add some logging

go.mod

@@ -3,6 +3,7 @@ module opa-admission-controller
 go 1.16
 
 require (
+	github.com/buger/jsonparser v1.1.1
 	github.com/open-policy-agent/opa v0.31.0
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.7.0 // indirect

go.sum

@@ -61,6 +61,8 @@ github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+Ce
 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
 github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
 github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM=
+github.com/buger/jsonparser v1.1.1 h1:2PnMjfWD7wBILjqQbt530v576A/cAbQvEW9gGIpYMUs=
+github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0=
 github.com/bytecodealliance/wasmtime-go v0.28.0 h1:JTWP482wkmR79O9T0JiIAllPqmNW5oP0v56v/FwCpaQ=
 github.com/bytecodealliance/wasmtime-go v0.28.0/go.mod h1:q320gUxqyI8yB+ZqRuaJOEnGkAnHh6WtJjMaT2CW4wI=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=

internal/controller.go

@@ -3,6 +3,7 @@ package internal
 import (
 	"encoding/json"
 	"fmt"
+	"github.com/buger/jsonparser"
 	"go.uber.org/zap"
 	"io/ioutil"
 	v1 "k8s.io/api/admission/v1"
@@ -36,7 +37,27 @@ func (controller *Controller) HandleMutate(w http.ResponseWriter, r *http.Reques
 		return
 	}
 
-	patches, err := applyMutations(jsonMap, controller.Mutations)
+	kind, err := jsonparser.GetString(body, "request", "object", "kind")
+	if err != nil {
+		controller.replyInternalServerError(w, "Error retrieving kind", err)
+		return
+	}
+
+	namespace, err := jsonparser.GetString(body, "request", "object", "metadata", "namespace")
+	if err != nil {
+		controller.replyInternalServerError(w, "Error retrieving namespace", err)
+		return
+	}
+
+	name, err := jsonparser.GetString(body, "request", "object", "metadata", "name")
+	if err != nil {
+		controller.replyInternalServerError(w, "Error retrieving name", err)
+		return
+	}
+
+	controller.Sugar.Infof("got a mutation request for kind=%s, namespace=%s, name=%s", kind, namespace, name)
+
+	patches, err := controller.applyMutations(jsonMap, controller.Mutations)
 	if err != nil {
 		controller.replyInternalServerError(w, "Error applying mutations", err)
 		return
@@ -51,10 +72,10 @@ func (controller *Controller) HandleMutate(w http.ResponseWriter, r *http.Reques
 	patchType := v1.PatchTypeJSONPatch
 	//TODO Audit Annotations
 	admissionResponse := v1.AdmissionResponse{
-		UID:              admissionReview.Request.UID,
-		Allowed:          true,
-		PatchType:        &patchType,
-		Patch:            patchesJSON,
+		UID:       admissionReview.Request.UID,
+		Allowed:   true,
+		PatchType: &patchType,
+		Patch:     patchesJSON,
 	}
 
 	admissionReview.Response = &admissionResponse

internal/mutation.go

@@ -16,28 +16,37 @@ type Mutation struct {
 
 var runtimeEnv = generateEnvAst()
 
-func applyMutations(input map[string]interface{}, mutations []Mutation) ([]map[string]interface{}, error) {
+func (controller *Controller) applyMutations(input map[string]interface{}, mutations []Mutation) ([]map[string]interface{}, error) {
 	patches := make([]map[string]interface{}, 0)
 
 	for _, mutation := range mutations {
-		filterDoesMatch, err := checkFilter(input, mutation.Filter)
+		filterDoesMatch, err := controller.checkFilter(input, mutation.Filter)
 		if err != nil {
 			return patches, err
 		}
 		if !filterDoesMatch {
 			continue
 		}
-		p, err := generatePatches(input, mutation.Mutation)
+		controller.Sugar.Infof("mutation with id=%d matches the request, starting to generate patches", mutation.Id)
+
+		generatedPatches, err := controller.generatePatches(input, mutation.Mutation)
 		if err != nil {
 			return patches, err
 		}
-		patches = append(patches, p...)
+		controller.Sugar.Infof("generated %d patches for mutation with id=%d", len(generatedPatches), mutation.Id)
+
+		for i, p := range generatedPatches {
+			controller.Sugar.Debugf("patch %d => %v", i, p)
+		}
+
+		patches = append(patches, generatedPatches...)
 	}
 
+	controller.Sugar.Infof("generated %d patches in total", len(patches))
 	return patches, nil
 }
 
-func generatePatches(input map[string]interface{}, module string) ([]map[string]interface{}, error) {
+func (controller *Controller) generatePatches(input map[string]interface{}, module string) ([]map[string]interface{}, error) {
 	ret := make([]map[string]interface{}, 0)
 
 	ctx := context.Background()
@@ -63,7 +72,7 @@ func generatePatches(input map[string]interface{}, module string) ([]map[string]
 	return ret, nil
 }
 
-func checkFilter(input map[string]interface{}, module string) (bool, error) {
+func (controller *Controller) checkFilter(input map[string]interface{}, module string) (bool, error) {
 	ctx := context.Background()
 	query, err := rego.New(
 		rego.Module("example.rego", module),

main.go

@@ -13,15 +13,19 @@ import (
 )
 
 func main() {
-	logger, _ := zap.NewProduction()
-	defer logger.Sync() // flushes buffer, if any
-	sugar := logger.Sugar()
-
 	port := flag.Int("port", 8443, "port")
 	noSSL := flag.Bool("no-ssl", false, "don't use ssl")
 	configFile := flag.String("config", "/config/config.yaml", "path to config file")
+	level := zap.LevelFlag("loglevel", zap.InfoLevel, "loglevel")
 	flag.Parse()
 
+	config := zap.NewProductionConfig()
+	config.Level = zap.NewAtomicLevelAt(*level)
+	logger, _ := config.Build([]zap.Option{}...)
+
+	defer logger.Sync() // flushes buffer, if any
+	sugar := logger.Sugar()
+
 	yamlFile, err := os.Open(*configFile)
 	defer yamlFile.Close()
 	if err != nil {
@@ -33,7 +37,7 @@ func main() {
 	mutations := make([]internal.Mutation, 0)
 	err = yaml.Unmarshal(byteValue, &mutations)
 	if err != nil {
-		sugar.Fatalf("Error unmarshalling config yaml %s",err)
+		sugar.Fatalf("Error unmarshalling config yaml %s", err)
 	}
 
 	controller := internal.Controller{Sugar: sugar, Mutations: mutations}