Instrument portal messages

implementations/rust/ockam/ockam_abac/src/policy/policies.rs

@@ -9,7 +9,7 @@ use ockam_core::compat::vec::Vec;
 use ockam_core::Result;
 use ockam_identity::{Identifier, IdentitiesAttributes};
 use strum::IntoEnumIterator;
-use tracing::{debug, instrument};
+use tracing::{debug, instrument, Level};
 
 #[derive(Clone)]
 pub struct Policies {
@@ -28,7 +28,7 @@ impl Policies {
         }
     }
 
-    #[instrument(skip_all, fields(resource = %resource, action = %action, env = %env, authority = ?authority))]
+    #[instrument(skip_all, fields(resource = %resource, action = %action, env = %env, authority = ?authority), level = Level::TRACE)]
     pub fn make_policy_access_control(
         &self,
         identities_attributes: Arc<IdentitiesAttributes>,

implementations/rust/ockam/ockam_api/src/authenticator/credential_issuer/credential_issuer.rs

@@ -7,6 +7,7 @@ use ockam::identity::utils::AttributesBuilder;
 use ockam::identity::{Attributes, Credentials, Identifier, IdentitiesAttributes};
 use ockam_core::compat::sync::Arc;
 use ockam_core::Result;
+use tracing::Level;
 
 /// Legacy value, should be removed when all clients are updated to the latest version
 pub const TRUST_CONTEXT_ID: &[u8] = b"trust_context_id";
@@ -32,7 +33,7 @@ pub struct CredentialIssuer {
 impl CredentialIssuer {
     /// Create a new credentials issuer
     #[allow(clippy::too_many_arguments)]
-    #[instrument(skip_all, fields(issuer = %issuer, project_identifier = project_identifier.clone(), credential_ttl = credential_ttl.map_or("n/a".to_string(), |d| d.as_secs().to_string())))]
+    #[instrument(skip_all, fields(issuer = %issuer, project_identifier = project_identifier.clone(), credential_ttl = credential_ttl.map_or("n/a".to_string(), |d| d.as_secs().to_string())), level = Level::TRACE)]
     pub fn new(
         members: Arc<dyn AuthorityMembersRepository>,
         identities_attributes: Arc<IdentitiesAttributes>,
@@ -66,7 +67,7 @@ impl CredentialIssuer {
         }
     }
 
-    #[instrument(skip_all, fields(subject = %subject))]
+    #[instrument(skip_all, fields(subject = %subject), level = Level::TRACE)]
     pub async fn issue_credential(
         &self,
         subject: &Identifier,

implementations/rust/ockam/ockam_api/src/authenticator/direct/direct_authenticator.rs

@@ -1,5 +1,6 @@
 use either::Either;
 use std::collections::{BTreeMap, HashMap};
+use tracing::Level;
 
 use ockam::identity::utils::now;
 use ockam::identity::Identifier;
@@ -76,7 +77,7 @@ impl DirectAuthenticator {
         }
     }
 
-    #[instrument(skip_all, fields(enroller = %enroller, identifier = %identifier))]
+    #[instrument(skip_all, fields(enroller = %enroller, identifier = %identifier), level = Level::TRACE)]
     pub async fn add_member(
         &self,
         enroller: &Identifier,
@@ -141,7 +142,7 @@ impl DirectAuthenticator {
         Ok(Either::Left(()))
     }
 
-    #[instrument(skip_all, fields(enroller = %enroller))]
+    #[instrument(skip_all, fields(enroller = %enroller), level = Level::TRACE)]
     pub async fn show_member(
         &self,
         enroller: &Identifier,
@@ -183,7 +184,7 @@ impl DirectAuthenticator {
         }
     }
 
-    #[instrument(skip_all, fields(enroller = %enroller))]
+    #[instrument(skip_all, fields(enroller = %enroller), level = Level::TRACE)]
     pub async fn list_members(
         &self,
         enroller: &Identifier,
@@ -220,7 +221,7 @@ impl DirectAuthenticator {
         Ok(Either::Left(res))
     }
 
-    #[instrument(skip_all, fields(enroller = %enroller))]
+    #[instrument(skip_all, fields(enroller = %enroller), level = Level::TRACE)]
     pub async fn delete_all_members(
         &self,
         enroller: &Identifier,
@@ -238,7 +239,7 @@ impl DirectAuthenticator {
         }
     }
 
-    #[instrument(skip_all, fields(enroller = %enroller, identifier = %identifier))]
+    #[instrument(skip_all, fields(enroller = %enroller, identifier = %identifier), level = Level::TRACE)]
     pub async fn delete_member(
         &self,
         enroller: &Identifier,

implementations/rust/ockam/ockam_api/src/authenticator/enrollment_tokens/acceptor.rs

@@ -1,4 +1,6 @@
 use either::Either;
+use tracing::Level;
+
 use ockam::identity::utils::now;
 use ockam::identity::Identifier;
 use ockam_core::compat::sync::Arc;
@@ -33,7 +35,7 @@ impl EnrollmentTokenAcceptor {
         }
     }
 
-    #[instrument(skip_all, fields(from = %from))]
+    #[instrument(skip_all, fields(from = %from), level = Level::TRACE)]
     pub async fn accept_token(
         &mut self,
         otc: OneTimeCode,

implementations/rust/ockam/ockam_api/src/authenticator/enrollment_tokens/acceptor_client.rs

@@ -1,4 +1,5 @@
 use miette::IntoDiagnostic;
+use tracing::Level;
 
 use ockam_core::api::Request;
 use ockam_core::async_trait;
@@ -15,7 +16,7 @@ pub trait TokenAcceptor {
 
 #[async_trait]
 impl TokenAcceptor for AuthorityNodeClient {
-    #[instrument(skip_all)]
+    #[instrument(skip_all, level = Level::TRACE)]
     async fn present_token(&self, ctx: &Context, token: OneTimeCode) -> miette::Result<()> {
         let req = Request::post("/").body(token);
         self.get_secure_client()

implementations/rust/ockam/ockam_api/src/authenticator/enrollment_tokens/issuer.rs

@@ -2,6 +2,7 @@ use either::Either;
 use rand::distributions::Alphanumeric;
 use rand::Rng;
 use std::collections::BTreeMap;
+use tracing::Level;
 
 use ockam::identity::utils::now;
 use ockam::identity::{Identifier, IdentitiesAttributes};
@@ -50,7 +51,7 @@ impl EnrollmentTokenIssuer {
         }
     }
 
-    #[instrument(skip_all, fields(enroller = %enroller, token_duration = token_duration.map_or("n/a".to_string(), |d| d.as_secs().to_string()), ttl_count = ttl_count.map_or("n/a".to_string(), |t| t.to_string())))]
+    #[instrument(skip_all, fields(enroller = %enroller, token_duration = token_duration.map_or("n/a".to_string(), |d| d.as_secs().to_string()), ttl_count = ttl_count.map_or("n/a".to_string(), |t| t.to_string())), level = Level::TRACE)]
     pub async fn issue_token(
         &self,
         enroller: &Identifier,

implementations/rust/ockam/ockam_api/src/cli_state/enrollments.rs

@@ -14,11 +14,12 @@ use serde::{Deserialize, Serialize};
 use std::fmt::{Display, Formatter};
 use std::str::FromStr;
 use time::OffsetDateTime;
+use tracing::Level;
 
 /// The following CliState methods help keeping track of
 /// the enrollment status of identities.
 impl CliState {
-    #[instrument(skip_all, fields(name = name.clone()))]
+    #[instrument(skip_all, fields(name = name.clone()), level = Level::TRACE)]
     pub async fn is_identity_enrolled(&self, name: &Option<String>) -> Result<bool> {
         let repository = self.enrollment_repository();
 
@@ -28,15 +29,15 @@ impl CliState {
         }
     }
 
-    #[instrument(skip_all)]
+    #[instrument(skip_all, level = Level::TRACE)]
     pub async fn is_default_identity_enrolled(&self) -> Result<bool> {
         Ok(self
             .enrollment_repository()
             .is_default_identity_enrolled()
             .await?)
     }
 
-    #[instrument(skip_all)]
+    #[instrument(skip_all, level = Level::TRACE)]
     pub async fn identity_should_enroll(&self, name: &Option<String>, force: bool) -> Result<bool> {
         if force {
             return Ok(true);
@@ -51,7 +52,7 @@ impl CliState {
         Ok(!self.is_identity_enrolled(name).await?)
     }
 
-    #[instrument(skip_all, fields(identifier = %identifier))]
+    #[instrument(skip_all, fields(identifier = %identifier), level = Level::TRACE)]
     pub async fn set_identifier_as_enrolled(
         &self,
         identifier: &Identifier,
@@ -67,7 +68,7 @@ impl CliState {
     ///
     ///  - all the currently enrolled entities
     ///  - all the known identities and their corresponding enrollment state
-    #[instrument(skip_all, fields(filter = %filter))]
+    #[instrument(skip_all, fields(filter = %filter), level = Level::TRACE)]
     pub async fn get_identity_enrollments(
         &self,
         filter: EnrollmentFilter,
@@ -93,7 +94,7 @@ impl CliState {
     /// Return true if the user is enrolled.
     /// At the moment this check only verifies that there is a default project.
     /// This project should be the project that is created at the end of the enrollment procedure
-    #[instrument(skip_all)]
+    #[instrument(skip_all, level = Level::TRACE)]
     pub async fn is_enrolled(&self) -> miette::Result<bool> {
         if !self.is_default_identity_enrolled().await? {
             return Ok(false);

implementations/rust/ockam/ockam_api/src/cli_state/identities.rs

@@ -4,6 +4,7 @@ use ockam::identity::{Identifier, Identity};
 use ockam_core::errcode::{Kind, Origin};
 use ockam_core::Error;
 use ockam_vault::{HandleToSecret, SigningSecretKeyHandle};
+use tracing::Level;
 
 use crate::cli_state::{random_name, CliState, Result};
 use crate::colors::color_primary;
@@ -28,7 +29,7 @@ use crate::{fmt_log, fmt_ok};
 impl CliState {
     /// Create an identity associated with a name and a specific vault name
     /// If there is already an identity with that name, return its identifier
-    #[instrument(skip_all, fields(name = %name, vault_name = %vault_name))]
+    #[instrument(skip_all, fields(name = %name, vault_name = %vault_name), level = Level::TRACE)]
     pub async fn create_identity_with_name_and_vault(
         &self,
         name: &str,
@@ -64,7 +65,7 @@ impl CliState {
 
     /// Create an identity associated with a name, using the default vault
     /// If there is already an identity with that name, return its identifier
-    #[instrument(skip_all, fields(name = %name))]
+    #[instrument(skip_all, fields(name = %name), level = Level::TRACE)]
     pub async fn create_identity_with_name(&self, name: &str) -> Result<NamedIdentity> {
         let vault = self.get_or_create_default_named_vault().await?;
         self.create_identity_with_name_and_vault(name, &vault.name())
@@ -74,7 +75,7 @@ impl CliState {
     /// Create an identity with specific key id.
     /// This method is used when the vault is a KMS vault and we just need to store a key id
     /// for the identity key existing in the KMS
-    #[instrument(skip_all, fields(name = %name, vault_name = %vault_name, key_id = %key_id))]
+    #[instrument(skip_all, fields(name = %name, vault_name = %vault_name, key_id = %key_id), level = Level::TRACE)]
     pub async fn create_identity_with_key_id(
         &self,
         name: &str,
@@ -123,13 +124,13 @@ impl CliState {
 ///
 impl CliState {
     /// Return all named identities
-    #[instrument(skip_all)]
+    #[instrument(skip_all, level = Level::TRACE)]
     pub async fn get_named_identities(&self) -> Result<Vec<NamedIdentity>> {
         Ok(self.identities_repository().get_named_identities().await?)
     }
 
     /// Return a named identity given its name
-    #[instrument(skip_all, fields(name = %name))]
+    #[instrument(skip_all, fields(name = %name), level = Level::TRACE)]
     pub async fn get_named_identity(&self, name: &str) -> Result<NamedIdentity> {
         let repository = self.identities_repository();
         match repository.get_named_identity(name).await? {
@@ -151,7 +152,7 @@ impl CliState {
     }
 
     /// Return a named identity given its name or the default named identity
-    #[instrument(skip_all, fields(name = name.clone()))]
+    #[instrument(skip_all, fields(name = name.clone()), level = Level::TRACE)]
     pub async fn get_named_identity_or_default(
         &self,
         name: &Option<String>,
@@ -171,7 +172,7 @@ impl CliState {
 
     /// Return the identifier for identity given an optional name.
     /// If that name is None, then we return the identifier of the default identity
-    #[instrument(skip_all, fields(name = name.clone()))]
+    #[instrument(skip_all, fields(name = name.clone()), level = Level::TRACE)]
     pub async fn get_identifier_by_optional_name(
         &self,
         name: &Option<String>,
@@ -190,7 +191,7 @@ impl CliState {
 
     /// Return a full identity from its name
     /// Use the default identity if no name is given
-    #[instrument(skip_all, fields(name = name.clone()))]
+    #[instrument(skip_all, fields(name = name.clone()), level = Level::TRACE)]
     pub async fn get_identity_by_optional_name(&self, name: &Option<String>) -> Result<Identity> {
         let named_identity = match name {
             Some(name) => {
@@ -222,7 +223,7 @@ impl CliState {
     }
 
     /// Return the identity with the given identifier
-    #[instrument(skip_all, fields(identifier = %identifier))]
+    #[instrument(skip_all, fields(identifier = %identifier), level = Level::TRACE)]
     pub async fn get_identity(&self, identifier: &Identifier) -> Result<Identity> {
         match self
             .change_history_repository()
@@ -242,14 +243,14 @@ impl CliState {
 
     /// Return the name of the default identity.
     /// This function creates the default identity if it does not exist!
-    #[instrument(skip_all)]
+    #[instrument(skip_all, level = Level::TRACE)]
     pub async fn get_default_identity_name(&self) -> Result<String> {
         Ok(self.get_or_create_default_named_identity().await?.name())
     }
 
     /// Return the default named identity
     /// This function creates the default identity if it does not exist!
-    #[instrument(skip_all)]
+    #[instrument(skip_all, level = Level::TRACE)]
     pub async fn get_or_create_default_named_identity(&self) -> Result<NamedIdentity> {
         match self
             .identities_repository()
@@ -271,7 +272,7 @@ impl CliState {
     /// Return:
     /// - the given name if defined
     /// - or the name of the default identity (which is created if it does not already exist!)
-    #[instrument(skip_all, fields(name = name.clone()))]
+    #[instrument(skip_all, fields(name = name.clone()), level = Level::TRACE)]
     pub async fn get_identity_name_or_default(&self, name: &Option<String>) -> Result<String> {
         match name {
             Some(name) => Ok(name.clone()),
@@ -280,7 +281,7 @@ impl CliState {
     }
 
     /// Return the named identity with the given identifier
-    #[instrument(skip_all, fields(identifier = %identifier))]
+    #[instrument(skip_all, fields(identifier = %identifier), level = Level::TRACE)]
     pub async fn get_named_identity_by_identifier(
         &self,
         identifier: &Identifier,
@@ -300,7 +301,7 @@ impl CliState {
     }
 
     /// Return true if there is an identity with that name and it is the default one
-    #[instrument(skip_all, fields(name = %name))]
+    #[instrument(skip_all, fields(name = %name), level = Level::TRACE)]
     pub async fn is_default_identity_by_name(&self, name: &str) -> Result<bool> {
         Ok(self
             .identities_repository()
@@ -315,7 +316,7 @@ impl CliState {
 impl CliState {
     /// Set a named identity as the default
     /// Return an error if that identity does not exist
-    #[instrument(skip_all, fields(name = %name))]
+    #[instrument(skip_all, fields(name = %name), level = Level::TRACE)]
     pub async fn set_as_default_identity(&self, name: &str) -> Result<()> {
         Ok(self.identities_repository().set_as_default(name).await?)
     }
@@ -326,7 +327,7 @@ impl CliState {
     ///  - then remove the the name association to the identity
     ///  - and remove the identity change history
     ///
-    #[instrument(skip_all, fields(name = %name))]
+    #[instrument(skip_all, fields(name = %name), level = Level::TRACE)]
     pub async fn delete_identity_by_name(&self, name: &str) -> Result<()> {
         let nodes = self.get_nodes_by_identity_name(name).await?;
         if nodes.is_empty() {
@@ -350,7 +351,7 @@ impl CliState {
     }
 
     /// Update the name associated to an identifier
-    #[instrument(skip_all, fields(identifier = %identifier, name = %name))]
+    #[instrument(skip_all, fields(identifier = %identifier, name = %name), level = Level::TRACE)]
     pub async fn update_named_identity_name(
         &self,
         identifier: &Identifier,
@@ -367,7 +368,7 @@ impl CliState {
 impl CliState {
     /// Once a identity has been created, store it.
     /// If there is no previous default identity we set it as the default identity
-    #[instrument(skip_all, fields(name = %name, identifier = %identifier, vault_name = %vault_name))]
+    #[instrument(skip_all, fields(name = %name, identifier = %identifier, vault_name = %vault_name), level = Level::TRACE)]
     pub async fn store_named_identity(
         &self,
         identifier: &Identifier,
@@ -391,7 +392,7 @@ impl CliState {
     }
 
     /// Return the change history of a persisted identity
-    #[instrument(skip_all, fields(identifier = %identifier))]
+    #[instrument(skip_all, fields(identifier = %identifier), level = Level::TRACE)]
     async fn get_change_history(&self, identifier: &Identifier) -> Result<ChangeHistory> {
         match self
             .change_history_repository()

implementations/rust/ockam/ockam_api/src/cli_state/journeys/attributes.rs

@@ -34,7 +34,7 @@ pub fn default_attributes<'a>() -> HashMap<&'a Key, String> {
 ///  - The next 25 characters identify the host
 ///  - The last 6 characters are the 'now' date as YYMMDD
 ///
-pub(crate) fn make_host_trace_id(now: DateTime<Utc>) -> TraceId {
+pub fn make_host_trace_id(now: DateTime<Utc>) -> TraceId {
     let machine = adjust(make_host(), 25, '1');
     // date as a 6 characters string
     let now = now_as_string(now);
@@ -54,7 +54,7 @@ pub(crate) fn make_host_trace_id(now: DateTime<Utc>) -> TraceId {
 ///    This allows to bucket all the spans in the same trace, even if the spans come from  different machines which
 ///    can start their own project journey trace independently.
 ///
-pub(crate) fn make_project_trace_id(project_id: &str, now: DateTime<Utc>) -> TraceId {
+pub fn make_project_trace_id(project_id: &str, now: DateTime<Utc>) -> TraceId {
     // take the whole project without '-' as the base for the trace id
     // make sure that there exactly 25 characters
     let project_id_trace_id = adjust(project_id.to_string().replace('-', ""), 25, '1');