Ignore Access Log in metrics collection if Formats differ (#1097)

aphralG · web-flow · commit 0de3ba3451d8 · 2025-05-30T14:33:42.000+01:00
* add nil check

* fix race conditions

* fix race conditions

* fix race conditions

* fix issue when two formats are set for the same access log

* clean up

* format

* change log

* change log
diff --git a/internal/collector/otel_collector_plugin.go b/internal/collector/otel_collector_plugin.go
@@ -127,6 +127,7 @@ func (oc *Collector) Init(ctx context.Context, mp bus.MessagePipeInterface) erro
 		return errors.New("OTel collector already running")
 	}
 
+	slog.InfoContext(ctx, "Starting OTel collector")
 	bootErr := oc.bootup(runCtx)
 	if bootErr != nil {
 		slog.ErrorContext(runCtx, "Unable to start OTel Collector", "error", bootErr)
@@ -161,7 +162,6 @@ func (oc *Collector) processReceivers(ctx context.Context, receivers []config.Ot
 }
 
 func (oc *Collector) bootup(ctx context.Context) error {
-	slog.InfoContext(ctx, "Starting OTel collector")
 	errChan := make(chan error)
 
 	go func() {
@@ -266,7 +266,7 @@ func (oc *Collector) handleNginxConfigUpdate(ctx context.Context, msg *bus.Messa
 	reloadCollector := oc.checkForNewReceivers(nginxConfigContext)
 
 	if reloadCollector {
-		slog.InfoContext(ctx, "Reloading OTel collector config")
+		slog.InfoContext(ctx, "Reloading OTel collector config, nginx config updated")
 		err := writeCollectorConfig(oc.config.Collector)
 		if err != nil {
 			slog.ErrorContext(ctx, "Failed to write OTel Collector config", "error", err)
@@ -291,7 +291,7 @@ func (oc *Collector) handleResourceUpdate(ctx context.Context, msg *bus.Message)
 	headersSetterExtensionUpdated := oc.updateHeadersSetterExtension(ctx, resourceUpdateContext)
 
 	if resourceProcessorUpdated || headersSetterExtensionUpdated {
-		slog.InfoContext(ctx, "Reloading OTel collector config")
+		slog.InfoContext(ctx, "Reloading OTel collector config, resource updated")
 		err := writeCollectorConfig(oc.config.Collector)
 		if err != nil {
 			slog.ErrorContext(ctx, "Failed to write OTel Collector config", "error", err)
@@ -387,6 +387,7 @@ func (oc *Collector) restartCollector(ctx context.Context) {
 		return
 	}
 
+	slog.InfoContext(ctx, "Restarting OTel collector")
 	bootErr := oc.bootup(runCtx)
 	if bootErr != nil {
 		slog.ErrorContext(runCtx, "Unable to start OTel Collector", "error", bootErr)
diff --git a/internal/command/command_plugin_test.go b/internal/command/command_plugin_test.go
@@ -257,9 +257,6 @@ func TestCommandPlugin_monitorSubscribeChannel(t *testing.T) {
 }
 
 func TestCommandPlugin_FeatureDisabled(t *testing.T) {
-	// logBuf := &bytes.Buffer{}
-	// stub.StubLoggerWith(logBuf)
-
 	tests := []struct {
 		managementPlaneRequest *mpi.ManagementPlaneRequest
 		expectedLog            string
diff --git a/internal/datasource/config/nginx_config_parser.go b/internal/datasource/config/nginx_config_parser.go
@@ -144,7 +144,7 @@ func (ncp *NginxConfigParser) createNginxConfigContext(
 					if !ncp.ignoreLog(directive.Args[0]) {
 						accessLog := ncp.accessLog(directive.Args[0], ncp.accessLogDirectiveFormat(directive),
 							formatMap)
-						nginxConfigContext.AccessLogs = append(nginxConfigContext.AccessLogs, accessLog)
+						nginxConfigContext.AccessLogs = ncp.addAccessLog(accessLog, nginxConfigContext.AccessLogs)
 					}
 				case "error_log":
 					if !ncp.ignoreLog(directive.Args[0]) {
@@ -214,6 +214,29 @@ func (ncp *NginxConfigParser) createNginxConfigContext(
 	return nginxConfigContext, nil
 }
 
+func (ncp *NginxConfigParser) addAccessLog(accessLog *model.AccessLog,
+	accessLogs []*model.AccessLog,
+) []*model.AccessLog {
+	for i, log := range accessLogs {
+		if accessLog.Name == log.Name {
+			if accessLog.Format != log.Format {
+				slog.Warn("Found multiple log_format directives for the same access log. Multiple log formats "+
+					"are not supported in the same access log, metrics from this access log "+
+					"will not be collected", "access_log", accessLog.Name)
+
+				return append(accessLogs[:i], accessLogs[i+1:]...)
+			}
+			slog.Debug("Found duplicate access log, skipping", "access_log", accessLog.Name)
+
+			return accessLogs
+		}
+	}
+
+	slog.Debug("Found valid access log", "access_log", accessLog.Name)
+
+	return append(accessLogs, accessLog)
+}
+
 func (ncp *NginxConfigParser) crossplaneConfigTraverse(
 	ctx context.Context,
 	root *crossplane.Config,
diff --git a/internal/datasource/config/nginx_config_parser_test.go b/internal/datasource/config/nginx_config_parser_test.go
@@ -557,6 +557,120 @@ func TestNginxConfigParser_sslCert(t *testing.T) {
 	assert.Equal(t, certFile, sslCert.GetFileMeta().GetName())
 }
 
+func TestNginxConfigParser_checkLog(t *testing.T) {
+	logBuf := &bytes.Buffer{}
+	stub.StubLoggerWith(logBuf)
+	tests := []struct {
+		name               string
+		expectedLog        string
+		accessLog          *model.AccessLog
+		currentAccessLogs  []*model.AccessLog
+		expectedAccessLogs []*model.AccessLog
+	}{
+		{
+			name: "Test 1: valid access log",
+			accessLog: &model.AccessLog{
+				Name: "/var/log/nginx/access2.log",
+				Format: "$remote_addr - $remote_user [$time_local] \"$request\" \"$http_user_agent\" " +
+					"\"$http_x_forwarded_for\"$status $body_bytes_sent \"$http_referer\"",
+				Permissions: "",
+				Readable:    true,
+			},
+			currentAccessLogs: []*model.AccessLog{
+				{
+					Name: "/var/log/nginx/access.log",
+					Format: "$remote_addr - $remote_user [$time_local] \"$request\" \"$http_user_agent\" " +
+						"\"$http_x_forwarded_for\"$status $body_bytes_sent \"$http_referer\"",
+					Permissions: "",
+					Readable:    true,
+				},
+			},
+			expectedAccessLogs: []*model.AccessLog{
+				{
+					Name: "/var/log/nginx/access.log",
+					Format: "$remote_addr - $remote_user [$time_local] \"$request\" \"$http_user_agent\" " +
+						"\"$http_x_forwarded_for\"$status $body_bytes_sent \"$http_referer\"",
+					Permissions: "",
+					Readable:    true,
+				},
+				{
+					Name: "/var/log/nginx/access2.log",
+					Format: "$remote_addr - $remote_user [$time_local] \"$request\" \"$http_user_agent\" " +
+						"\"$http_x_forwarded_for\"$status $body_bytes_sent \"$http_referer\"",
+					Permissions: "",
+					Readable:    true,
+				},
+			},
+			expectedLog: "Found valid access log",
+		},
+		{
+			name: "Test 2: Duplicate access log, with same format",
+			accessLog: &model.AccessLog{
+				Name: "/var/log/nginx/access.log",
+				Format: "$remote_addr - $remote_user [$time_local] \"$request\" \"$http_user_agent\" " +
+					"\"$http_x_forwarded_for\"$status $body_bytes_sent \"$http_referer\"",
+				Permissions: "",
+				Readable:    true,
+			},
+			currentAccessLogs: []*model.AccessLog{
+				{
+					Name: "/var/log/nginx/access.log",
+					Format: "$remote_addr - $remote_user [$time_local] \"$request\" \"$http_user_agent\" " +
+						"\"$http_x_forwarded_for\"$status $body_bytes_sent \"$http_referer\"",
+					Permissions: "",
+					Readable:    true,
+				},
+			},
+			expectedAccessLogs: []*model.AccessLog{
+				{
+					Name: "/var/log/nginx/access.log",
+					Format: "$remote_addr - $remote_user [$time_local] \"$request\" \"$http_user_agent\" " +
+						"\"$http_x_forwarded_for\"$status $body_bytes_sent \"$http_referer\"",
+					Permissions: "",
+					Readable:    true,
+				},
+			},
+			expectedLog: "Found duplicate access log, skipping",
+		},
+
+		{
+			name: "Test 3: invalid access log, duplicate access log with different format",
+			accessLog: &model.AccessLog{
+				Name: "/var/log/nginx/access.log",
+				Format: "$remote_addr - $remote_user [$time_local] \"$request\" \"$http_user_agent\" " +
+					"\"$http_x_forwarded_for\"$status $body_bytes_sent",
+				Permissions: "",
+				Readable:    true,
+			},
+			currentAccessLogs: []*model.AccessLog{
+				{
+					Name: "/var/log/nginx/access.log",
+					Format: "$remote_addr - $remote_user [$time_local] \"$request\" \"$http_user_agent\" " +
+						"\"$http_x_forwarded_for\"$status $body_bytes_sent \"$http_referer\"",
+					Permissions: "",
+					Readable:    true,
+				},
+			},
+			expectedAccessLogs: []*model.AccessLog{},
+			expectedLog: "Found multiple log_format directives for the same access log. " +
+				"Multiple log formats are not supported in the same access log, metrics from this access log " +
+				"will not be collected",
+		},
+	}
+
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			ncp := NewNginxConfigParser(types.AgentConfig())
+			logs := ncp.addAccessLog(test.accessLog, test.currentAccessLogs)
+			assert.Equal(t, test.expectedAccessLogs, logs)
+
+			helpers.ValidateLog(t, test.expectedLog, logBuf)
+
+			logBuf.Reset()
+		})
+	}
+}
+
 // nolint: maintidx
 func TestNginxConfigParser_urlsForLocationDirective(t *testing.T) {
 	tmpDir := t.TempDir()
diff --git a/internal/watcher/process/process_operator.go b/internal/watcher/process/process_operator.go
@@ -9,9 +9,8 @@ import (
 	"context"
 	"strings"
 
-	"github.com/shirou/gopsutil/v4/process"
-
 	"github.com/nginx/agent/v3/pkg/nginxprocess"
+	"github.com/shirou/gopsutil/v4/process"
 )
 
 //go:generate go run github.com/maxbrunsfeld/counterfeiter/v6@v6.8.1 -generate

Original file line number	Diff line number	Diff line change
`@@ -257,9 +257,6 @@ func TestCommandPlugin_monitorSubscribeChannel(t *testing.T) {`
`257`	`257`	`}`
`258`	`258`
`259`	`259`	`func TestCommandPlugin_FeatureDisabled(t *testing.T) {`
`260`		`- // logBuf := &bytes.Buffer{}`
`261`		`- // stub.StubLoggerWith(logBuf)`
`262`		`-`
`263`	`260`	`tests := []struct {`
`264`	`261`	`managementPlaneRequest *mpi.ManagementPlaneRequest`
`265`	`262`	`expectedLog string`
Original file line number	Diff line number	Diff line change
`@@ -9,9 +9,8 @@ import (`
`9`	`9`	`"context"`
`10`	`10`	`"strings"`
`11`	`11`
`12`		`- "github.com/shirou/gopsutil/v4/process"`
`13`		`-`
`14`	`12`	`"github.com/nginx/agent/v3/pkg/nginxprocess"`
	`13`	`+ "github.com/shirou/gopsutil/v4/process"`
`15`	`14`	`)`
`16`	`15`
`17`	`16`	`//go:generate go run github.com/maxbrunsfeld/counterfeiter/v6@v6.8.1 -generate`