redhat-best-practices-for-k8s · jmontesi · Jan 8, 2024 · Jan 5, 2024 · Jan 6, 2024
diff --git a/cnf-certification-test/accesscontrol/namespace/namespace.go b/cnf-certification-test/accesscontrol/namespace/namespace.go
@@ -30,7 +30,7 @@ import (
 
 // TestCrsNamespaces finds the list of the input CRDs (crds parameter) instances (CRs) and verify that they are only in namespaces provided as input.
 // The list of CRs not belonging to the namespaces passed as input is returned as invalid
-func TestCrsNamespaces(crds []*apiextv1.CustomResourceDefinition, configNamespaces []string) (invalidCrs map[string]map[string][]string, err error) {
+func TestCrsNamespaces(crds []*apiextv1.CustomResourceDefinition, configNamespaces []string, logger *log.Logger) (invalidCrs map[string]map[string][]string, err error) {
 	// Initialize the top level map
 	invalidCrs = make(map[string]map[string][]string)
 	for _, crd := range crds {
@@ -40,7 +40,7 @@ func TestCrsNamespaces(crds []*apiextv1.CustomResourceDefinition, configNamespac
 		}
 		for namespace, crNames := range crNamespaces {
 			if !stringhelper.StringInSlice(configNamespaces, namespace, false) {
-				log.Debug("CRD: %s (kind:%s/ plural:%s) has CRs %v deployed in namespace (%s) not in configured namespaces %v",
+				logger.Error("CRD: %q (kind:%q/ plural:%q) has CRs %v deployed in namespace %q not in configured namespaces %v",
 					crd.Name, crd.Spec.Names.Kind, crd.Spec.Names.Plural, crNames, namespace, configNamespaces)
 				// Initialize this map dimension before use
 				if invalidCrs[crd.Name] == nil {
@@ -96,7 +96,7 @@ func GetInvalidCRsNum(invalidCrs map[string]map[string][]string, logger *log.Log
 	for crdName, namespaces := range invalidCrs {
 		for namespace, crNames := range namespaces {
 			for _, crName := range crNames {
-				logger.Error("crName=%s namespace=%s is invalid (crd=%s)", crName, namespace, crdName)
+				logger.Error("crName=%q namespace=%q is invalid (crd=%q)", crName, namespace, crdName)
 				invalidCrsNum++
 			}
 		}

diff --git a/cnf-certification-test/accesscontrol/resources/resources.go b/cnf-certification-test/accesscontrol/resources/resources.go
@@ -5,36 +5,36 @@ import (
 	"github.com/test-network-function/cnf-certification-test/pkg/provider"
 )
 
-func HasRequestsAndLimitsSet(cut *provider.Container) bool {
+func HasRequestsAndLimitsSet(cut *provider.Container, logger *log.Logger) bool {
 	passed := true
 	// Parse the limits.
 	if len(cut.Resources.Limits) == 0 {
-		log.Debug("Container has been found missing resource limits: %s", cut.String())
+		logger.Error("Container %q has been found missing resource limits", cut)
 		passed = false
 	} else {
 		if cut.Resources.Limits.Cpu().IsZero() {
-			log.Debug("Container has been found missing CPU limits: %s", cut.String())
+			logger.Error("Container %q has been found missing CPU limits", cut)
 			passed = false
 		}
 
 		if cut.Resources.Limits.Memory().IsZero() {
-			log.Debug("Container has been found missing memory limits: %s", cut.String())
+			logger.Error("Container %q has been found missing memory limits", cut)
 			passed = false
 		}
 	}
 
 	// Parse the requests.
 	if len(cut.Resources.Requests) == 0 {
-		log.Debug("Container has been found missing resource requests: %s", cut.String())
+		logger.Error("Container %q has been found missing resource requests", cut)
 		passed = false
 	} else {
 		if cut.Resources.Requests.Cpu().IsZero() {
-			log.Debug("Container has been found missing CPU requests: %s", cut.String())
+			logger.Error("Container %q has been found missing CPU requests", cut)
 			passed = false
 		}
 
 		if cut.Resources.Requests.Memory().IsZero() {
-			log.Debug("Container has been found missing memory requests: %s", cut.String())
+			logger.Error("Container %q has been found missing memory requests", cut)
 			passed = false
 		}
 	}

diff --git a/cnf-certification-test/accesscontrol/resources/resources_test.go b/cnf-certification-test/accesscontrol/resources/resources_test.go
@@ -76,8 +76,10 @@ func TestHasRequestsAndLimitsSet(t *testing.T) {
 		},
 	}
 
+	var logArchive strings.Builder
+	log.SetupLogger(&logArchive, "INFO")
 	for _, tc := range testCases {
-		assert.Equal(t, tc.expectedResult, HasRequestsAndLimitsSet(tc.testContainer))
+		assert.Equal(t, tc.expectedResult, HasRequestsAndLimitsSet(tc.testContainer, log.GetLogger()))
 	}
 }
 

diff --git a/cnf-certification-test/accesscontrol/securitycontextcontainer/securitycontextcontainer.go b/cnf-certification-test/accesscontrol/securitycontextcontainer/securitycontextcontainer.go
@@ -289,18 +289,15 @@ func checkContainerCategory(containers []corev1.Container, containerSCC Containe
 	for j := 0; j < len(containers); j++ {
 		cut := &provider.Container{Podname: podName, Namespace: nameSpace, Container: &containers[j]}
 		percontainerSCC := GetContainerSCC(cut, containerSCC)
-		log.Debug("containerSCC %s is %+v", cut, percontainerSCC)
 		// after building the containerSCC need to check to which category it is
 		categoryinfo = PodListCategory{
 			Containername: cut.Name,
 			Podname:       podName,
 			NameSpace:     nameSpace,
 		}
 		if compareCategory(&Category1, &percontainerSCC, CategoryID1) {
-			log.Debug("Testing if pod belongs to category1 ")
 			categoryinfo.Category = CategoryID1
 		} else if compareCategory(&Category1NoUID0, &percontainerSCC, CategoryID1NoUID0) {
-			log.Debug("Testing if pod belongs to category1NoUID0 ")
 			categoryinfo.Category = CategoryID1NoUID0
 		} else if compareCategory(&Category2, &percontainerSCC, CategoryID2) {
 			categoryinfo.Category = CategoryID2