From 0880332b901139fd8f570cf5c139bb2024c4e41b Mon Sep 17 00:00:00 2001 From: Fernandez Ludovic Date: Sat, 10 Jan 2026 04:14:08 +0100 Subject: [PATCH] refactor: logs inside CLI files --- cmd/accounts_storage.go | 22 +++++++-------- cmd/certs_storage.go | 26 +++++++++--------- cmd/cmd_before.go | 8 +++--- cmd/cmd_renew.go | 60 ++++++++++++++++++++--------------------- cmd/cmd_revoke.go | 12 ++++----- cmd/cmd_run.go | 12 ++++----- cmd/lego/main.go | 2 +- cmd/setup.go | 10 +++---- cmd/setup_challenges.go | 30 ++++++++++++--------- 9 files changed, 95 insertions(+), 87 deletions(-) diff --git a/cmd/accounts_storage.go b/cmd/accounts_storage.go index 7f6d801af..2d765b845 100644 --- a/cmd/accounts_storage.go +++ b/cmd/accounts_storage.go @@ -79,7 +79,7 @@ func NewAccountsStorage(ctx *cli.Context) *AccountsStorage { serverURL, err := url.Parse(ctx.String(flgServer)) if err != nil { - log.Fatal(err) + log.Fatal("URL parsing", "flag", flgServer, "serverURL", ctx.String(flgServer), "error", err) } rootPath := filepath.Join(ctx.String(flgPath), baseAccountsRootFolderName) @@ -103,7 +103,7 @@ func (s *AccountsStorage) ExistsAccountFilePath() bool { if _, err := os.Stat(accountFile); os.IsNotExist(err) { return false } else if err != nil { - log.Fatal(err) + log.Fatal("Could not read the account file.", "filepath", accountFile, "error", err) } return true @@ -137,14 +137,14 @@ func (s *AccountsStorage) Save(account *Account) error { func (s *AccountsStorage) LoadAccount(privateKey crypto.PrivateKey) *Account { fileBytes, err := os.ReadFile(s.accountFilePath) if err != nil { - log.Fatalf("Could not load file for account %s: %v", s.GetUserID(), err) + log.Fatal("Could not load the account file.", "userID", s.GetUserID(), "error", err) } var account Account err = json.Unmarshal(fileBytes, &account) if err != nil { - log.Fatalf("Could not parse file for account %s: %v", s.GetUserID(), err) + log.Fatal("Could not parse the account file.", "userID", s.GetUserID(), "error", err) } account.key = privateKey @@ -152,14 +152,14 @@ func (s *AccountsStorage) LoadAccount(privateKey crypto.PrivateKey) *Account { if account.Registration == nil || account.Registration.Body.Status == "" { reg, err := tryRecoverRegistration(s.ctx, privateKey) if err != nil { - log.Fatalf("Could not load account for %s. Registration is nil: %#v", s.GetUserID(), err) + log.Fatal("Could not load the account file. Registration is nil.", "userID", s.GetUserID(), "error", err) } account.Registration = reg err = s.Save(&account) if err != nil { - log.Fatalf("Could not save account for %s. Registration is nil: %#v", s.GetUserID(), err) + log.Fatal("Could not save the account file. Registration is nil.", "userID", s.GetUserID(), "error", err) } } @@ -170,22 +170,22 @@ func (s *AccountsStorage) GetPrivateKey(keyType certcrypto.KeyType) crypto.Priva accKeyPath := filepath.Join(s.keysPath, s.GetUserID()+".key") if _, err := os.Stat(accKeyPath); os.IsNotExist(err) { - log.Printf("No key found for account %s. Generating a %s key.", s.GetUserID(), keyType) + log.Info("No key found for the account. Generating a new private key.", "userID", s.GetUserID(), "keyType", keyType) s.createKeysFolder() privateKey, err := generatePrivateKey(accKeyPath, keyType) if err != nil { - log.Fatalf("Could not generate RSA private account key for account %s: %v", s.GetUserID(), err) + log.Fatal("Could not generate the RSA private account key.", "userID", s.GetUserID(), "error", err) } - log.Printf("Saved key to %s", accKeyPath) + log.Info("Saved key.", "filepath", accKeyPath) return privateKey } privateKey, err := loadPrivateKey(accKeyPath) if err != nil { - log.Fatalf("Could not load RSA private key from file %s: %v", accKeyPath, err) + log.Fatal("Could not load an RSA private key from the file.", "filepath", accKeyPath, "error", err) } return privateKey @@ -193,7 +193,7 @@ func (s *AccountsStorage) GetPrivateKey(keyType certcrypto.KeyType) crypto.Priva func (s *AccountsStorage) createKeysFolder() { if err := createNonExistingFolder(s.keysPath); err != nil { - log.Fatalf("Could not check/create directory for account %s: %v", s.GetUserID(), err) + log.Fatal("Could not check/create the directory for the account.", "userID", s.GetUserID(), "error", err) } } diff --git a/cmd/certs_storage.go b/cmd/certs_storage.go index 17bb1b035..813ef8d44 100644 --- a/cmd/certs_storage.go +++ b/cmd/certs_storage.go @@ -65,7 +65,7 @@ func NewCertificatesStorage(ctx *cli.Context) *CertificatesStorage { switch pfxFormat { case "DES", "RC2", "SHA256": default: - log.Fatalf("Invalid PFX format: %s", pfxFormat) + log.Fatal("Invalid PFX format.", "format", pfxFormat) } return &CertificatesStorage{ @@ -82,14 +82,14 @@ func NewCertificatesStorage(ctx *cli.Context) *CertificatesStorage { func (s *CertificatesStorage) CreateRootFolder() { err := createNonExistingFolder(s.rootPath) if err != nil { - log.Fatalf("Could not check/create path: %v", err) + log.Fatal("Could not check/create the root folder", "filepath", s.rootPath, "error", err) } } func (s *CertificatesStorage) CreateArchiveFolder() { err := createNonExistingFolder(s.archivePath) if err != nil { - log.Fatalf("Could not check/create path: %v", err) + log.Fatal("Could not check/create the archive folder.", "filepath", s.archivePath, "error", err) } } @@ -104,13 +104,13 @@ func (s *CertificatesStorage) SaveResource(certRes *certificate.Resource) { // as web servers would not be able to work with a combined file. err := s.WriteFile(domain, certExt, certRes.Certificate) if err != nil { - log.Fatalf("Unable to save Certificate for domain %s\n\t%v", domain, err) + log.Fatal("Unable to save Certificate.", "domain", domain, "error", err) } if certRes.IssuerCertificate != nil { err = s.WriteFile(domain, issuerExt, certRes.IssuerCertificate) if err != nil { - log.Fatalf("Unable to save IssuerCertificate for domain %s\n\t%v", domain, err) + log.Fatal("Unable to save IssuerCertificate.", "domain", domain, "error", err) } } @@ -118,33 +118,33 @@ func (s *CertificatesStorage) SaveResource(certRes *certificate.Resource) { if certRes.PrivateKey != nil { err = s.WriteCertificateFiles(domain, certRes) if err != nil { - log.Fatalf("Unable to save PrivateKey for domain %s\n\t%v", domain, err) + log.Fatal("Unable to save PrivateKey.", "domain", domain, "error", err) } } else if s.pem || s.pfx { // we don't have the private key; can't write the .pem or .pfx file - log.Fatalf("Unable to save PEM or PFX without private key for domain %s. Are you using a CSR?", domain) + log.Fatal("Unable to save PEM or PFX without the private key. Are you using a CSR?", "domain", domain) } jsonBytes, err := json.MarshalIndent(certRes, "", "\t") if err != nil { - log.Fatalf("Unable to marshal CertResource for domain %s\n\t%v", domain, err) + log.Fatal("Unable to marshal CertResource.", "domain", domain, "error", err) } err = s.WriteFile(domain, resourceExt, jsonBytes) if err != nil { - log.Fatalf("Unable to save CertResource for domain %s\n\t%v", domain, err) + log.Fatal("Unable to save CertResource.", "domain", domain, "error", err) } } func (s *CertificatesStorage) ReadResource(domain string) certificate.Resource { raw, err := s.ReadFile(domain, resourceExt) if err != nil { - log.Fatalf("Error while loading the meta data for domain %s\n\t%v", domain, err) + log.Fatal("Error while loading the metadata.", "domain", domain, "error", err) } var resource certificate.Resource if err = json.Unmarshal(raw, &resource); err != nil { - log.Fatalf("Error while marshaling the meta data for domain %s\n\t%v", domain, err) + log.Fatal("Error while marshaling the metadata.", "domain", domain, "error", err) } return resource @@ -156,7 +156,7 @@ func (s *CertificatesStorage) ExistsFile(domain, extension string) bool { if _, err := os.Stat(filePath); os.IsNotExist(err) { return false } else if err != nil { - log.Fatal(err) + log.Fatal("File stat", "filepath", filePath, "error", err) } return true @@ -319,7 +319,7 @@ func getPFXEncoder(pfxFormat string) (*pkcs12.Encoder, error) { func sanitizedDomain(domain string) string { safe, err := idna.ToASCII(strings.NewReplacer(":", "-", "*", "_").Replace(domain)) if err != nil { - log.Fatal(err) + log.Fatal("Could not sanitize the domain.", "domain", domain, "error", err) } return safe diff --git a/cmd/cmd_before.go b/cmd/cmd_before.go index 645ce4324..37fece5a9 100644 --- a/cmd/cmd_before.go +++ b/cmd/cmd_before.go @@ -1,22 +1,24 @@ package cmd import ( + "fmt" + "github.com/go-acme/lego/v5/log" "github.com/urfave/cli/v2" ) func Before(ctx *cli.Context) error { if ctx.String(flgPath) == "" { - log.Fatalf("Could not determine current working directory. Please pass --%s.", flgPath) + log.Fatal(fmt.Sprintf("Could not determine the current working directory. Please pass --%s.", flgPath)) } err := createNonExistingFolder(ctx.String(flgPath)) if err != nil { - log.Fatalf("Could not check/create path: %v", err) + log.Fatal("Could not check/create the path.", "flag", flgPath, "filepath", ctx.String(flgPath), "error", err) } if ctx.String(flgServer) == "" { - log.Fatalf("Could not determine current working server. Please pass --%s.", flgServer) + log.Fatal(fmt.Sprintf("Could not determine the current working server. Please pass --%s.", flgServer)) } return nil diff --git a/cmd/cmd_renew.go b/cmd/cmd_renew.go index b2ab9186f..5176d3110 100644 --- a/cmd/cmd_renew.go +++ b/cmd/cmd_renew.go @@ -4,6 +4,7 @@ import ( "crypto" "crypto/x509" "errors" + "fmt" "math/rand" "os" "slices" @@ -42,15 +43,15 @@ func createRenew() *cli.Command { hasCsr := ctx.String(flgCSR) != "" if hasDomains && hasCsr { - log.Fatalf("Please specify either --%s/-d or --%s/-c, but not both", flgDomains, flgCSR) + log.Fatal(fmt.Sprintf("Please specify either --%s/-d or --%s/-c, but not both", flgDomains, flgCSR)) } if !hasDomains && !hasCsr { - log.Fatalf("Please specify --%s/-d (or --%s/-c if you already have a CSR)", flgDomains, flgCSR) + log.Fatal(fmt.Sprintf("Please specify --%s/-d (or --%s/-c if you already have a CSR)", flgDomains, flgCSR)) } if ctx.Bool(flgForceCertDomains) && hasCsr { - log.Fatalf("--%s only works with --%s/-d, --%s/-c doesn't support this option.", flgForceCertDomains, flgDomains, flgCSR) + log.Fatal(fmt.Sprintf("--%s only works with --%s/-d, --%s/-c doesn't support this option.", flgForceCertDomains, flgDomains, flgCSR)) } return nil @@ -137,7 +138,7 @@ func renew(cliCtx *cli.Context) error { account, keyType := setupAccount(cliCtx, NewAccountsStorage(cliCtx)) if account.Registration == nil { - log.Fatalf("Account %s is not registered. Use 'run' to register a new account.\n", account.Email) + log.Fatal("The account is not registered. Use 'run' to register a new account.", "email", account.Email) } certsStorage := NewCertificatesStorage(cliCtx) @@ -166,7 +167,7 @@ func renewForDomains(cliCtx *cli.Context, account *Account, keyType certcrypto.K // as web servers would not be able to work with a combined file. certificates, err := certsStorage.ReadCertificate(domain, certExt) if err != nil { - log.Fatalf("Error while loading the certificate for domain %s\n\t%v", domain, err) + log.Fatal("Error while loading the certificate.", "domain", domain, "error", err) } cert := certificates[0] @@ -187,14 +188,14 @@ func renewForDomains(cliCtx *cli.Context, account *Account, keyType certcrypto.K // Figure out if we need to sleep before renewing. if ariRenewalTime.After(now) { - log.Infof("[%s] Sleeping %s until renewal time %s", domain, ariRenewalTime.Sub(now), ariRenewalTime) + log.Info("Sleeping until renewal time", "domain", domain, "sleep", ariRenewalTime.Sub(now), "renewalTime", ariRenewalTime) time.Sleep(ariRenewalTime.Sub(now)) } } replacesCertID, err = certificate.MakeARICertID(cert) if err != nil { - log.Fatalf("Error while construction the ARI CertID for domain %s\n\t%v", domain, err) + log.Fatal("Error while construction the ARI CertID.", "domain", domain, "error", err) } } @@ -213,14 +214,14 @@ func renewForDomains(cliCtx *cli.Context, account *Account, keyType certcrypto.K // This is just meant to be informal for the user. timeLeft := cert.NotAfter.Sub(time.Now().UTC()) - log.Infof("[%s] acme: Trying renewal with %d hours remaining", domain, int(timeLeft.Hours())) + log.Info("acme: Trying renewal.", "domain", domain, "hoursRemaining", int(timeLeft.Hours())) var privateKey crypto.PrivateKey if cliCtx.Bool(flgReuseKey) { keyBytes, errR := certsStorage.ReadFile(domain, keyExt) if errR != nil { - log.Fatalf("Error while loading the private key for domain %s\n\t%v", domain, errR) + log.Fatal("Error while loading the private key.", "domain", domain, "error", errR) } privateKey, errR = certcrypto.ParsePEMPrivateKey(keyBytes) @@ -238,7 +239,7 @@ func renewForDomains(cliCtx *cli.Context, account *Account, keyType certcrypto.K rnd := rand.New(rand.NewSource(time.Now().UnixNano())) sleepTime := time.Duration(rnd.Int63n(int64(jitter))) - log.Infof("renewal: random delay of %s", sleepTime) + log.Info("renewal: random delay.", "sleep", sleepTime) time.Sleep(sleepTime) } @@ -265,7 +266,7 @@ func renewForDomains(cliCtx *cli.Context, account *Account, keyType certcrypto.K certRes, err := client.Certificate.Obtain(cliCtx.Context, request) if err != nil { - log.Fatal(err) + log.Fatal("Could not obtain the certificate.", "error", err) } certRes.Domain = domain @@ -280,12 +281,12 @@ func renewForDomains(cliCtx *cli.Context, account *Account, keyType certcrypto.K func renewForCSR(cliCtx *cli.Context, account *Account, keyType certcrypto.KeyType, certsStorage *CertificatesStorage, bundle bool, meta map[string]string) error { csr, err := readCSRFile(cliCtx.String(flgCSR)) if err != nil { - log.Fatal(err) + log.Fatal("Could not read CSR file.", "flag", flgCSR, "filepath", cliCtx.String(flgCSR), "error", err) } domain, err := certcrypto.GetCSRMainDomain(csr) if err != nil { - log.Fatalf("Error: %v", err) + log.Fatal("Could not get CSR main domain.", "error", err) } // load the cert resource from files. @@ -293,7 +294,7 @@ func renewForCSR(cliCtx *cli.Context, account *Account, keyType certcrypto.KeyTy // as web servers would not be able to work with a combined file. certificates, err := certsStorage.ReadCertificate(domain, certExt) if err != nil { - log.Fatalf("Error while loading the certificate for domain %s\n\t%v", domain, err) + log.Fatal("Error while loading the certificate.", "domain", domain, "error", err) } cert := certificates[0] @@ -314,14 +315,14 @@ func renewForCSR(cliCtx *cli.Context, account *Account, keyType certcrypto.KeyTy // Figure out if we need to sleep before renewing. if ariRenewalTime.After(now) { - log.Infof("[%s] Sleeping %s until renewal time %s", domain, ariRenewalTime.Sub(now), ariRenewalTime) + log.Info("Sleeping until renewal time", "domain", domain, "sleep", ariRenewalTime.Sub(now), "renewalTime", ariRenewalTime) time.Sleep(ariRenewalTime.Sub(now)) } } replacesCertID, err = certificate.MakeARICertID(cert) if err != nil { - log.Fatalf("Error while construction the ARI CertID for domain %s\n\t%v", domain, err) + log.Fatal("Error while construction the ARI CertID.", "domain", domain, "error", err) } } @@ -335,7 +336,7 @@ func renewForCSR(cliCtx *cli.Context, account *Account, keyType certcrypto.KeyTy // This is just meant to be informal for the user. timeLeft := cert.NotAfter.Sub(time.Now().UTC()) - log.Infof("[%s] acme: Trying renewal with %d hours remaining", domain, int(timeLeft.Hours())) + log.Info("acme: Trying renewal.", "domain", domain, "hoursRemaining", int(timeLeft.Hours())) request := certificate.ObtainForCSRRequest{ CSR: csr, @@ -353,7 +354,7 @@ func renewForCSR(cliCtx *cli.Context, account *Account, keyType certcrypto.KeyTy certRes, err := client.Certificate.ObtainForCSR(cliCtx.Context, request) if err != nil { - log.Fatal(err) + log.Fatal("Could not obtain the certificate fro CSR.", "error", err) } certsStorage.SaveResource(certRes) @@ -365,7 +366,7 @@ func renewForCSR(cliCtx *cli.Context, account *Account, keyType certcrypto.KeyTy func needRenewal(x509Cert *x509.Certificate, domain string, days int, dynamic bool) bool { if x509Cert.IsCA { - log.Fatalf("[%s] Certificate bundle starts with a CA certificate", domain) + log.Fatal("Certificate bundle starts with a CA certificate.", "domain", domain) } if dynamic { @@ -381,8 +382,8 @@ func needRenewal(x509Cert *x509.Certificate, domain string, days int, dynamic bo return true } - log.Printf("[%s] The certificate expires in %d days, the number of days defined to perform the renewal is %d: no renewal.", - domain, notAfter, days) + log.Info(fmt.Sprintf("Skip renewal: the certificate expires in %d days, the number of days defined to perform the renewal is %d.", + notAfter, days), "domain", domain) return false } @@ -401,8 +402,8 @@ func needRenewalDynamic(x509Cert *x509.Certificate, domain string, now time.Time return true } - log.Infof("[%s] The certificate expires at %s, the renewal can be performed in %s: no renewal.", - domain, x509Cert.NotAfter.Format(time.RFC3339), dueDate.Sub(now)) + log.Info(fmt.Sprintf("Skip renewal: The certificate expires at %s, the renewal can be performed in %s.", + x509Cert.NotAfter.Format(time.RFC3339), dueDate.Sub(now)), "domain", domain) return false } @@ -410,18 +411,17 @@ func needRenewalDynamic(x509Cert *x509.Certificate, domain string, now time.Time // getARIRenewalTime checks if the certificate needs to be renewed using the renewalInfo endpoint. func getARIRenewalTime(cliCtx *cli.Context, cert *x509.Certificate, domain string, client *lego.Client) *time.Time { if cert.IsCA { - log.Fatalf("[%s] Certificate bundle starts with a CA certificate", domain) + log.Fatal("Certificate bundle starts with a CA certificate.", "domain", domain) } renewalInfo, err := client.Certificate.GetRenewalInfo(cliCtx.Context, certificate.RenewalInfoRequest{Cert: cert}) if err != nil { if errors.Is(err, api.ErrNoARI) { - // The server does not advertise a renewal info endpoint. - log.Warnf("[%s] acme: %v", domain, err) + log.Warn("acme: the server does not advertise a renewal info endpoint.", "domain", domain, "errorr", err) return nil } - log.Warnf("[%s] acme: calling renewal info endpoint: %v", domain, err) + log.Warn("acme: calling renewal info endpoint", "domain", domain, "error", err) return nil } @@ -430,14 +430,14 @@ func getARIRenewalTime(cliCtx *cli.Context, cert *x509.Certificate, domain strin renewalTime := renewalInfo.ShouldRenewAt(now, cliCtx.Duration(flgARIWaitToRenewDuration)) if renewalTime == nil { - log.Infof("[%s] acme: renewalInfo endpoint indicates that renewal is not needed", domain) + log.Info("acme: renewalInfo endpoint indicates that renewal is not needed.", "domain", domain) return nil } - log.Infof("[%s] acme: renewalInfo endpoint indicates that renewal is needed", domain) + log.Info("acme: renewalInfo endpoint indicates that renewal is needed.", "domain", domain) if renewalInfo.ExplanationURL != "" { - log.Infof("[%s] acme: renewalInfo endpoint provided an explanation: %s", domain, renewalInfo.ExplanationURL) + log.Info("acme: renewalInfo endpoint provided an explanation.", "domain", domain, "explanationURL", renewalInfo.ExplanationURL) } return renewalTime diff --git a/cmd/cmd_revoke.go b/cmd/cmd_revoke.go index c0b486d3b..9a48c13f9 100644 --- a/cmd/cmd_revoke.go +++ b/cmd/cmd_revoke.go @@ -41,7 +41,7 @@ func revoke(cliCtx *cli.Context) error { account, keyType := setupAccount(cliCtx, NewAccountsStorage(cliCtx)) if account.Registration == nil { - log.Fatalf("Account %s is not registered. Use 'run' to register a new account.\n", account.Email) + log.Fatal("Account is not registered. Use 'run' to register a new account.", "email", account.Email) } client := newClient(cliCtx, account, keyType) @@ -50,21 +50,21 @@ func revoke(cliCtx *cli.Context) error { certsStorage.CreateRootFolder() for _, domain := range cliCtx.StringSlice(flgDomains) { - log.Printf("Trying to revoke certificate for domain %s", domain) + log.Info("Trying to revoke the certificate.", "domain", domain) certBytes, err := certsStorage.ReadFile(domain, certExt) if err != nil { - log.Fatalf("Error while revoking the certificate for domain %s\n\t%v", domain, err) + log.Fatal("Error while revoking the certificate.", "domain", domain, "error", err) } reason := cliCtx.Uint(flgReason) err = client.Certificate.RevokeWithReason(cliCtx.Context, certBytes, &reason) if err != nil { - log.Fatalf("Error while revoking the certificate for domain %s\n\t%v", domain, err) + log.Fatal("Error while revoking the certificate.", "domain", domain, "error", err) } - log.Println("Certificate was revoked.") + log.Info("Certificate was revoked.", "domain", domain) if cliCtx.Bool(flgKeep) { return nil @@ -77,7 +77,7 @@ func revoke(cliCtx *cli.Context) error { return err } - log.Println("Certificate was archived for domain:", domain) + log.Info("Certificate was archived", "domain", domain) } return nil diff --git a/cmd/cmd_run.go b/cmd/cmd_run.go index e4a626d56..1c42213c3 100644 --- a/cmd/cmd_run.go +++ b/cmd/cmd_run.go @@ -119,12 +119,12 @@ func run(cliCtx *cli.Context) error { if account.Registration == nil { reg, err := register(cliCtx, client) if err != nil { - log.Fatalf("Could not complete registration\n\t%v", err) + log.Fatal("Could not complete registration.", "error", err) } account.Registration = reg if err = accountsStorage.Save(account); err != nil { - log.Fatal(err) + log.Fatal("Could not save the account file.", "error", err) } fmt.Printf(rootPathWarningMessage, accountsStorage.GetRootPath()) @@ -137,7 +137,7 @@ func run(cliCtx *cli.Context) error { if err != nil { // Make sure to return a non-zero exit code if ObtainSANCertificate returned at least one error. // Due to us not returning partial certificate we can just exit here instead of at the end. - log.Fatalf("Could not obtain certificates:\n\t%v", err) + log.Fatal("Could not obtain certificates", "error", err) } certsStorage.SaveResource(cert) @@ -159,14 +159,14 @@ func handleTOS(ctx *cli.Context, client *lego.Client) bool { reader := bufio.NewReader(os.Stdin) - log.Printf("Please review the TOS at %s", client.GetToSURL()) + log.Warn("Please review the TOS", "url", client.GetToSURL()) for { fmt.Println("Do you accept the TOS? Y/n") text, err := reader.ReadString('\n') if err != nil { - log.Fatalf("Could not read from console: %v", err) + log.Fatal("Could not read from the console", "error", err) } text = strings.Trim(text, "\r\n") @@ -192,7 +192,7 @@ func register(cliCtx *cli.Context, client *lego.Client) (*registration.Resource, hmacEncoded := cliCtx.String(flgHMAC) if kid == "" || hmacEncoded == "" { - log.Fatalf("Requires arguments --%s and --%s.", flgKID, flgHMAC) + log.Fatal(fmt.Sprintf("Requires arguments --%s and --%s.", flgKID, flgHMAC)) } return client.Registration.RegisterWithExternalAccountBinding(cliCtx.Context, registration.RegisterEABOptions{ diff --git a/cmd/lego/main.go b/cmd/lego/main.go index 7fc46dec3..1d03d3896 100644 --- a/cmd/lego/main.go +++ b/cmd/lego/main.go @@ -40,6 +40,6 @@ func main() { err = app.Run(os.Args) if err != nil { - log.Fatal(err) + log.Fatal("Error", "error", err) } } diff --git a/cmd/setup.go b/cmd/setup.go index 2f8660a84..0460e1f18 100644 --- a/cmd/setup.go +++ b/cmd/setup.go @@ -78,18 +78,18 @@ func newClient(ctx *cli.Context, acc registration.User, keyType certcrypto.KeyTy retryClient.Logger = nil if _, v := os.LookupEnv("LEGO_DEBUG_ACME_HTTP_CLIENT"); v { - retryClient.Logger = log.Logger + retryClient.Logger = log.Default() } config.HTTPClient = retryClient.StandardClient() client, err := lego.NewClient(config) if err != nil { - log.Fatalf("Could not create client: %v", err) + log.Fatal("Could not create client.", "error", err) } if client.GetExternalAccountRequired() && !ctx.IsSet(flgEAB) { - log.Fatalf("Server requires External Account Binding. Use --%s with --%s and --%s.", flgEAB, flgKID, flgHMAC) + log.Fatal(fmt.Sprintf("Server requires External Account Binding. Use --%s with --%s and --%s.", flgEAB, flgKID, flgHMAC)) } return client @@ -113,7 +113,7 @@ func getKeyType(ctx *cli.Context) certcrypto.KeyType { return certcrypto.EC384 } - log.Fatalf("Unsupported KeyType: %s", keyType) + log.Fatal("Unsupported KeyType.", "keyType", keyType) return "" } @@ -202,7 +202,7 @@ func checkRetry(ctx context.Context, resp *http.Response, err error) (bool, erro } default: - log.Warnf("retry: %v", errorDetails) + log.Warn(fmt.Sprintf("retry: %v", errorDetails)) return rt, errorDetails } diff --git a/cmd/setup_challenges.go b/cmd/setup_challenges.go index 3c8845eb7..d7b6e453d 100644 --- a/cmd/setup_challenges.go +++ b/cmd/setup_challenges.go @@ -21,27 +21,27 @@ import ( func setupChallenges(ctx *cli.Context, client *lego.Client) { if !ctx.Bool(flgHTTP) && !ctx.Bool(flgTLS) && !ctx.IsSet(flgDNS) { - log.Fatalf("No challenge selected. You must specify at least one challenge: `--%s`, `--%s`, `--%s`.", flgHTTP, flgTLS, flgDNS) + log.Fatal(fmt.Sprintf("No challenge selected. You must specify at least one challenge: `--%s`, `--%s`, `--%s`.", flgHTTP, flgTLS, flgDNS)) } if ctx.Bool(flgHTTP) { err := client.Challenge.SetHTTP01Provider(setupHTTPProvider(ctx), http01.SetDelay(ctx.Duration(flgHTTPDelay))) if err != nil { - log.Fatal(err) + log.Fatal("Could not set HTTP challenge provider.", "error", err) } } if ctx.Bool(flgTLS) { err := client.Challenge.SetTLSALPN01Provider(setupTLSProvider(ctx), tlsalpn01.SetDelay(ctx.Duration(flgTLSDelay))) if err != nil { - log.Fatal(err) + log.Fatal("Could not set TLS challenge provider.", "error", err) } } if ctx.IsSet(flgDNS) { err := setupDNS(ctx, client) if err != nil { - log.Fatal(err) + log.Fatal("Could not set DNS challenge provider.", "error", err) } } } @@ -52,33 +52,39 @@ func setupHTTPProvider(ctx *cli.Context) challenge.Provider { case ctx.IsSet(flgHTTPWebroot): ps, err := webroot.NewHTTPProvider(ctx.String(flgHTTPWebroot)) if err != nil { - log.Fatal(err) + log.Fatal("Could not create the webroot provider.", + "flag", flgHTTPWebroot, "webRoot", ctx.String(flgHTTPWebroot), "error", err) } return ps case ctx.IsSet(flgHTTPMemcachedHost): ps, err := memcached.NewMemcachedProvider(ctx.StringSlice(flgHTTPMemcachedHost)) if err != nil { - log.Fatal(err) + log.Fatal("Could not create the memcached provider.", + "flag", flgHTTPMemcachedHost, "memcachedHosts", strings.Join(ctx.StringSlice(flgHTTPMemcachedHost), ", "), "error", err) } return ps case ctx.IsSet(flgHTTPS3Bucket): ps, err := s3.NewHTTPProvider(ctx.String(flgHTTPS3Bucket)) if err != nil { - log.Fatal(err) + log.Fatal("Could not create the S3 provider.", + "flag", flgHTTPS3Bucket, "bucket", ctx.String(flgHTTPS3Bucket), "error", err) } return ps case ctx.IsSet(flgHTTPPort): iface := ctx.String(flgHTTPPort) if !strings.Contains(iface, ":") { - log.Fatalf("The --%s switch only accepts interface:port or :port for its argument.", flgHTTPPort) + log.Fatal( + fmt.Sprintf("The --%s switch only accepts interface:port or :port for its argument.", flgHTTPPort), + "flag", flgHTTPPort, "port", ctx.String(flgHTTPPort), + ) } host, port, err := net.SplitHostPort(iface) if err != nil { - log.Fatal(err) + log.Fatal("Could not split host and port.", "iface", iface, "error", err) } srv := http01.NewProviderServer(host, port) @@ -105,12 +111,12 @@ func setupTLSProvider(ctx *cli.Context) challenge.Provider { case ctx.IsSet(flgTLSPort): iface := ctx.String(flgTLSPort) if !strings.Contains(iface, ":") { - log.Fatalf("The --%s switch only accepts interface:port or :port for its argument.", flgTLSPort) + log.Fatal(fmt.Sprintf("The --%s switch only accepts interface:port or :port for its argument.", flgTLSPort)) } host, port, err := net.SplitHostPort(iface) if err != nil { - log.Fatal(err) + log.Fatal("Could not split host and port.", "iface", iface, "error", err) } return tlsalpn01.NewProviderServer(host, port) @@ -164,7 +170,7 @@ func setupDNS(ctx *cli.Context, client *lego.Client) error { func checkPropagationExclusiveOptions(ctx *cli.Context) error { if ctx.IsSet(flgDNSDisableCP) { - log.Printf("The flag '%s' is deprecated use '%s' instead.", flgDNSDisableCP, flgDNSPropagationDisableANS) + log.Warn(fmt.Sprintf("The flag '%s' is deprecated use '%s' instead.", flgDNSDisableCP, flgDNSPropagationDisableANS)) } if (isSetBool(ctx, flgDNSDisableCP) || isSetBool(ctx, flgDNSPropagationDisableANS)) && ctx.IsSet(flgDNSPropagationWait) {