reduce verbosity of TLS auth and FlushAgentsAndBouncers (#1588)
This commit is contained in:
blotus
GitHub
parent
581ddf78fc
commit
9c1b78395a
|
|
@ -235,7 +235,7 @@ func (ta *TLSAuth) ValidateCert(c *gin.Context) (bool, string, error) {
|
||||||
if revoked {
|
if revoked {
|
||||||
return false, "", fmt.Errorf("client certificate is revoked")
|
return false, "", fmt.Errorf("client certificate is revoked")
|
||||||
}
|
}
|
||||||
ta.logger.Infof("client OU %v is allowed vs required OU %v", clientCert.Subject.OrganizationalUnit, ta.AllowedOUs)
|
ta.logger.Debugf("client OU %v is allowed vs required OU %v", clientCert.Subject.OrganizationalUnit, ta.AllowedOUs)
|
||||||
return true, clientCert.Subject.CommonName, nil
|
return true, clientCert.Subject.CommonName, nil
|
||||||
}
|
}
|
||||||
return false, "", fmt.Errorf("no verified cert in request")
|
return false, "", fmt.Errorf("no verified cert in request")
|
||||||
|
|
|
||||||
|
|
@ -894,10 +894,10 @@ func (c *Client) FlushOrphans() {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *Client) FlushAgentsAndBouncers(agentsCfg *csconfig.AuthGCCfg, bouncersCfg *csconfig.AuthGCCfg) error {
|
func (c *Client) FlushAgentsAndBouncers(agentsCfg *csconfig.AuthGCCfg, bouncersCfg *csconfig.AuthGCCfg) error {
|
||||||
log.Printf("starting FlushAgentsAndBouncers")
|
log.Debug("starting FlushAgentsAndBouncers")
|
||||||
if bouncersCfg != nil {
|
if bouncersCfg != nil {
|
||||||
if bouncersCfg.ApiDuration != nil {
|
if bouncersCfg.ApiDuration != nil {
|
||||||
log.Printf("trying to delete old bouncers from api")
|
log.Debug("trying to delete old bouncers from api")
|
||||||
deletionCount, err := c.Ent.Bouncer.Delete().Where(
|
deletionCount, err := c.Ent.Bouncer.Delete().Where(
|
||||||
bouncer.LastPullLTE(time.Now().UTC().Add(*bouncersCfg.ApiDuration)),
|
bouncer.LastPullLTE(time.Now().UTC().Add(*bouncersCfg.ApiDuration)),
|
||||||
).Where(
|
).Where(
|
||||||
|
|
@ -910,7 +910,7 @@ func (c *Client) FlushAgentsAndBouncers(agentsCfg *csconfig.AuthGCCfg, bouncersC
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if bouncersCfg.CertDuration != nil {
|
if bouncersCfg.CertDuration != nil {
|
||||||
log.Printf("trying to delete old bouncers from cert")
|
log.Debug("trying to delete old bouncers from cert")
|
||||||
|
|
||||||
deletionCount, err := c.Ent.Bouncer.Delete().Where(
|
deletionCount, err := c.Ent.Bouncer.Delete().Where(
|
||||||
bouncer.LastPullLTE(time.Now().UTC().Add(*bouncersCfg.CertDuration)),
|
bouncer.LastPullLTE(time.Now().UTC().Add(*bouncersCfg.CertDuration)),
|
||||||
|
|
@ -927,7 +927,7 @@ func (c *Client) FlushAgentsAndBouncers(agentsCfg *csconfig.AuthGCCfg, bouncersC
|
||||||
|
|
||||||
if agentsCfg != nil {
|
if agentsCfg != nil {
|
||||||
if agentsCfg.CertDuration != nil {
|
if agentsCfg.CertDuration != nil {
|
||||||
log.Printf("trying to delete old agents from cert")
|
log.Debug("trying to delete old agents from cert")
|
||||||
|
|
||||||
deletionCount, err := c.Ent.Machine.Delete().Where(
|
deletionCount, err := c.Ent.Machine.Delete().Where(
|
||||||
machine.LastPushLTE(time.Now().UTC().Add(*agentsCfg.CertDuration)),
|
machine.LastPushLTE(time.Now().UTC().Add(*agentsCfg.CertDuration)),
|
||||||
|
|
@ -936,7 +936,7 @@ func (c *Client) FlushAgentsAndBouncers(agentsCfg *csconfig.AuthGCCfg, bouncersC
|
||||||
).Where(
|
).Where(
|
||||||
machine.AuthTypeEQ(types.TlsAuthType),
|
machine.AuthTypeEQ(types.TlsAuthType),
|
||||||
).Exec(c.CTX)
|
).Exec(c.CTX)
|
||||||
log.Printf("deleted %d entries", deletionCount)
|
log.Debugf("deleted %d entries", deletionCount)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
c.Log.Errorf("while auto-deleting expired machine (cert) : %s", err)
|
c.Log.Errorf("while auto-deleting expired machine (cert) : %s", err)
|
||||||
} else if deletionCount > 0 {
|
} else if deletionCount > 0 {
|
||||||
|
|
@ -944,7 +944,7 @@ func (c *Client) FlushAgentsAndBouncers(agentsCfg *csconfig.AuthGCCfg, bouncersC
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if agentsCfg.LoginPasswordDuration != nil {
|
if agentsCfg.LoginPasswordDuration != nil {
|
||||||
log.Printf("trying to delete old agents from password")
|
log.Debug("trying to delete old agents from password")
|
||||||
|
|
||||||
deletionCount, err := c.Ent.Machine.Delete().Where(
|
deletionCount, err := c.Ent.Machine.Delete().Where(
|
||||||
machine.LastPushLTE(time.Now().UTC().Add(*agentsCfg.LoginPasswordDuration)),
|
machine.LastPushLTE(time.Now().UTC().Add(*agentsCfg.LoginPasswordDuration)),
|
||||||
|
|
@ -953,7 +953,7 @@ func (c *Client) FlushAgentsAndBouncers(agentsCfg *csconfig.AuthGCCfg, bouncersC
|
||||||
).Where(
|
).Where(
|
||||||
machine.AuthTypeEQ(types.PasswordAuthType),
|
machine.AuthTypeEQ(types.PasswordAuthType),
|
||||||
).Exec(c.CTX)
|
).Exec(c.CTX)
|
||||||
log.Printf("deleted %d entries", deletionCount)
|
log.Debugf("deleted %d entries", deletionCount)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
c.Log.Errorf("while auto-deleting expired machine (password) : %s", err)
|
c.Log.Errorf("while auto-deleting expired machine (password) : %s", err)
|
||||||
} else if deletionCount > 0 {
|
} else if deletionCount > 0 {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue