add some debug logging related to secret lookups

Southclaws · Southclaws · commit e26351c5149b · 2020-03-10T18:29:00.000Z
diff --git a/service/secret/vault/vault.go b/service/secret/vault/vault.go
@@ -8,6 +8,7 @@ import (
 	"github.com/hashicorp/go-cleanhttp"
 	"github.com/hashicorp/vault/api"
 	"github.com/pkg/errors"
+	"go.uber.org/zap"
 
 	"github.com/picostack/pico/service/secret"
 )
@@ -46,18 +47,31 @@ func New(addr, path, token string, renewal time.Duration) (*VaultSecrets, error)
 // GetSecretsForTarget implements secret.Store
 func (v *VaultSecrets) GetSecretsForTarget(name string) (map[string]string, error) {
 	path := filepath.Join(v.path, name)
+
+	zap.L().Debug("looking for secrets in vault",
+		zap.String("name", name),
+		zap.String("path", path))
+
 	secret, err := v.client.Logical().Read(path)
 	if err != nil {
 		return nil, errors.Wrap(err, "failed to read secret")
 	}
 	if secret == nil {
+		zap.L().Debug("did not find secrets in vault",
+			zap.String("name", name),
+			zap.String("path", path))
 		return nil, nil
 	}
 
 	env := make(map[string]string)
 	for k, v := range secret.Data {
 		env[k] = v.(string)
 	}
+
+	zap.L().Debug("found secrets in vault",
+		zap.Any("secrets", env),
+		zap.Int("count", len(env)))
+
 	return env, nil
 }
 
diff --git a/service/service.go b/service/service.go
@@ -53,6 +53,12 @@ func Initialise(c Config) (app *App, err error) {
 
 	var secretStore secret.Store
 	if c.VaultAddress != "" {
+		zap.L().Debug("connecting to vault",
+			zap.String("address", c.VaultAddress),
+			zap.String("path", c.VaultPath),
+			zap.String("token", c.VaultToken),
+			zap.Duration("renewal", c.VaultRenewal))
+
 		secretStore, err = vault.New(c.VaultAddress, c.VaultPath, c.VaultToken, c.VaultRenewal)
 		if err != nil {
 			return nil, err
