WARNING: Dump HTTP requests/responses at logrus Trace level

WARNING: This includes credentials, if any. Signed-off-by: Miloslav Trmač <[email protected]>
containers · Feb 6, 2023 · afb1bba · afb1bba
1 parent 7823b59
commit afb1bba
Show file tree

Hide file tree

Showing 5 changed files with 42 additions and 9 deletions.
diff --git a/docker/docker_client.go b/docker/docker_client.go
@@ -18,6 +18,7 @@ import (
 	"time"
 
 	"github.com/containers/image/v5/docker/reference"
+	"github.com/containers/image/v5/internal/httpdump"
 	"github.com/containers/image/v5/internal/iolimits"
 	"github.com/containers/image/v5/internal/useragent"
 	"github.com/containers/image/v5/manifest"
@@ -615,7 +616,7 @@ func (c *dockerClient) makeRequestToResolvedURLOnce(ctx context.Context, method
 		}
 	}
 	logrus.Debugf("%s %s", method, resolvedURL.Redacted())
-	res, err := c.client.Do(req)
+	res, err := httpdump.DoRequest(c.client, req)
 	if err != nil {
 		return nil, err
 	}
@@ -726,7 +727,7 @@ func (c *dockerClient) getBearerTokenOAuth2(ctx context.Context, challenge chall
 	authReq.Header.Add("User-Agent", c.userAgent)
 	authReq.Header.Add("Content-Type", "application/x-www-form-urlencoded")
 	logrus.Debugf("%s %s", authReq.Method, authReq.URL.Redacted())
-	res, err := c.client.Do(authReq)
+	res, err := httpdump.DoRequest(c.client, authReq)
 	if err != nil {
 		return nil, err
 	}
@@ -778,7 +779,7 @@ func (c *dockerClient) getBearerToken(ctx context.Context, challenge challenge,
 	authReq.Header.Add("User-Agent", c.userAgent)
 
 	logrus.Debugf("%s %s", authReq.Method, authReq.URL.Redacted())
-	res, err := c.client.Do(authReq)
+	res, err := httpdump.DoRequest(c.client, authReq)
 	if err != nil {
 		return nil, err
 	}

diff --git a/docker/docker_image_src.go b/docker/docker_image_src.go
@@ -14,6 +14,7 @@ import (
 	"sync"
 
 	"github.com/containers/image/v5/docker/reference"
+	"github.com/containers/image/v5/internal/httpdump"
 	"github.com/containers/image/v5/internal/imagesource/impl"
 	"github.com/containers/image/v5/internal/imagesource/stubs"
 	"github.com/containers/image/v5/internal/iolimits"
@@ -495,7 +496,7 @@ func (s *dockerImageSource) getOneSignature(ctx context.Context, sigURL *url.URL
 		if err != nil {
 			return nil, false, err
 		}
-		res, err := s.c.client.Do(req)
+		res, err := httpdump.DoRequest(s.c.client, req)
 		if err != nil {
 			return nil, false, err
 		}

diff --git a/internal/httpdump/dump.go b/internal/httpdump/dump.go
@@ -0,0 +1,31 @@
+package httpdump
+
+import (
+	"net/http"
+	"net/http/httputil"
+
+	"github.com/sirupsen/logrus"
+)
+
+// DoRequest (c, req) is the same as c.Do(req), but it may log the
+// request and response at logrus trace level.
+func DoRequest(c *http.Client, req *http.Request) (*http.Response, error) {
+	if logrus.IsLevelEnabled(logrus.TraceLevel) {
+		if dro, err := httputil.DumpRequestOut(req, false); err != nil {
+			logrus.Tracef("===Can not log HTTP request: %v", err)
+		} else {
+			logrus.Tracef("===REQ===\n%s\n===REQ===\n", dro)
+		}
+	}
+	res, err := c.Do(req)
+	if logrus.IsLevelEnabled(logrus.TraceLevel) {
+		if err != nil {
+			logrus.Tracef("===RES error: %v", err)
+		} else if dr, err := httputil.DumpResponse(res, false); err != nil {
+			logrus.Tracef("===Can not log HTTP response: %v", err)
+		} else {
+			logrus.Tracef("===RES===\n%s\n===RES===\n", dr)
+		}
+	}
+	return res, err
+}
diff --git a/oci/layout/oci_src.go b/oci/layout/oci_src.go
@@ -10,6 +10,7 @@ import (
 	"os"
 	"strconv"
 
+	"github.com/containers/image/v5/internal/httpdump"
 	"github.com/containers/image/v5/internal/imagesource/impl"
 	"github.com/containers/image/v5/internal/imagesource/stubs"
 	"github.com/containers/image/v5/internal/private"
@@ -185,7 +186,7 @@ func (s *ociImageSource) getExternalBlob(ctx context.Context, urls []string) (io
 			continue
 		}
 
-		resp, err := s.client.Do(req)
+		resp, err := httpdump.DoRequest(s.client, req)
 		if err != nil {
 			errWrap = fmt.Errorf("fetching %s failed %s: %w", u, err.Error(), errWrap)
 			continue

diff --git a/openshift/openshift.go b/openshift/openshift.go
@@ -12,6 +12,7 @@ import (
 	"strings"
 
 	"github.com/containers/image/v5/docker/reference"
+	"github.com/containers/image/v5/internal/httpdump"
 	"github.com/containers/image/v5/internal/iolimits"
 	"github.com/containers/image/v5/version"
 	"github.com/sirupsen/logrus"
@@ -91,7 +92,7 @@ func (c *openshiftClient) doRequest(ctx context.Context, method, path string, re
 	}
 
 	logrus.Debugf("%s %s", method, requestURL.Redacted())
-	res, err := c.httpClient.Do(req)
+	res, err := httpdump.DoRequest(c.httpClient, req)
 	if err != nil {
 		return nil, err
 	}
@@ -100,9 +101,7 @@ func (c *openshiftClient) doRequest(ctx context.Context, method, path string, re
 	if err != nil {
 		return nil, err
 	}
-	logrus.Debugf("Got body: %s", body)
-	// FIXME: Just throwing this useful information away only to try to guess later...
-	logrus.Debugf("Got content-type: %s", res.Header.Get("Content-Type"))
+	// FIXME: Just throwing Content-Type away only to try to guess later...
 
 	var status status
 	statusValid := false