From 9fbe39d7a258c47df06b4b08c6cde8887a8ee2c9 Mon Sep 17 00:00:00 2001
From: John Bramley <John.Bramley@va.gov>
Date: Mon, 15 Apr 2024 11:16:14 -0600
Subject: [PATCH] 79903 user credential log update (#16305)

* adds csps and acrs attributes to ClientConfig

* name update

* adds validation of csp type & acr against client config

* adds csps and acrs attributes to ClientConfig

* name update

* name updates and removes redundant validations

* removes duplicate test

* update log output

* update

* rubocop

* updates codeowners
---
 .github/CODEOWNERS                |  2 +-
 rakelib/prod/user_credential.rake | 34 +++++++++++++++++++++++++------
 2 files changed, 29 insertions(+), 7 deletions(-)

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 821318c752c..165e62a6273 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -976,7 +976,6 @@ rakelib/mockdata_synchronize.rake @department-of-veterans-affairs/octo-identity
 rakelib/pension_burial.rake @department-of-veterans-affairs/mbs-core-team @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
 rakelib/piilog_repl @department-of-veterans-affairs/backend-review-group @department-of-veterans-affairs/va-api-engineers
 rakelib/prod @department-of-veterans-affairs/vfs-vaos @department-of-veterans-affairs/backend-review-group @department-of-veterans-affairs/va-api-engineers
-rakelib/prod/user_credential.rake @department-of-veterans-affairs/octo-identity
 rakelib/remove_va1995s_records.rake @department-of-veterans-affairs/govcio-vfep-codereviewers @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
 rakelib/routes_csv.rake @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
 rakelib/rswag.rake @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
@@ -1485,6 +1484,7 @@ spec/rakelib/form526_spec.rb @department-of-veterans-affairs/Benefits-Team-1 @de
 spec/rakelib/piilog_repl @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
 spec/rakelib/piilog_repl/piilog_helpers_spec.rb @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
 spec/rakelib/vet360_spec.rb @department-of-veterans-affairs/vfs-authenticated-experience-backend @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
+rakelib/prod/user_credential.rake @department-of-veterans-affairs/octo-identity
 spec/requests/admin_spec.rb @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
 spec/requests/appeals_request_spec.rb @department-of-veterans-affairs/backend-review-group
 spec/requests/appointments_request_spec.rb @department-of-veterans-affairs/vfs-vaos @department-of-veterans-affairs/va-api-engineers @department-of-veterans-affairs/backend-review-group
diff --git a/rakelib/prod/user_credential.rake b/rakelib/prod/user_credential.rake
index daba12202cf..69b51c49984 100644
--- a/rakelib/prod/user_credential.rake
+++ b/rakelib/prod/user_credential.rake
@@ -8,10 +8,11 @@ namespace :user_credential do
     type = args[:type]
     credential_id = args[:credential_id]
     context = { type:, credential_id:, requested_by: args[:requested_by] }
-    log_task(namespace:, status: 'start', context:)
+    log_to_stdout(level: 'info', message: "[#{namespace}] rake task start, context: #{context.to_json}")
     user_verification = UserVerification.where(["#{type}_uuid = ?", credential_id]).first
     user_verification.lock!
-    log_task(namespace:, status: 'complete', context: context.merge(locked: user_verification.locked))
+    context[:locked] = user_verification.locked
+    log_to_stdout(level: 'info', message: "[#{namespace}] rake task complete, context: #{context.to_json}")
     puts "#{namespace} complete - #{type}_uuid: #{credential_id}"
   rescue => e
     puts "#{namespace} failed - #{e.message}"
@@ -23,10 +24,11 @@ namespace :user_credential do
     type = args[:type]
     credential_id = args[:credential_id]
     context = { type:, credential_id:, requested_by: args[:requested_by] }
-    log_task(namespace:, status: 'start', context:)
+    log_to_stdout(level: 'info', message: "[#{namespace}] rake task start, context: #{context.to_json}")
     user_verification = UserVerification.where(["#{type}_uuid = ?", credential_id]).first
     user_verification.unlock!
-    log_task(namespace:, status: 'complete', context: context.merge(locked: user_verification.locked))
+    context[:locked] = user_verification.locked
+    log_to_stdout(level: 'info', message: "[#{namespace}] rake task complete, context: #{context.to_json}")
     puts "#{namespace} complete - #{type}_uuid: #{credential_id}"
   rescue => e
     puts "#{namespace} failed - #{e.message}"
@@ -38,7 +40,27 @@ namespace :user_credential do
                                           args[:requested_by].blank?
   end
 
-  def log_task(namespace:, status:, context:)
-    Rails.logger.info("[#{namespace}] rake task #{status}", context)
+  def log_to_stdout(level:, message:)
+    `echo "#{log_message(level:, message:).to_json.dump}" >> /proc/1/fd/1`
+  end
+
+  def log_message(level:, message:)
+    {
+      level:,
+      message:,
+      application: 'vets-api-server',
+      environment: Rails.env,
+      timestamp: Time.zone.now.iso8601,
+
+      file: 'rakelib/prod/user_credential.rake',
+      named_tags: {
+        dd: {
+          env: ENV.fetch('DD_ENV', nil),
+          service: 'vets-api'
+        },
+        ddsource: 'ruby'
+      },
+      name: 'Rails'
+    }
   end
 end