WIP do not merge: Dump HTTP operations#201
Conversation
|
Isn't this adding overhead to the command? I'm fine with this, just want to make sure we don't wait that much dumping req/res. |
|
Any way to pass down a debug flag? Or just rebuild with a DEBUG Tag? |
Yes, and it completely clutters the debugging output. As I said
|
We have a |
mtrmac
force-pushed
the
http-dump
branch
4 times, most recently
from
27bdf9e to
eb7a685
Compare
mtrmac
force-pushed
the
http-dump
branch
3 times, most recently
from
a49b9fb to
a7f917d
Compare
mtrmac
force-pushed
the
http-dump
branch
2 times, most recently
from
7db1b51 to
4a5b2b5
Compare
mtrmac
force-pushed
the
http-dump
branch
5 times, most recently
from
e7030b7 to
b8d0cc5
Compare
mtrmac
force-pushed
the
http-dump
branch
2 times, most recently
from
b727325 to
ef4adfb
Compare
mtrmac
force-pushed
the
http-dump
branch
2 times, most recently
from
2f2b680 to
974b583
Compare
|
@mtrmac Could you open a trello card with an intern flag, so we could have an intern work on this next summer. |
https://trello.com/c/xrAwKleu/542-containers-image-http-dumps-intern |
|
@mtrmac @vrothberg What is the state of this PR? Should we rebase and move forward with it or should we close it? |
|
Rebased, but this still needs turning into a |
|
Meeting notes: use |
|
|
|
Updated:
WARNING: Using this will cause trace-level logs to include all credentials (Basic auth, bearer tokens, etc.). Is that OK? Applications including this should probably warn about that at least in documentation. |
vrothberg
left a comment
vrothberg
left a comment
There was a problem hiding this comment.
LGTM
Thanks for the warning. Let's add that to the release notes.
|
Unless we can easily hide this information, then yes we should document this in the release notes. As well as in the man pages if possible. Perhaps containers-transports.5.md Under the "docker" section? |
And in the man pages of the tools (i.e., the |
|
Just needs to have an update to the transports man page. |
|
In addition to the previously-noted concerns about opt-in, this should almost certainly be reworked to become a |
|
This would be very useful for troubleshooting issues with access to remote registries. At the moment, I tend to opt for a set up with a transparent TLS proxy to snoop on this type of traffic, but having a log that exposes this type of data that can be easily enabled would be ideal. |
|
For the record, Red Hat internal tracking: https://issues.redhat.com/browse/RHEL-36783 |
WARNING: This includes credentials, if any. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
Hi, and thank you for your contribution! We’ve recently migrated this repository into a new monorepo: containers/container-libs along with other repositories As part of this migration, this repository is no longer accepting new Pull-Requests and therefore this Pull-Request is being closed. Thank you very much for your contribution. We would appreciate your continued help in migrating this PR to the new container-libs repository. Please let us know if you are facing any issues. You can read more about the migration and the reasoning behind it in our blog post: Upcoming migration of three containers repositories to monorepo. Thanks again for your work and for supporting the containers ecosystem! |
6 participants
Quite often it has been useful to dump the full HTTP request and response headers, and sometimes fuill bodies, for debugging; we probably should make that possible either automatically at the “debug” log level, or when the user sets an option.
This is by no means a workable implementation for that, but I’ve written exactly this hack two or three times now, so right now I am at least recording it for posterity, expecting that rebasing it will be easier than rewriting it.
A real implementation should, I guess, wrap a
http.RoundTripperor perhapshttp.Client(or justhttp.Client.Do?), or perhaps usingnet/http/httptracesomehow.