[log] debug: add intermediate logging to GenerateSelfSignedTLS in proxy/tls.go#3154
Draft
github-actions[bot] wants to merge 1 commit intomainfrom
Draft
[log] debug: add intermediate logging to GenerateSelfSignedTLS in proxy/tls.go#3154github-actions[bot] wants to merge 1 commit intomainfrom
github-actions[bot] wants to merge 1 commit intomainfrom
Conversation
Add 3 debug log calls to the GenerateSelfSignedTLS function in internal/proxy/tls.go to improve observability during TLS certificate generation: - Log CA certificate creation with serial number and validity period - Log server certificate creation with DNS names and IP addresses - Log certificate file paths after writing all three PEM files - Log successful TLS key pair loading These intermediate checkpoints complement the existing entry/exit logs, making it easier to pinpoint where certificate generation fails during troubleshooting (e.g. key generation vs cert signing vs file I/O vs key-pair loading). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds 3 debug log calls to
GenerateSelfSignedTLSininternal/proxy/tls.gousing the existinglogTLSlogger (logger.New("proxy:tls")).Changes
The function already logged at entry and completion. This PR adds intermediate checkpoints:
logTLS.Printf("CA certificate created: serial=%s, notBefore=%s, notAfter=%s", ...)logTLS.Printf("server certificate created: dnsNames=%v, ipAddresses=%v", ...)logTLS.Printf("TLS certificate files written: caCert=%s, cert=%s, key=%s", ...)logTLS.Print("TLS key pair loaded successfully")Why This Helps
GenerateSelfSignedTLSperforms several distinct operations (key generation, cert signing, file I/O, key-pair loading) where any step can fail independently. Without intermediate logging, a failure at "failed to load server cert pair" gives no indication whether the issue is in the key generation, cert creation, or file writing phases. The new logs pinpoint exactly how far the function progressed before failing.Logging Guidelines Followed
logTLSlogger — no duplicate declarationPrintfused for structured data (serial, SANs, file paths)Printused for simple state confirmationsFiles Changed
internal/proxy/tls.go— 5 lines added (3 log calls + 1 newline separation)