beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

reduce verbosity of TLS auth and FlushAgentsAndBouncers (#1588)

Browse source
This commit is contained in:
blotus 2022-06-13 16:08:00 +02:00 committed by GitHub
parent 581ddf78fc
commit 9c1b78395a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
pkg/apiserver/middlewares/v1/tls_auth.go
View file

@ -235,7 +235,7 @@ func (ta *TLSAuth) ValidateCert(c *gin.Context) (bool, string, error) {
if revoked {
return false, "", fmt.Errorf("client certificate is revoked")
}
ta.logger.Infof("client OU %v is allowed vs required OU %v", clientCert.Subject.OrganizationalUnit, ta.AllowedOUs)
ta.logger.Debugf("client OU %v is allowed vs required OU %v", clientCert.Subject.OrganizationalUnit, ta.AllowedOUs)
return true, clientCert.Subject.CommonName, nil
}
return false, "", fmt.Errorf("no verified cert in request")

14
pkg/database/alerts.go
View file

@ -894,10 +894,10 @@ func (c *Client) FlushOrphans() {
}
func (c *Client) FlushAgentsAndBouncers(agentsCfg *csconfig.AuthGCCfg, bouncersCfg *csconfig.AuthGCCfg) error {
log.Printf("starting FlushAgentsAndBouncers")
log.Debug("starting FlushAgentsAndBouncers")
if bouncersCfg != nil {
if bouncersCfg.ApiDuration != nil {
log.Printf("trying to delete old bouncers from api")
log.Debug("trying to delete old bouncers from api")
deletionCount, err := c.Ent.Bouncer.Delete().Where(
bouncer.LastPullLTE(time.Now().UTC().Add(*bouncersCfg.ApiDuration)),
).Where(
@ -910,7 +910,7 @@ func (c *Client) FlushAgentsAndBouncers(agentsCfg *csconfig.AuthGCCfg, bouncersC
}
}
if bouncersCfg.CertDuration != nil {
log.Printf("trying to delete old bouncers from cert")
log.Debug("trying to delete old bouncers from cert")
deletionCount, err := c.Ent.Bouncer.Delete().Where(
bouncer.LastPullLTE(time.Now().UTC().Add(*bouncersCfg.CertDuration)),
@ -927,7 +927,7 @@ func (c *Client) FlushAgentsAndBouncers(agentsCfg *csconfig.AuthGCCfg, bouncersC
if agentsCfg != nil {
if agentsCfg.CertDuration != nil {
log.Printf("trying to delete old agents from cert")
log.Debug("trying to delete old agents from cert")
deletionCount, err := c.Ent.Machine.Delete().Where(
machine.LastPushLTE(time.Now().UTC().Add(*agentsCfg.CertDuration)),
@ -936,7 +936,7 @@ func (c *Client) FlushAgentsAndBouncers(agentsCfg *csconfig.AuthGCCfg, bouncersC
).Where(
machine.AuthTypeEQ(types.TlsAuthType),
).Exec(c.CTX)
log.Printf("deleted %d entries", deletionCount)
log.Debugf("deleted %d entries", deletionCount)
if err != nil {
c.Log.Errorf("while auto-deleting expired machine (cert) : %s", err)
} else if deletionCount > 0 {
@ -944,7 +944,7 @@ func (c *Client) FlushAgentsAndBouncers(agentsCfg *csconfig.AuthGCCfg, bouncersC
}
}
if agentsCfg.LoginPasswordDuration != nil {
log.Printf("trying to delete old agents from password")
log.Debug("trying to delete old agents from password")
deletionCount, err := c.Ent.Machine.Delete().Where(
machine.LastPushLTE(time.Now().UTC().Add(*agentsCfg.LoginPasswordDuration)),
@ -953,7 +953,7 @@ func (c *Client) FlushAgentsAndBouncers(agentsCfg *csconfig.AuthGCCfg, bouncersC
).Where(
machine.AuthTypeEQ(types.PasswordAuthType),
).Exec(c.CTX)
log.Printf("deleted %d entries", deletionCount)
log.Debugf("deleted %d entries", deletionCount)
if err != nil {
c.Log.Errorf("while auto-deleting expired machine (password) : %s", err)
} else if deletionCount > 0 {