refactor(log): replace panics with log fatal or log panic functions

Signed-off-by: Laurentiu Niculae <[email protected]>
project-zot · Aug 30, 2023 · f65de52 · f65de52
1 parent 9bccd78
commit f65de52
Show file tree

Hide file tree

Showing 24 changed files with 398 additions and 260 deletions.
diff --git a/errors/errors.go b/errors/errors.go
@@ -151,4 +151,6 @@ var (
 	ErrInvalidPublicKeyContent        = errors.New("signatures: invalid public key content")
 	ErrInvalidStateCookie             = errors.New("auth: state cookie not present or differs from original state")
 	ErrSyncNoURLsLeft                 = errors.New("sync: no valid registry urls left after filtering local ones")
+	ErrServerIsRunning                = errors.New("server is running")
+	ErrDatabaseFileAlreadyInUse       = errors.New("boltdb file is already in use")
 )
diff --git a/pkg/api/authn.go b/pkg/api/authn.go
@@ -51,10 +51,11 @@ const (
 type AuthnMiddleware struct {
 	credMap    map[string]string
 	ldapClient *LDAPClient
+	log        log.Logger
 }
 
 func AuthHandler(ctlr *Controller) mux.MiddlewareFunc {
-	authnMiddleware := &AuthnMiddleware{}
+	authnMiddleware := &AuthnMiddleware{log: ctlr.Log}
 
 	if ctlr.Config.IsBearerAuthEnabled() {
 		return bearerAuthHandler(ctlr)
@@ -257,14 +258,14 @@ func (amw *AuthnMiddleware) TryAuthnHandlers(ctlr *Controller) mux.MiddlewareFun
 
 		cookieStoreHashKey := securecookie.GenerateRandomKey(64)
 		if cookieStoreHashKey == nil {
-			panic(zerr.ErrHashKeyNotCreated)
+			amw.log.Panic().Err(zerr.ErrHashKeyNotCreated).Msg("failed to generate random key")
 		}
 
 		// if storage is filesystem then use zot's rootDir to store sessions
 		if ctlr.Config.Storage.StorageDriver == nil {
 			sessionsDir := path.Join(ctlr.Config.Storage.RootDirectory, "_sessions")
 			if err := os.MkdirAll(sessionsDir, storageConstants.DefaultDirPerms); err != nil {
-				panic(err)
+				amw.log.Panic().Err(err).Str("session-dir", sessionsDir).Msg("failed to create session dir")
 			}
 
 			cookieStore := sessions.NewFilesystemStore(sessionsDir, cookieStoreHashKey)
@@ -303,21 +304,24 @@ func (amw *AuthnMiddleware) TryAuthnHandlers(ctlr *Controller) mux.MiddlewareFun
 		if ctlr.Config.HTTP.Auth.LDAP.CACert != "" {
 			caCert, err := os.ReadFile(ctlr.Config.HTTP.Auth.LDAP.CACert)
 			if err != nil {
-				panic(err)
+				amw.log.Panic().Err(err).Str("caCert", ctlr.Config.HTTP.Auth.LDAP.CACert).
+					Msg("failed to read caCert")
 			}
 
 			caCertPool := x509.NewCertPool()
 
 			if !caCertPool.AppendCertsFromPEM(caCert) {
-				panic(zerr.ErrBadCACert)
+				amw.log.Panic().Err(zerr.ErrBadCACert).Str("caCert", ctlr.Config.HTTP.Auth.LDAP.CACert).
+					Msg("failed to read caCert")
 			}
 
 			amw.ldapClient.ClientCAs = caCertPool
 		} else {
 			// default to system cert pool
 			caCertPool, err := x509.SystemCertPool()
 			if err != nil {
-				panic(zerr.ErrBadCACert)
+				amw.log.Panic().Err(zerr.ErrBadCACert).Str("caCert", ctlr.Config.HTTP.Auth.LDAP.CACert).
+					Msg("failed to get system cert pool")
 			}
 
 			amw.ldapClient.ClientCAs = caCertPool
@@ -327,7 +331,8 @@ func (amw *AuthnMiddleware) TryAuthnHandlers(ctlr *Controller) mux.MiddlewareFun
 	if ctlr.Config.IsHtpasswdAuthEnabled() {
 		credsFile, err := os.Open(ctlr.Config.HTTP.Auth.HTPasswd.Path)
 		if err != nil {
-			panic(err)
+			amw.log.Panic().Err(err).Str("credsFile", ctlr.Config.HTTP.Auth.HTPasswd.Path).
+				Msg("failed to open creds-file")
 		}
 		defer credsFile.Close()
 
@@ -348,10 +353,10 @@ func (amw *AuthnMiddleware) TryAuthnHandlers(ctlr *Controller) mux.MiddlewareFun
 
 		for provider := range ctlr.Config.HTTP.Auth.OpenID.Providers {
 			if config.IsOpenIDSupported(provider) {
-				rp := NewRelyingPartyOIDC(ctlr.Config, provider)
+				rp := NewRelyingPartyOIDC(ctlr.Config, provider, ctlr.Log)
 				ctlr.RelyingParties[provider] = rp
 			} else if config.IsOauth2Supported(provider) {
-				rp := NewRelyingPartyGithub(ctlr.Config, provider)
+				rp := NewRelyingPartyGithub(ctlr.Config, provider, ctlr.Log)
 				ctlr.RelyingParties[provider] = rp
 			}
 		}
@@ -562,19 +567,20 @@ func (rh *RouteHandler) AuthURLHandler() http.HandlerFunc {
 	}
 }
 
-func NewRelyingPartyOIDC(config *config.Config, provider string) rp.RelyingParty {
-	issuer, clientID, clientSecret, redirectURI, scopes, options := getRelyingPartyArgs(config, provider)
+func NewRelyingPartyOIDC(config *config.Config, provider string, log log.Logger) rp.RelyingParty {
+	issuer, clientID, clientSecret, redirectURI, scopes, options := getRelyingPartyArgs(config, provider, log)
 
 	relyingParty, err := rp.NewRelyingPartyOIDC(issuer, clientID, clientSecret, redirectURI, scopes, options...)
 	if err != nil {
-		panic(err)
+		log.Panic().Err(err).Str("issuer", issuer).Str("redirectURI", redirectURI).Strs("scopes", scopes).
+			Msg("failed to get new relying party oicd")
 	}
 
 	return relyingParty
 }
 
-func NewRelyingPartyGithub(config *config.Config, provider string) rp.RelyingParty {
-	_, clientID, clientSecret, redirectURI, scopes, options := getRelyingPartyArgs(config, provider)
+func NewRelyingPartyGithub(config *config.Config, provider string, log log.Logger) rp.RelyingParty {
+	_, clientID, clientSecret, redirectURI, scopes, options := getRelyingPartyArgs(config, provider, log)
 
 	rpConfig := &oauth2.Config{
 		ClientID:     clientID,
@@ -586,17 +592,18 @@ func NewRelyingPartyGithub(config *config.Config, provider string) rp.RelyingPar
 
 	relyingParty, err := rp.NewRelyingPartyOAuth(rpConfig, options...)
 	if err != nil {
-		panic(err)
+		log.Panic().Err(err).Str("redirectURI", redirectURI).Strs("scopes", scopes).
+			Msg("failed to get new relying party oauth")
 	}
 
 	return relyingParty
 }
 
-func getRelyingPartyArgs(cfg *config.Config, provider string) (
+func getRelyingPartyArgs(cfg *config.Config, provider string, log log.Logger) (
 	string, string, string, string, []string, []rp.Option,
 ) {
 	if _, ok := cfg.HTTP.Auth.OpenID.Providers[provider]; !ok {
-		panic(zerr.ErrOpenIDProviderDoesNotExist)
+		log.Panic().Err(zerr.ErrOpenIDProviderDoesNotExist).Str("provider", provider).Msg("")
 	}
 
 	clientID := cfg.HTTP.Auth.OpenID.Providers[provider].ClientID

diff --git a/pkg/api/controller.go b/pkg/api/controller.go
@@ -188,13 +188,17 @@ func (c *Controller) Run(reloadCtx context.Context) error {
 
 			caCert, err := os.ReadFile(c.Config.HTTP.TLS.CACert)
 			if err != nil {
-				panic(err)
+				c.Log.Error().Err(err).Str("caCert", c.Config.HTTP.TLS.CACert).Msg("failed to read file")
+
+				return err
 			}
 
 			caCertPool := x509.NewCertPool()
 
 			if !caCertPool.AppendCertsFromPEM(caCert) {
-				panic(errors.ErrBadCACert)
+				c.Log.Error().Err(errors.ErrBadCACert).Msg("failed to append certs from pem")
+
+				return errors.ErrBadCACert
 			}
 
 			server.TLSConfig.ClientAuth = clientAuth