logger lock should be more granular (#14901)

This PR simplifies few things by splitting the locks between audit, logger targets to avoid potential contention between them. any failures inside audit/logger HTTP targets must only log to console instead of other targets to avoid cyclical dependency. avoids unneeded atomic variables instead uses RWLock to differentiate a more common read phase v/s lock phase.
2025-11-07 21:02:58 -05:00 · 2022-05-12 07:20:58 -07:00
parent 88dd83a365
commit 9341201132
6 changed files with 114 additions and 58 deletions
--- a/internal/logger/audit.go
+++ b/internal/logger/audit.go
@@ -24,7 +24,6 @@ import (
 	"io"
 	"net/http"
 	"strconv"
-	"sync/atomic"
 	"time"

 	"github.com/klauspost/compress/gzhttp"
@@ -158,13 +157,12 @@ func GetAuditEntry(ctx context.Context) *audit.Entry {

 // AuditLog - logs audit logs to all audit targets.
 func AuditLog(ctx context.Context, w http.ResponseWriter, r *http.Request, reqClaims map[string]interface{}, filterKeys ...string) {
-	// Fast exit if there is not audit target configured
-	if atomic.LoadInt32(&nAuditTargets) == 0 {
+	auditTgts := AuditTargets()
+	if len(auditTgts) == 0 {
 		return
 	}

 	var entry audit.Entry
-
 	if w != nil && r != nil {
 		reqInfo := GetReqInfo(ctx)
 		if reqInfo == nil {
@@ -234,7 +232,7 @@ func AuditLog(ctx context.Context, w http.ResponseWriter, r *http.Request, reqCl
 	}

 	// Send audit logs only to http targets.
-	for _, t := range AuditTargets() {
+	for _, t := range auditTgts {
 		if err := t.Send(entry, string(All)); err != nil {
 			LogAlwaysIf(context.Background(), fmt.Errorf("event(%v) was not sent to Audit target (%v): %v", entry, t, err), All)
 		}