Skip to content

Add logging to credentials#12319

Merged
chlowell merged 9 commits intoAzure:masterfrom
chlowell:logging
Jul 21, 2020
Merged

Add logging to credentials#12319
chlowell merged 9 commits intoAzure:masterfrom
chlowell:logging

Conversation

@chlowell
Copy link
Copy Markdown
Member

@chlowell chlowell commented Jul 2, 2020

This adds logging to all credentials in alignment with the broad cross-language design implemented in Go and Java SDKs (closes #5548). I'm less than fully satisfied with the decorator approach I took here but it's the most expedient way I found to meet these requirements:

  • log success or failure of every get_token call
  • log all unhandled get_token exceptions at WARNING level, add tracebacks when the logger is enabled for DEBUG level
  • correlate log records to credentials
    • i.e. include credential names, use loggers from credential modules

Basically I wanted context scoped logging. Getting a weak version of it here felt like hammering a square peg into a round hole but I'm not so familiar with logging and wouldn't be surprised to learn I missed a better way--alternative suggestions welcome 😸

example output

typical success and failure

[INFO] ClientSecretCredential.get_token succeeded

[WARNING] ClientSecretCredential.get_token failed: Azure Active Directory error '(invalid_client) AADSTS7000215: Invalid client secret is provided.
Trace ID: 95a0fb68-9a2e-4bcf-ad0f-001672c33400
Correlation ID: bc737463-0ee7-4d61-9f80-fd2f5cbaf7cc
Timestamp: 2020-07-01 22:50:44Z'

DefaultAzureCredential.get_token()

[WARNING] EnvironmentCredential.get_token failed: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
[INFO] DefaultAzureCredential - EnvironmentCredential is unavailable
[INFO] No response from the IMDS endpoint.
[WARNING] ManagedIdentityCredential.get_token failed: ManagedIdentityCredential authentication unavailable, no managed identity endpoint found.
[INFO] DefaultAzureCredential - ManagedIdentityCredential is unavailable
[INFO] SharedTokenCacheCredential.get_token succeeded
[INFO] DefaultAzureCredential acquired a token from SharedTokenCacheCredential

EnvironmentCredential()

nothing configured

[INFO] No environment configuration found.

partially configured

[WARNING] Incomplete environment configuration. Set variables: AZURE_CLIENT_ID, AZURE_CLIENT_SECRET

fully configured

[INFO] Environment is configured for ClientSecretCredential

ManagedIdentityCredential

[INFO] ManagedIdentityCredential will use IMDS
[INFO] No response from the IMDS endpoint.
[WARNING] ManagedIdentityCredential.get_token failed: ManagedIdentityCredential authentication unavailable, no managed identity endpoint found.

Loading
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jiasli jiasli jiasli left review comments

@catalinaperalta catalinaperalta catalinaperalta left review comments

@xiangyan99 xiangyan99 xiangyan99 approved these changes

@sadasant sadasant Awaiting requested review from sadasant

@jianghaolu jianghaolu Awaiting requested review from jianghaolu

@schaabs schaabs Awaiting requested review from schaabs

Assignees

No one assigned

Labels

Azure.Identity blocking-release Blocks release Client This issue points to a problem in the data-plane of the library.

Projects

None yet

Milestone

[2020] August

Development

Successfully merging this pull request may close these issues.

Add logging to credentials

5 participants

@chlowell @xiangyan99 @joshfree @jiasli @catalinaperalta