ratify icon indicating copy to clipboard operation
ratify copied to clipboard
verified publisher icon ratify-project

Support dynamically enabling Ratify debug logs

Open FeynmanZhou opened this issue 2 years ago • 0 comments

What would you like to be added?

When running Ratify on Kubernetes, users need to configure the logger by changing its logger.level from level: "info" to level: "debug" in the values,yaml of Ratify Helm Chart. This option allows users to enable the debug mode and see more detailed debug logs from Ratify Pod.

I already installed Ratify v1.0.0 with Helm. However, this change requires to restart Ratify Pod to take effect after updating the configuration in Helm. Restarting Ratify to enable debug logs is painful for users and may exist a security risk. As an admission controller, Ratify theoretically is recommended to be restarted or paused, otherwise non-compliant deployments will be deployed in that short time window.

I would request Ratify to support dynamically enabling Ratify debug logs without restarting the Ratify Pod.

Anything else you would like to add?

It might be good to consider making this configuration option as CRD.

Are you willing to submit PRs to contribute to this feature?

  • [ ] Yes, I am willing to implement it.

FeynmanZhou avatar Oct 24 '23 02:10 FeynmanZhou