;
} else if (token) {
+ logger.once.debug(`hostRules: applying Bearer authentication for ${host}`);
logger.trace({ url }, `Applying Bearer authentication`);
options.token = token;
options.context = { ...options.context, authType };
} else if (enabled === false) {
options.enabled = false;
+ } else {
+ logger.once.debug(`hostRules: no authentication for ${host}`);
}
// Apply optional params
if (foundRules.abortOnError) {
--
GitLab