feat: access log config

[yottahmd]

Resolves #1694

Summary by CodeRabbit

• New Features
  • Added configurable HTTP access logging modes: log all endpoints, exclude public endpoints from logging, or disable logging entirely.
  • Access log behavior can be set via configuration file, environment variable, or uses the default (all endpoints logged).

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

---

📝 Walkthrough

Walkthrough

This PR introduces configurable HTTP access logging with three modes—all requests, non-public endpoints only (excluding health checks), or no logging. It enables users to reduce log noise from automated health checks like Kubernetes probes while maintaining visibility into actual traffic.

Changes

Cohort / File(s)	Summary
Configuration Types internal/cmn/config/config.go	Introduces AccessLogMode string type with three constants (AccessLogAll, AccessLogNonPublic, AccessLogNone) and adds AccessLog field to Server struct.
Configuration Definition & Schema internal/cmn/config/definition.go, internal/cmn/schema/config.schema.json	Adds AccessLog *string field to Definition struct with mapstructure binding to "access_log_mode"; documents new property in JSON schema with allowed values and default behavior.
Configuration Loading internal/cmn/config/loader.go	Implements access_log_mode loading with validation against allowed values, viper defaults, and environment variable binding (ACCESS_LOG_MODE).
Configuration Tests internal/cmn/config/loader_test.go	Adds comprehensive test suite (TestLoad_AccessLogMode) covering all three modes, defaults, environment variable overrides, and invalid value handling with warnings.
Server Access Logging Middleware internal/service/frontend/server.go	Implements conditional access logging and path-based suppression; introduces buildPublicPaths() to identify public endpoints (health, login, setup, metrics) and skipPathsMiddleware() to bypass logging for those paths in non-public mode.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 37.50% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat: access log config' clearly and concisely describes the main addition of access log configuration functionality across the codebase.
Linked Issues check	✅ Passed	The PR implements configurable access logging with three modes (all, non-public, none) that directly addresses #1694's request for controlling access log verbosity, including skipping logs for public endpoints like /api/v2/health.
Out of Scope Changes check	✅ Passed	All changes are scoped to implementing access log configuration: type definitions, configuration loading, schema updates, and conditional middleware installation based on access log modes.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/access-log-config

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[ghansham]

If possible set log levels also, e.g. info, debug, error, warning, etc if set to error or warning, the logging will reduce drastically

[yottahmd]

@ghansham Yes, I agree. We can add that later.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 70.14%. Comparing base (e22497e) to head (05b75fd).
⚠️ Report is 4 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1695      +/-   ##
==========================================
- Coverage   70.20%   70.14%   -0.07%     
==========================================
  Files         369      369              
  Lines       40878    40887       +9     
==========================================
- Hits        28699    28680      -19     
- Misses       9906     9932      +26     
- Partials     2273     2275       +2     

Files with missing lines	Coverage Δ
internal/cmn/config/config.go	75.89% <ø> (ø)
internal/cmn/config/loader.go	82.57% <100.00%> (+0.21%)	⬆️

... and 14 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 25850df...05b75fd. Read the comment docs.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.