Skip to content

Commit 9e7b8f0

Browse files
wollomaticwollomatic
committed
clarify bind mount restrictions logging
1 parent 7f6c8c1 commit 9e7b8f0

1 file changed

Lines changed: 9 additions & 3 deletions

File tree

cmd/socket-proxy/main.go

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -58,18 +58,24 @@ func main() {
5858
// print configuration
5959
slog.Info("starting socket-proxy", "version", version, "os", runtime.GOOS, "arch", runtime.GOARCH, "runtime", runtime.Version(), "URL", programURL)
6060
if cfg.ProxySocketEndpoint == "" {
61-
slog.Info("configuration info", "socketpath", cfg.SocketPath, "listenaddress", cfg.ListenAddress, "loglevel", cfg.LogLevel, "logjson", cfg.LogJSON, "allowfrom", cfg.AllowFrom, "shutdowngracetime", cfg.ShutdownGraceTime, "allowbindmountfrom", cfg.AllowBindMountFrom)
61+
slog.Info("configuration info", "socketpath", cfg.SocketPath, "listenaddress", cfg.ListenAddress, "loglevel", cfg.LogLevel, "logjson", cfg.LogJSON, "allowfrom", cfg.AllowFrom, "shutdowngracetime", cfg.ShutdownGraceTime)
6262
} else {
63-
slog.Info("configuration info", "socketpath", cfg.SocketPath, "proxysocketendpoint", cfg.ProxySocketEndpoint, "proxysocketendpointfilemode", cfg.ProxySocketEndpointFileMode, "loglevel", cfg.LogLevel, "logjson", cfg.LogJSON, "allowfrom", cfg.AllowFrom, "shutdowngracetime", cfg.ShutdownGraceTime, "allowbindmountfrom", cfg.AllowBindMountFrom)
63+
slog.Info("configuration info", "socketpath", cfg.SocketPath, "proxysocketendpoint", cfg.ProxySocketEndpoint, "proxysocketendpointfilemode", cfg.ProxySocketEndpointFileMode, "loglevel", cfg.LogLevel, "logjson", cfg.LogJSON, "allowfrom", cfg.AllowFrom, "shutdowngracetime", cfg.ShutdownGraceTime)
6464
slog.Info("proxysocketendpoint is set, so the TCP listener is deactivated")
6565
}
6666
if cfg.WatchdogInterval > 0 {
6767
slog.Info("watchdog enabled", "interval", cfg.WatchdogInterval, "stoponwatchdog", cfg.StopOnWatchdog)
6868
} else {
6969
slog.Info("watchdog disabled")
7070
}
71+
if len(cfg.AllowBindMountFrom) > 0 {
72+
slog.Info("Docker bind mount restrictions:", cfg.AllowBindMountFrom)
73+
} else {
74+
// we only log this on DEBUG level because bind mount restrictions are a very special use case
75+
slog.Debug("no Docker bind mount restrictions")
76+
}
7177

72-
// print request allow list
78+
// print request allowlist
7379
if cfg.LogJSON {
7480
for method, regex := range cfg.AllowedRequests {
7581
slog.Info("configured allowed request", "method", method, "regex", regex)

0 commit comments

Comments
 (0)