improved logging, better webhook output, webhook deploy fixes

Makefile

@@ -1,3 +1,3 @@
 helm-to-k8s:
 	helm template deploy/helm/fairwinds/ --name fairwinds --namespace fairwinds --set templateOnly=true > deploy/dashboard.yaml
-	helm template deploy/helm/fairwinds/ --name fairwinds --namespace fairwinds --set templateOnly=true --set webhook.enable=true dashboard.enable=false > deploy/webhook.yaml
+	helm template deploy/helm/fairwinds/ --name fairwinds --namespace fairwinds --set templateOnly=true --set webhook.enable=true --set dashboard.enable=false > deploy/webhook.yaml

deploy/dashboard.yaml

@@ -1,4 +1,10 @@
 ---
+# Source: fairwinds/templates/namespace.yaml
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: fairwinds
+---
 # Source: fairwinds/templates/configmap.yaml
 apiVersion: v1
 kind: ConfigMap
@@ -115,12 +121,6 @@ spec:
     component: dashboard
   type: ClusterIP
 ---
-# Source: fairwinds/templates/namespace.yaml
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: fairwinds
----
 # Source: fairwinds/templates/dashboard.deployment.yaml
 apiVersion: extensions/v1beta1
 kind: Deployment
@@ -188,3 +188,6 @@ spec:
 ---
 # Source: fairwinds/templates/webhook.deployment.yaml
 
+---
+# Source: fairwinds/templates/webhook.service.yaml
+

deploy/helm/fairwinds/templates/webhook.service.yaml

@@ -0,0 +1,19 @@
+{{- if .Values.webhook.enable -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "fairwinds.fullname" . }}-dashboard
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "fairwinds.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: dashboard
+    port: 80
+    protocol: TCP
+    targetPort: 8080
+  selector:
+    {{- include "fairwinds.selectors" . | nindent 4 }}
+    component: dashboard
+  type: ClusterIP
+{{- end -}}

deploy/webhook.yaml

@@ -132,67 +132,24 @@ spec:
     component: dashboard
   type: ClusterIP
 ---
-# Source: fairwinds/templates/dashboard.deployment.yaml
-apiVersion: extensions/v1beta1
-kind: Deployment
+# Source: fairwinds/templates/webhook.service.yaml
+apiVersion: v1
+kind: Service
 metadata:
-  annotations:
-    checksum/config: '5702aca235561630172c22b6b900f5cebd4e82fae60389df18a3537ff82e2f09'
   name: fairwinds-dashboard
   namespace: fairwinds
   labels:
     app: fairwinds
-    component: dashboard
 spec:
-  replicas: 1
+  ports:
+  - name: dashboard
+    port: 80
+    protocol: TCP
+    targetPort: 8080
   selector:
-    matchLabels:
-      app: fairwinds
-      component: dashboard
-  template:
-    metadata:
-      labels:
-        app: fairwinds
-        component: dashboard
-    spec:
-      volumes:
-      - name: config
-        configMap:
-          name: fairwinds
-      containers:
-      - command:
-        - fairwinds
-        - --dashboard
-        image: 'quay.io/reactiveops/fairwinds:master'
-        imagePullPolicy: 'Always'
-        name: dashboard
-        ports:
-        - containerPort: 8080
-        livenessProbe:
-          httpGet:
-            path: /
-            port: 8080
-          initialDelaySeconds: 5
-          periodSeconds: 5
-        readinessProbe:
-          httpGet:
-            path: /
-            port: 8080
-          initialDelaySeconds: 15
-          periodSeconds: 20
-        resources:
-          limits:
-            cpu: 100m
-            memory: 128Mi
-          requests:
-            cpu: 100m
-            memory: 128Mi
-        volumeMounts:
-        - name: config
-          mountPath: /opt/app/config.yaml
-          subPath: config.yaml
-          readOnly: true
-      serviceAccountName: fairwinds
+    app: fairwinds
+    component: dashboard
+  type: ClusterIP
 ---
 # Source: fairwinds/templates/webhook.deployment.yaml
 apiVersion: extensions/v1beta1
@@ -262,3 +219,6 @@ spec:
           mountPath: /tmp/cert/
           readOnly: true
       serviceAccountName:  fairwinds
+---
+# Source: fairwinds/templates/dashboard.deployment.yaml
+

main.go

@@ -20,30 +20,25 @@ import (
 	"flag"
 	"fmt"
 	"io/ioutil"
-	glog "log"
 	"net/http"
 	"os"
-	"strconv"
 
 	conf "github.com/reactiveops/fairwinds/pkg/config"
 	"github.com/reactiveops/fairwinds/pkg/dashboard"
 	"github.com/reactiveops/fairwinds/pkg/kube"
 	"github.com/reactiveops/fairwinds/pkg/validator"
 	fwebhook "github.com/reactiveops/fairwinds/pkg/webhook"
+	"github.com/sirupsen/logrus"
 	"gopkg.in/yaml.v2"
 	appsv1 "k8s.io/api/apps/v1"
-	corev1 "k8s.io/api/core/v1"
 	apitypes "k8s.io/apimachinery/pkg/types"
 	_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"
 	"sigs.k8s.io/controller-runtime/pkg/client/config"
 	"sigs.k8s.io/controller-runtime/pkg/manager"
-	logf "sigs.k8s.io/controller-runtime/pkg/runtime/log"
 	"sigs.k8s.io/controller-runtime/pkg/runtime/signals"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
 )
 
-var log = logf.Log.WithName("fairwinds")
-
 func main() {
 	dashboard := flag.Bool("dashboard", false, "Runs the webserver for Fairwinds dashboard.")
 	webhook := flag.Bool("webhook", false, "Runs the webhook webserver.")
@@ -53,16 +48,22 @@ func main() {
 	auditOutputURL := flag.String("output-url", "", "Destination URL to send audit results")
 	auditOutputFile := flag.String("output-file", "", "Destination file for audit results")
 	configPath := flag.String("config", "config.yaml", "Location of Fairwinds configuration file")
-
-	var disableWebhookConfigInstaller bool
-	flag.BoolVar(&disableWebhookConfigInstaller, "disable-webhook-config-installer", false,
+	logLevel := flag.String("log-level", logrus.InfoLevel.String(), "Logrus log level")
+	disableWebhookConfigInstaller := flag.Bool("disable-webhook-config-installer", false,
 		"disable the installer in the webhook server, so it won't install webhook configuration resources during bootstrapping")
 
 	flag.Parse()
 
+	parsedLevel, err := logrus.ParseLevel(*logLevel)
+	if err != nil {
+		logrus.Errorf("log-level flag has invalid value %s", *logLevel)
+	} else {
+		logrus.SetLevel(parsedLevel)
+	}
+
 	c, err := conf.ParseFile(*configPath)
 	if err != nil {
-		glog.Println("Error parsing config at "+*configPath, err)
+		logrus.Errorf("Error parsing config at %s: %v", *configPath, err)
 		os.Exit(1)
 	}
 
@@ -71,7 +72,7 @@ func main() {
 	}
 
 	if *webhook {
-		startWebhookServer(c, disableWebhookConfigInstaller, *webhookPort)
+		startWebhookServer(c, *disableWebhookConfigInstaller, *webhookPort)
 	} else if *dashboard {
 		startDashboardServer(c, *dashboardPort)
 	} else if *audit {
@@ -96,38 +97,40 @@ func startDashboardServer(c conf.Configuration, port int) {
 		}
 		auditData, err := validator.RunAudit(c, k)
 		if err != nil {
-			fmt.Printf("Error getting audit data %v \n", err)
+			logrus.Errorf("Error getting audit data: %v", err)
 			http.Error(w, "Error running audit", 500)
 			return
 		}
 		dashboard.MainHandler(w, r, auditData)
 	})
-	portStr := strconv.Itoa(port)
-	glog.Println("Starting Fairwinds dashboard server on port " + portStr)
-	glog.Fatal(http.ListenAndServe(":"+portStr, nil))
+
+	logrus.Infof("Starting Fairwinds dashboard server on port %d", port)
+	logrus.Fatal(http.ListenAndServe(fmt.Sprintf(":%d", port), nil))
 }
 
 func startWebhookServer(c conf.Configuration, disableWebhookConfigInstaller bool, port int) {
-	logf.SetLogger(logf.ZapLogger(false))
-	entryLog := log.WithName("entrypoint")
-
-	// Setup a Manager
-	entryLog.Info("setting up manager")
+	logrus.Debug("Setting up controller manager")
 	mgr, err := manager.New(config.GetConfigOrDie(), manager.Options{})
 	if err != nil {
-		entryLog.Error(err, "unable to set up overall controller manager")
+		logrus.Errorf("Unable to set up overall controller manager: %v", err)
 		os.Exit(1)
 	}
 
 	fairwindsResourceName := "fairwinds"
-	fairwindsNamespaceBytes, _ := ioutil.ReadFile("/var/run/secrets/kubernetes.io/serviceaccount/namespace")
+	fairwindsNamespaceBytes, err := ioutil.ReadFile("/var/run/secrets/kubernetes.io/serviceaccount/namespace")
+
+	if err != nil {
+		// Not exiting here as we have fallback options
+		logrus.Debugf("Error reading namespace information: %v", err)
+	}
+
 	fairwindsNamespace := string(fairwindsNamespaceBytes)
 	if fairwindsNamespace == "" {
-		fmt.Printf("could not determine current namespace, creating resources in %s namespace\n", fairwindsResourceName)
 		fairwindsNamespace = fairwindsResourceName
+		logrus.Debugf("Could not determine current namespace, creating resources in %s namespace", fairwindsNamespace)
 	}
 
-	entryLog.Info("setting up webhook server")
+	logrus.Info("Setting up webhook server")
 	as, err := webhook.NewServer(fairwindsResourceName, mgr, webhook.ServerOptions{
 		Port:                          int32(port),
 		CertDir:                       "/tmp/cert",
@@ -150,70 +153,88 @@ func startWebhookServer(c conf.Configuration, disableWebhookConfigInstaller bool
 			},
 		},
 	})
+
 	if err != nil {
-		entryLog.Error(err, "unable to create a new webhook server")
+		logrus.Errorf("Error setting up webhook server: %v", err)
 		os.Exit(1)
-	} else {
-		glog.Println("Fairwinds webhook server listening on port " + strconv.Itoa(port))
 	}
 
-	p := fwebhook.NewWebhook("pod", mgr, fwebhook.Validator{Config: c}, &corev1.Pod{})
+	logrus.Infof("Fairwinds webhook server listening on port %d", port)
+
 	d := fwebhook.NewWebhook("deploy", mgr, fwebhook.Validator{Config: c}, &appsv1.Deployment{})
-	entryLog.Info("registering webhooks to the webhook server")
-	if err = as.Register(p, d); err != nil {
-		entryLog.Error(err, "unable to register webhooks in the admission server")
+	logrus.Debug("Registering webhooks to the webhook server")
+	if err = as.Register(d); err != nil {
+		logrus.Debugf("Unable to register webhooks in the admission server: %v", err)
 		os.Exit(1)
 	}
 
-	entryLog.Info("starting manager")
+	logrus.Debug("Starting webhook manager")
 	if err := mgr.Start(signals.SetupSignalHandler()); err != nil {
-		entryLog.Error(err, "unable to run manager")
+		logrus.Errorf("Error starting manager: %v", err)
 		os.Exit(1)
 	}
 }
 
 func runAudit(c conf.Configuration, outputFile string, outputURL string) {
 	k, _ := kube.CreateKubeAPI()
 	auditData, err := validator.RunAudit(c, k)
+
 	if err != nil {
 		panic(err)
 	}
 
 	if outputURL == "" && outputFile == "" {
 		yamlBytes, err := yaml.Marshal(auditData)
+
 		if err != nil {
-			panic(err)
+			logrus.Errorf("Error marshalling YAML: %v", err)
+			os.Exit(1)
 		}
+
 		os.Stdout.Write(yamlBytes)
+
 	} else {
 		jsonData, err := json.MarshalIndent(auditData, "", "  ")
+
 		if err != nil {
-			panic(err)
+			logrus.Errorf("Error marshalling JSON: %v", err)
+			os.Exit(1)
 		}
 
 		if outputURL != "" {
 			req, err := http.NewRequest("POST", outputURL, bytes.NewBuffer(jsonData))
-			req.Header.Set("Content-Type", "application/json")
 
+			if err != nil {
+				logrus.Errorf("Error building request for output: %v", err)
+				os.Exit(1)
+			}
+
+			req.Header.Set("Content-Type", "application/json")
 			client := &http.Client{}
 			resp, err := client.Do(req)
+
 			if err != nil {
-				panic(err)
+				logrus.Errorf("Error making request for output: %v", err)
+				os.Exit(1)
 			}
+
 			defer resp.Body.Close()
 
 			body, err := ioutil.ReadAll(resp.Body)
+
 			if err != nil {
-				fmt.Println("Error reading audit output URL response")
-			} else {
-				glog.Println(string(body))
+				logrus.Errorf("Error reading response: %v", err)
+				os.Exit(1)
 			}
+
+			logrus.Infof("Received response: %v", body)
 		}
 
 		if outputFile != "" {
 			err := ioutil.WriteFile(outputFile, []byte(jsonData), 0644)
 			if err != nil {
-				panic(err)
+				logrus.Errorf("Error writing output to file: %v", err)
+				os.Exit(1)
 			}
 		}
 	}

pkg/dashboard/dashboard.go

@@ -18,13 +18,13 @@ import (
 	"bytes"
 	"encoding/json"
 	"html/template"
-	"log"
 	"net/http"
 
 	packr "github.com/gobuffalo/packr/v2"
 	conf "github.com/reactiveops/fairwinds/pkg/config"
 	"github.com/reactiveops/fairwinds/pkg/kube"
 	"github.com/reactiveops/fairwinds/pkg/validator"
+	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -77,7 +77,7 @@ func MainHandler(w http.ResponseWriter, r *http.Request, auditData validator.Aud
 	templateFile, err := templateBox.Find(TemplateName)
 
 	if err != nil {
-		log.Printf("Error getting template data %v\n", err)
+		logrus.Printf("Error getting template data %v", err)
 		http.Error(w, "Error getting template data", 500)
 		return
 	}