Merge pull request #14 from backplane/slog

* adopts slog from stlib, therefore closes #7 
* adopts urfave/cli/v2, therefore closes #5 
* instead of using the host header, we specify the fqdn we intend to serve in the config file

Author: actualben

config.go

@@ -3,31 +3,36 @@ package main
 import (
 	"encoding/json"
 	"fmt"
-	"log"
 	"os"
 	"strings"
 
 	"gopkg.in/yaml.v2"
 )
 
 type ProxyItem struct {
-	RegistryHost string `yaml:"registry"`
-	RemotePrefix string `yaml:"remote"`
-	LocalPrefix  string `yaml:"-"` // this is set from the item name
-	AuthHeader   string `yaml:"auth"`
+	RegistryHost string `yaml:"registry" json:"registry"`
+	RemotePrefix string `yaml:"remote" json:"remote"`
+	LocalPrefix  string `yaml:"-" json:"-"` // this is set from the item name
+	AuthHeader   string `yaml:"auth" json:"auth"`
 }
 
 type Config struct {
-	ListenAddr string               `yaml:"listen_addr"`
-	ListenPort string               `yaml:"listen_port"`
-	Proxies    map[string]ProxyItem `yaml:"proxies"`
-	SecretKey  string               `yaml:"secretkey"`
+	ListenAddr string               `yaml:"listen_addr" json:"listen_addr"`
+	ListenPort string               `yaml:"listen_port" json:"listen_port"`
+	ProxyFQDN  string               `yaml:"proxy_fqdn" json:"proxy_fqdn"`
+	SecretKey  string               `yaml:"secret_key" json:"secret_key"`
+	LogLevel   string               `yaml:"log_level" json:"log_level"`
+	Proxies    map[string]ProxyItem `yaml:"proxies" json:"proxies"`
 }
 
-func LoadConfig() (Config, error) {
-	configPath := GetEnvDefault("CONFIG_PATH", "./config.yaml")
-
+func LoadConfig(configPath string) (Config, error) {
 	var config Config
+
+	if configPath == "" {
+		configPath = GetEnvDefault("CONFIG_PATH", "./config.yaml")
+	}
+
+	logger.Info("loading configuration", "file", configPath)
 	data, err := os.ReadFile(configPath)
 	if err != nil {
 		return config, err
@@ -37,6 +42,9 @@ func LoadConfig() (Config, error) {
 		return config, err
 	}
 
+	if config.LogLevel != "" {
+		setLogLevel(config.LogLevel)
+	}
 	if config.ListenAddr == "" {
 		config.ListenAddr = GetEnvDefault("LISTEN_ADDR", "0.0.0.0")
 	}
@@ -58,10 +66,11 @@ func (cfg Config) Log() {
 	// log the fully-parsed config data
 	configJSON, err := json.MarshalIndent(cfg, "", "  ")
 	if err != nil {
-		log.Fatalf("problem printing config: +%v", err)
+		logger.Error("problem printing config", "error", err)
+		return
 	}
-	log.Printf("starting up with the following configuration:\n%s", configJSON)
-
+	logger.Info("printing running configuration")
+	fmt.Println(string(configJSON))
 }
 
 // BestMatch searches through the configured proxies and tries to find the best

discovery.go

@@ -2,7 +2,6 @@ package main
 
 import (
 	"fmt"
-	"log"
 	"net/http"
 )
 
@@ -22,9 +21,9 @@ func ServeServiceDiscoveryEndpoint(w http.ResponseWriter, r *http.Request) {
 // for example with docker hub the result is "https://auth.docker.io/token"
 func DiscoverTokenEndpoint(registryHost string) (*WWWAuthenticateData, error) {
 	url := fmt.Sprintf("https://%s/v2/", registryHost)
-	log.Printf("DiscoverTokenEndpoint: making request to %s", url)
+	logger.Debug("DiscoverTokenEndpoint: making request", "url", url)
 	resp, err := http.Get(url)
-	LogResponse("DiscoverTokenEndpoint: received the following response", resp)
+	LogResponse("DiscoverTokenEndpoint: received response", resp)
 	if err != nil {
 		return nil, fmt.Errorf("DiscoverTokenEndpoint: failed to query the registry host %s: %+v", registryHost, err)
 	}
@@ -38,7 +37,9 @@ func DiscoverTokenEndpoint(registryHost string) (*WWWAuthenticateData, error) {
 		return nil, fmt.Errorf("DiscoverTokenEndpoint: www-authenticate header could not be parsed; header: %s", authHeader)
 	}
 
-	log.Printf("DiscoverTokenEndpoint: DEBUG: parsed www-authenticate header %+v", authHeaderFields)
-	log.Printf("DiscoverTokenEndpoint: registry %s: discovered token endpoint at %s", registryHost, authHeaderFields.Realm)
+	logger.Debug("DiscoverTokenEndpoint: DEBUG: parsed www-authenticate header", "header", authHeaderFields)
+	logger.Info("DiscoverTokenEndpoint: discovered endpoint",
+		"registry", registryHost,
+		"endpoint", authHeaderFields.Realm)
 	return &authHeaderFields, nil
 }

go.mod

@@ -4,11 +4,15 @@ go 1.22
 
 require (
 	aidanwoods.dev/go-paseto v1.5.1
+	github.com/urfave/cli/v2 v2.27.2
 	gopkg.in/yaml.v2 v2.4.0
 )
 
 require (
 	aidanwoods.dev/go-result v0.1.0 // indirect
+	github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect
+	github.com/russross/blackfriday/v2 v2.1.0 // indirect
+	github.com/xrash/smetrics v0.0.0-20240312152122-5f08fbb34913 // indirect
 	golang.org/x/crypto v0.22.0 // indirect
-	golang.org/x/sys v0.19.0 // indirect
+	golang.org/x/sys v0.20.0 // indirect
 )

go.sum

@@ -2,16 +2,24 @@ aidanwoods.dev/go-paseto v1.5.1 h1:IvT7wk7jmeTff6wyk7RlS6uAjUIAKU4MU2hkqr95lCo=
 aidanwoods.dev/go-paseto v1.5.1/go.mod h1:9J13iCMdWrkfK1AxAg9QDHLaDMYSEP1ldbFiR+DfmVc=
 aidanwoods.dev/go-result v0.1.0 h1:y/BMIRX6q3HwaorX1Wzrjo3WUdiYeyWbvGe18hKS3K8=
 aidanwoods.dev/go-result v0.1.0/go.mod h1:yridkWghM7AXSFA6wzx0IbsurIm1Lhuro3rYef8FBHM=
+github.com/cpuguy83/go-md2man/v2 v2.0.4 h1:wfIWP927BUkWJb2NmU/kNDYIBTh/ziUX91+lVfRxZq4=
+github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
+github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/urfave/cli/v2 v2.27.2 h1:6e0H+AkS+zDckwPCUrZkKX38mRaau4nL2uipkJpbkcI=
+github.com/urfave/cli/v2 v2.27.2/go.mod h1:g0+79LmHHATl7DAcHO99smiR/T7uGLw84w8Y42x+4eM=
+github.com/xrash/smetrics v0.0.0-20240312152122-5f08fbb34913 h1:+qGGcbkzsfDQNPPe9UDgpxAWQrhbbBXOYJFQDq/dtJw=
+github.com/xrash/smetrics v0.0.0-20240312152122-5f08fbb34913/go.mod h1:4aEEwZQutDLsQv2Deui4iYQ6DWTxR14g6m8Wv88+Xqk=
 golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30=
 golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
-golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
-golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
+golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=

main.go

@@ -19,39 +19,99 @@ package main
 import (
 	"fmt"
 	"log"
+	"log/slog"
 	"net/http"
+	"os"
 	"strings"
 
 	"aidanwoods.dev/go-paseto"
+	"github.com/urfave/cli/v2"
 )
 
-type originalHostContextKey string
-
 const (
-	ctxKeyOriginalHost           = originalHostContextKey("original-host")
 	proxyConfigHeader     string = "X-Proxy-Config"
 	tokenKeyUpstreamToken string = "upstream-token"
 )
 
 var (
+	// version, commit, date, builtBy are provided by goreleaser during build
+	version = "dev"
+	commit  = "dev"
+	date    = "unknown"
+	builtBy = "unknown"
+
 	tokenEndpoints = map[string]*WWWAuthenticateData{} // mapping of registryHosts to token endpoint URLs
+	logger         *slog.Logger
+	logLevel       *slog.LevelVar
 )
 
+func init() {
+	logLevel = new(slog.LevelVar)
+
+	cli.VersionPrinter = func(c *cli.Context) {
+		fmt.Printf("registryproxy version %s; commit %s; built on %s; by %s\n", version, commit, date, builtBy)
+	}
+}
+
 func main() {
+	app := &cli.App{
+		Name:    "registryproxy",
+		Version: version,
+		Usage:   "reverse proxy for container image registries (like Docker Hub)",
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:  "config",
+				Value: "",
+				Usage: "path to the config file",
+			},
+			&cli.StringFlag{
+				Name:  "loglevel",
+				Value: "INFO",
+				Usage: "how verbosely to log, one of: DEBUG, INFO, WARN, ERROR",
+			},
+		},
+		Action: func(ctx *cli.Context) error {
+			setLogLevel(ctx.String("loglevel"))
+			logger = slog.New(slog.NewTextHandler(
+				os.Stderr,
+				&slog.HandlerOptions{
+					Level: logLevel,
+				}),
+			)
+			logger.Info("registryproxy starting up",
+				"version", version,
+				"commit", commit,
+				"date", date,
+				"builder", builtBy,
+			)
+			Serve(ctx.String("config"))
+			return nil
+		},
+	}
+
+	if err := app.Run(os.Args); err != nil {
+		log.Fatal(err)
+	}
+}
+
+func Serve(configPath string) {
 	// load the yaml config file
-	config, err := LoadConfig()
+	config, err := LoadConfig(configPath)
 	if err != nil {
-		log.Fatalf("config loading error: %s", err)
+		logger.Error("config loading error", "error", err)
+		os.Exit(1)
 	}
 	config.Log()
 
 	// the secret key is used to process the PASETO tokens we issue to clients
 	if config.SecretKey == "" {
-		log.Fatal("SecretKey not found in config")
+		logger.Error("SecretKey not found in config")
+		os.Exit(1)
 	}
 	pasetoSecretKey, err := paseto.V4SymmetricKeyFromHex(config.SecretKey)
 	if err != nil {
-		log.Fatalf("Failed to parse PASETO symmetric key; err: %s", err)
+		logger.Error("Failed to parse PASETO symmetric key", "err", err)
+		os.Exit(1)
 	}
 
 	// set up http handlers for each proxy
@@ -65,23 +125,42 @@ func main() {
 			// tokenEndpoints we look it up, then add it
 			endpoint, err := DiscoverTokenEndpoint(proxy.RegistryHost)
 			if err != nil {
-				log.Fatalf("unable to discover token endpoint corresponding to the registry:%s; err:%s", proxy.RegistryHost, err)
+				logger.Error("unable to discover token endpoint", "registry", proxy.RegistryHost, "error", err)
+				os.Exit(1)
+
 			}
 			tokenEndpoints[proxy.RegistryHost] = endpoint
 		}
 
 		proxyPath := fmt.Sprintf("/v2/%s/", strings.Trim(proxy.LocalPrefix, "/"))
-		log.Printf("setup handler for path:%s pointing to proxy: %s", proxyPath, proxy.LocalPrefix)
-		mux.Handle(proxyPath, NewRegistryProxy(proxy, pasetoSecretKey))
+		logger.Info("setup handler", "path", proxyPath, "proxy", proxy.LocalPrefix)
+		mux.Handle(proxyPath, NewRegistryProxy(proxy, pasetoSecretKey, config.ProxyFQDN))
 	}
 
 	// serve
 	hostport := fmt.Sprintf("%s:%s", config.ListenAddr, config.ListenPort)
-	log.Printf("starting to listen on %s", hostport)
+	logger.Info("listening for network connections", "addr", hostport)
+
+	if err := http.ListenAndServe(hostport, PanicLogger(mux)); err != http.ErrServerClosed {
+		logger.Error("unable to start network listener", "error", err)
+		os.Exit(1)
 
-	if err := http.ListenAndServe(hostport, PanicLogger(CaptureHostHeader(mux))); err != http.ErrServerClosed {
-		log.Fatalf("listen error: %+v", err)
 	}
 
-	log.Printf("server shutdown successfully")
+	logger.Info("server shutdown successfully")
+}
+
+// PanicLogger intends to log something when an http handler panics
+func PanicLogger(next http.Handler) http.Handler {
+	// Note: this needs testing/validation, the entire concept of this middleware
+	// may be the result of several wrong assumptions
+	return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
+		defer func() {
+			if err := recover(); err != nil {
+				logger.Error("PanicLogger recovered in HTTP handler", "handler", err)
+				http.Error(rw, "Internal Server Error", http.StatusInternalServerError)
+			}
+		}()
+		next.ServeHTTP(rw, req)
+	})
 }