Skip to content

Reland "Replace log package with fully slog-based system"#8854

Draft
aarongable wants to merge 9 commits into
mainfrom
reland-slog
Draft

Reland "Replace log package with fully slog-based system"#8854
aarongable wants to merge 9 commits into
mainfrom
reland-slog

Conversation

Base automatically changed from revert-slog to main July 6, 2026 21:22
Before #8606 a detected bad certificate was logged via AuditErr and the
end-of-run report via AuditInfo. The migration downgraded both to plain
Error/Info, silently removing them from Audit.

This PR was generated as part of an audit of
#8606 using Claude Fable 5.
On a failed local CAA check, the "CAA check result" audit line attached
the internal error under blog.Error's "error" key, which the deferred
logger also uses for the client-visible problem, producing duplicate
keys in one JSON record. Parsers keep only one of the two values. Key
the internal error as internalErr, matching the equivalent code in
DoDCV.

This PR was generated as part of an audit of
#8606 using Claude Fable 5.
The slog migration (#8606) dropped RequestEvent.Error from the request
completion log: web.SendError still recorded the client-visible problem
details on the event, but logEvent() never emitted them, so failed ACME
requests logged only their status code. Emit the field under the key
"problem" ("error" is reserved for the blog.Error helper).

This PR was generated as part of an audit of
#8606 using Claude Fable 5.
Before #8606, the certificateRevocationEvent struct carried the
requested reason code from the moment it was created, so every
"Revocation request" audit line included it, even on error paths. The
migration attached it to the context only after the cross-account
ownership check, so early failures (e.g. GetSerialMetadata errors)
produced audit lines with no reason.

Log the reason from the local variable in the deferred call so it
reflects the requested (or overridden) value no matter where the
function exits.

This PR was generated as part of an audit of
#8606 using Claude Fable 5.
The crl-updater attaches issuerNameID to all its log lines (added during
#8606 review), but the storer's "CRL uploaded" line carried only the
issuer CN. Since the S3 object key is {nameID}/{shardIdx}.crl, tying an
upload log line to its object required an out-of-band CN to NameID
mapping. Log the NameID too.

This PR was generated as part of an audit of
#8606 using Claude Fable 5.
…8848)

The audit and plain sub-handlers each hold only their own internal lock,
so the shared underlying writer receives concurrent whole-line Write
calls from both. Every current writer tolerates this (os.File serializes
concurrent Write calls internally, and syslog.Writer and the test mock
hold their own locks), but the requirement is invisible at the io.Writer
interface. Document it at the point where a future writer (for example a
bufio.Writer added while moving to stdout-only logging) would be
inserted.

This PR was generated as part of an audit of
#8606 using Claude Fable 5.
docs/logging.md claimed all log lines carry datacenter/host/program/pid
attributes. Those were deliberately removed from prod during #8606
review (collectors add them), with only prog retained in test builds.
blog.Config's StdoutLevel comment still described a stdout/stderr split
that no longer exists.

This PR was generated as part of an audit of
#8606 using Claude Fable 5.
blog.Serial documents that its argument should be the hex-encoded form,
and every other call site uses core.SerialToString. This one logged the
big.Int decimal form, which matches nothing else in the system when
searching or joining on serial.

This PR was generated as part of an audit of
#8606 using Claude Fable 5.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

logging: Switch to slog

2 participants