Merge pull request #805 from fluxcd/oci-logr

Use `go-logr/logr` interface for OCI auth logging

oci/auth/aws/auth.go

@@ -29,8 +29,8 @@ import (
 	"github.com/aws/aws-sdk-go-v2/aws"
 	"github.com/aws/aws-sdk-go-v2/config"
 	"github.com/aws/aws-sdk-go-v2/service/ecr"
+	"github.com/go-logr/logr"
 	"github.com/google/go-containerregistry/pkg/authn"
-	"sigs.k8s.io/controller-runtime/pkg/log"
 
 	"github.com/fluxcd/pkg/oci"
 )
@@ -137,7 +137,7 @@ func (c *Client) getLoginAuth(ctx context.Context, awsEcrRegion string) (authn.A
 // It returns the authentication material and the expiry time of the token.
 func (c *Client) LoginWithExpiry(ctx context.Context, autoLogin bool, image string) (authn.Authenticator, time.Time, error) {
 	if autoLogin {
-		log.FromContext(ctx).Info("logging in to AWS ECR for " + image)
+		logr.FromContextOrDiscard(ctx).Info("logging in to AWS ECR for " + image)
 		_, awsEcrRegion, ok := ParseRegistry(image)
 		if !ok {
 			return nil, time.Time{}, errors.New("failed to parse AWS ECR image, invalid ECR image")

oci/auth/azure/auth.go

@@ -27,9 +27,9 @@ import (
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
 	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
+	"github.com/go-logr/logr"
 	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/name"
-	"sigs.k8s.io/controller-runtime/pkg/log"
 
 	"github.com/fluxcd/pkg/oci"
 )
@@ -135,13 +135,13 @@ func ValidHost(host string) bool {
 // The caller can ensure that the passed image is a valid ACR image using ValidHost().
 func (c *Client) LoginWithExpiry(ctx context.Context, autoLogin bool, image string, ref name.Reference) (authn.Authenticator, time.Time, error) {
 	if autoLogin {
-		log.FromContext(ctx).Info("logging in to Azure ACR for " + image)
+		logr.FromContextOrDiscard(ctx).Info("logging in to Azure ACR for " + image)
 		// get registry host from image
 		strArr := strings.SplitN(image, "/", 2)
 		endpoint := fmt.Sprintf("%s://%s", c.scheme, strArr[0])
 		authConfig, expiresAt, err := c.getLoginAuth(ctx, endpoint)
 		if err != nil {
-			log.FromContext(ctx).Info("error logging into ACR " + err.Error())
+			logr.FromContextOrDiscard(ctx).Info("error logging into ACR " + err.Error())
 			return nil, time.Time{}, err
 		}
 
@@ -167,7 +167,7 @@ func (c *Client) Login(ctx context.Context, autoLogin bool, image string, ref na
 func (c *Client) OIDCLogin(ctx context.Context, registryUrl string) (authn.Authenticator, error) {
 	authConfig, _, err := c.getLoginAuth(ctx, registryUrl)
 	if err != nil {
-		log.FromContext(ctx).Info("error logging into ACR " + err.Error())
+		logr.FromContextOrDiscard(ctx).Info("error logging into ACR " + err.Error())
 		return nil, err
 	}
 

oci/auth/gcp/auth.go

@@ -25,9 +25,9 @@ import (
 	"strings"
 	"time"
 
+	"github.com/go-logr/logr"
 	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/name"
-	"sigs.k8s.io/controller-runtime/pkg/log"
 
 	"github.com/fluxcd/pkg/oci"
 )
@@ -111,10 +111,10 @@ func (c *Client) getLoginAuth(ctx context.Context) (authn.AuthConfig, time.Time,
 // The caller can ensure that the passed image is a valid GCR image using ValidHost().
 func (c *Client) LoginWithExpiry(ctx context.Context, autoLogin bool, image string, ref name.Reference) (authn.Authenticator, time.Time, error) {
 	if autoLogin {
-		log.FromContext(ctx).Info("logging in to GCP GCR for " + image)
+		logr.FromContextOrDiscard(ctx).Info("logging in to GCP GCR for " + image)
 		authConfig, expiresAt, err := c.getLoginAuth(ctx)
 		if err != nil {
-			log.FromContext(ctx).Info("error logging into GCP " + err.Error())
+			logr.FromContextOrDiscard(ctx).Info("error logging into GCP " + err.Error())
 			return nil, time.Time{}, err
 		}
 
@@ -137,7 +137,7 @@ func (c *Client) Login(ctx context.Context, autoLogin bool, image string, ref na
 func (c *Client) OIDCLogin(ctx context.Context) (authn.Authenticator, error) {
 	authConfig, _, err := c.getLoginAuth(ctx)
 	if err != nil {
-		log.FromContext(ctx).Info("error logging into GCP " + err.Error())
+		logr.FromContextOrDiscard(ctx).Info("error logging into GCP " + err.Error())
 		return nil, err
 	}
 

oci/auth/login/login.go

@@ -22,9 +22,9 @@ import (
 	"net/url"
 	"strings"
 
+	"github.com/go-logr/logr"
 	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/name"
-	"sigs.k8s.io/controller-runtime/pkg/log"
 
 	"github.com/fluxcd/pkg/cache"
 	"github.com/fluxcd/pkg/oci"
@@ -112,7 +112,6 @@ func (m *Manager) WithACRClient(c *azure.Client) *Manager {
 // Login performs authentication against a registry and returns the Authenticator.
 // For generic registry provider, it is no-op.
 func (m *Manager) Login(ctx context.Context, url string, ref name.Reference, opts ProviderOptions) (authn.Authenticator, error) {
-	log := log.FromContext(ctx)
 	provider := ImageRegistryProvider(url, ref)
 	var (
 		key string
@@ -121,11 +120,11 @@ func (m *Manager) Login(ctx context.Context, url string, ref name.Reference, opt
 	if opts.Cache != nil {
 		key, err = m.keyFromURL(url, provider)
 		if err != nil {
-			log.Error(err, "failed to get cache key")
+			logr.FromContextOrDiscard(ctx).Error(err, "failed to get cache key")
 		} else {
 			auth, exists, err := getObjectFromCache(opts.Cache, key)
 			if err != nil {
-				log.Error(err, "failed to get auth object from cache")
+				logr.FromContextOrDiscard(ctx).Error(err, "failed to get auth object from cache")
 			}
 			if exists {
 				return auth, nil
@@ -142,7 +141,7 @@ func (m *Manager) Login(ctx context.Context, url string, ref name.Reference, opt
 		if opts.Cache != nil {
 			err := cacheObject(opts.Cache, auth, key, expiresAt)
 			if err != nil {
-				log.Error(err, "failed to cache auth object")
+				logr.FromContextOrDiscard(ctx).Error(err, "failed to cache auth object")
 			}
 		}
 		return auth, nil
@@ -154,7 +153,7 @@ func (m *Manager) Login(ctx context.Context, url string, ref name.Reference, opt
 		if opts.Cache != nil {
 			err := cacheObject(opts.Cache, auth, key, expiresAt)
 			if err != nil {
-				log.Error(err, "failed to cache auth object")
+				logr.FromContextOrDiscard(ctx).Error(err, "failed to cache auth object")
 			}
 		}
 		return auth, nil
@@ -166,7 +165,7 @@ func (m *Manager) Login(ctx context.Context, url string, ref name.Reference, opt
 		if opts.Cache != nil {
 			err := cacheObject(opts.Cache, auth, key, expiresAt)
 			if err != nil {
-				log.Error(err, "failed to cache auth object")
+				logr.FromContextOrDiscard(ctx).Error(err, "failed to cache auth object")
 			}
 		}
 		return auth, nil
@@ -191,19 +190,19 @@ func (m *Manager) OIDCLogin(ctx context.Context, registryURL string, opts Provid
 		if !opts.AwsAutoLogin {
 			return nil, fmt.Errorf("ECR authentication failed: %w", oci.ErrUnconfiguredProvider)
 		}
-		log.FromContext(ctx).Info("logging in to AWS ECR for " + u.Host)
+		logr.FromContextOrDiscard(ctx).Info("logging in to AWS ECR for " + u.Host)
 		return m.ecr.OIDCLogin(ctx, u.Host)
 	case oci.ProviderGCP:
 		if !opts.GcpAutoLogin {
 			return nil, fmt.Errorf("GCR authentication failed: %w", oci.ErrUnconfiguredProvider)
 		}
-		log.FromContext(ctx).Info("logging in to GCP GCR for " + u.Host)
+		logr.FromContextOrDiscard(ctx).Info("logging in to GCP GCR for " + u.Host)
 		return m.gcr.OIDCLogin(ctx)
 	case oci.ProviderAzure:
 		if !opts.AzureAutoLogin {
 			return nil, fmt.Errorf("ACR authentication failed: %w", oci.ErrUnconfiguredProvider)
 		}
-		log.FromContext(ctx).Info("logging in to Azure ACR for " + u.Host)
+		logr.FromContextOrDiscard(ctx).Info("logging in to Azure ACR for " + u.Host)
 		return m.acr.OIDCLogin(ctx, fmt.Sprintf("%s://%s", u.Scheme, u.Host))
 	}
 	return nil, nil

oci/client/suite_test.go

@@ -21,35 +21,50 @@ import (
 	"fmt"
 	"io"
 	"math/rand"
+	"net"
 	"os"
+	"strconv"
+	"strings"
 	"testing"
 	"time"
 
 	"github.com/distribution/distribution/v3/configuration"
 	"github.com/distribution/distribution/v3/registry"
 	_ "github.com/distribution/distribution/v3/registry/auth/htpasswd"
 	_ "github.com/distribution/distribution/v3/registry/storage/driver/inmemory"
-	"github.com/phayes/freeport"
 	"github.com/sirupsen/logrus"
-	ctrl "sigs.k8s.io/controller-runtime"
 )
 
 var (
 	dockerReg string
 )
 
 func setupRegistryServer(ctx context.Context) error {
+	// Find a free port
+	lis, err := net.Listen("tcp", "localhost:0")
+	if err != nil {
+		return fmt.Errorf("failed to create listener: %s", err)
+	}
+
+	addr := lis.Addr().String()
+	addrParts := strings.Split(addr, ":")
+	portStr := addrParts[len(addrParts)-1]
+	port, err := strconv.Atoi(portStr)
+	if err != nil {
+		return fmt.Errorf("failed to parse port: %s", err)
+	}
+
+	err = lis.Close()
+	if err != nil {
+		return fmt.Errorf("failed to close listener: %s", err)
+	}
+
 	// Registry config
 	config := &configuration.Configuration{}
 	config.Log.AccessLog.Disabled = true
 	config.Log.Level = "error"
 	logrus.SetOutput(io.Discard)
 
-	port, err := freeport.GetFreePort()
-	if err != nil {
-		return fmt.Errorf("failed to get free port: %s", err)
-	}
-
 	dockerReg = fmt.Sprintf("localhost:%d", port)
 	config.HTTP.Addr = fmt.Sprintf("127.0.0.1:%d", port)
 	config.HTTP.DrainTimeout = time.Duration(10) * time.Second
@@ -66,7 +81,8 @@ func setupRegistryServer(ctx context.Context) error {
 }
 
 func TestMain(m *testing.M) {
-	ctx := ctrl.SetupSignalHandler()
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
 	err := setupRegistryServer(ctx)
 	if err != nil {
 		panic(fmt.Sprintf("failed to start docker registry: %s", err))

oci/go.mod

@@ -10,38 +10,37 @@ replace (
 )
 
 require (
-	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1
-	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.6.0
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0
 	github.com/Masterminds/semver/v3 v3.2.1
-	github.com/aws/aws-sdk-go-v2 v1.30.3
-	github.com/aws/aws-sdk-go-v2/config v1.27.27
-	github.com/aws/aws-sdk-go-v2/credentials v1.17.27
-	github.com/aws/aws-sdk-go-v2/service/ecr v1.32.0
+	github.com/aws/aws-sdk-go-v2 v1.30.4
+	github.com/aws/aws-sdk-go-v2/config v1.27.29
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.29
+	github.com/aws/aws-sdk-go-v2/service/ecr v1.32.2
 	github.com/distribution/distribution/v3 v3.0.0-beta.1
-	github.com/fluxcd/pkg/cache v0.0.2
+	github.com/fluxcd/pkg/cache v0.0.3
 	github.com/fluxcd/pkg/sourceignore v0.8.0
 	github.com/fluxcd/pkg/tar v0.8.0
 	github.com/fluxcd/pkg/version v0.4.0
+	github.com/go-logr/logr v1.4.2
 	github.com/google/go-containerregistry v0.20.2
 	github.com/onsi/gomega v1.34.1
-	github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5
 	github.com/sirupsen/logrus v1.9.3
-	sigs.k8s.io/controller-runtime v0.19.0
 )
 
 require (
-	github.com/Azure/azure-sdk-for-go/sdk/internal v1.8.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
 	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect
-	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.11 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.15 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.15 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.17 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.22.4 // indirect
-	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.4 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.30.3 // indirect
-	github.com/aws/smithy-go v1.20.3 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.12 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.16 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.16 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.18 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.22.5 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.5 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.30.5 // indirect
+	github.com/aws/smithy-go v1.20.4 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/blang/semver/v4 v4.0.0 // indirect
 	github.com/bshuster-repo/logrus-logstash-hook v1.0.0 // indirect
@@ -59,23 +58,19 @@ require (
 	github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect
 	github.com/docker/go-metrics v0.0.1 // indirect
 	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
-	github.com/evanphx/json-patch/v5 v5.9.0 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/fluxcd/cli-utils v0.36.0-flux.9 // indirect
-	github.com/fsnotify/fsnotify v1.7.0 // indirect
 	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
 	github.com/go-errors/errors v1.5.1 // indirect
 	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
 	github.com/go-git/go-billy/v5 v5.5.0 // indirect
 	github.com/go-git/go-git/v5 v5.12.0 // indirect
-	github.com/go-logr/logr v1.4.2 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-openapi/jsonpointer v0.19.6 // indirect
 	github.com/go-openapi/jsonreference v0.20.2 // indirect
 	github.com/go-openapi/swag v0.22.4 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
-	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
@@ -148,7 +143,6 @@ require (
 	golang.org/x/term v0.23.0 // indirect
 	golang.org/x/text v0.17.0 // indirect
 	golang.org/x/time v0.6.0 // indirect
-	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20240701130421-f6361c86f094 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094 // indirect
 	google.golang.org/grpc v1.65.0 // indirect
@@ -159,7 +153,6 @@ require (
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/api v0.31.0 // indirect
-	k8s.io/apiextensions-apiserver v0.31.0 // indirect
 	k8s.io/apimachinery v0.31.0 // indirect
 	k8s.io/cli-runtime v0.31.0 // indirect
 	k8s.io/client-go v0.31.0 // indirect