More logging

lehigh-university-libraries · Apr 12, 2024 · a285c2c · a285c2c
1 parent a9c9f35
commit a285c2c
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 9 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -2,19 +2,20 @@ FROM golang:1.22-bookworm
 
 WORKDIR /app
 
-COPY . ./
-
 RUN apt-get update \
   && apt-get install -y curl git jq sudo ca-certificates \
   && install -m 0755 -d /etc/apt/keyrings \
   && curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc \
   && chmod a+r /etc/apt/keyrings/docker.asc \
   && echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null \
   && apt-get update \
-  && apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin \
+  && apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin \
   && apt-get clean \
-  && rm -rf /var/lib/apt/lists/* \
-  && go mod download \
+  && rm -rf /var/lib/apt/lists/*
+
+COPY . ./
+
+RUN go mod download \
   && go build -o /app/rollout \
   && go clean -cache -modcache
 

diff --git a/main.go b/main.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"bytes"
 	"context"
 	"fmt"
 	"log"
@@ -42,7 +43,16 @@ func main() {
 	}
 
 	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
-		tokenString := r.Header.Get("Authorization")[7:] // Assuming "Bearer " prefix
+		realIp, lastIP := readUserIP(r)
+
+		a := r.Header.Get("Authorization")
+		if len(a) < 10 {
+			log.Println("Not auth header for", realIp, ",", lastIP)
+			http.Error(w, "need authorizaton: bearer xyz header", http.StatusUnauthorized)
+			return
+		}
+		// Assuming "Bearer " prefix
+		tokenString := a[7:]
 
 		// Parse and verify the token
 		token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
@@ -79,26 +89,32 @@ func main() {
 		})
 
 		if err != nil {
-			http.Error(w, "Failed to verify token: "+err.Error(), http.StatusUnauthorized)
+			log.Println("Failed to verify token for", realIp, ",", lastIP, err.Error())
+			http.Error(w, "Failed to verify token.", http.StatusUnauthorized)
 			return
 		}
 
 		if !token.Valid {
+			log.Println("Invalid token for", realIp, ",", lastIP, err.Error())
 			http.Error(w, "Invalid token", http.StatusUnauthorized)
 			return
 		}
 
 		// TODO make this more customizable
 		// but for now this fills the need
 		cmd := exec.Command("/bin/bash", "/rollout.sh")
+
+		var stdErr bytes.Buffer
+		cmd.Stderr = &stdErr
 		cmd.Env = os.Environ()
 		if err := cmd.Run(); err != nil {
-			fmt.Printf("Failed to execute script: %v\n", err)
+			log.Printf("Error running %s command: %s", cmd.String(), stdErr.String())
 			http.Error(w, "Script execution failed", http.StatusInternalServerError)
 			return
 		}
 
-		fmt.Fprintln(w, "Token is valid")
+		log.Println("Rollout complete for", realIp, ",", lastIP)
+		fmt.Fprintln(w, "Rollout complete")
 	})
 
 	fmt.Println("Server is running on http://localhost:8080/")
@@ -107,3 +123,12 @@ func main() {
 		log.Fatal("Unable to start service")
 	}
 }
+
+func readUserIP(r *http.Request) (string, string) {
+	realIP := r.Header.Get("X-Real-Ip")
+	lastIP := r.RemoteAddr
+	if realIP == "" {
+		realIP = r.Header.Get("X-Forwarded-For")
+	}
+	return realIP, lastIP
+}