Add error logging on lookup failures in the API

Lookup returns generic 404 errors for security reasons. Logging is the only way of debugging any issues during it. Change-Id: I860ed6b90468a403f0f6cdec9c3d84bc872fda06
2023-03-17 13:19:57 +01:00 · 2023-03-17 13:19:57 +01:00 · 21437135ab
commit 21437135ab
parent d2a7afcc74
1 changed files with 5 additions and 1 deletions
--- a/ironic/api/controllers/v1/ramdisk.py
+++ b/ironic/api/controllers/v1/ramdisk.py
@ -131,13 +131,17 @@ class LookupController(rest.RestController):
            else:
                node = objects.Node.get_by_port_addresses(
                    api.request.context, valid_addresses)
-        except exception.NotFound:
+        except exception.NotFound as e:
            # NOTE(dtantsur): we are reraising the same exception to make sure
            # we don't disclose the difference between nodes that are not found
            # at all and nodes in a wrong state by different error messages.
+            LOG.error('No node has been found during lookup: %s', e)
            raise exception.NotFound()

        if CONF.api.restrict_lookup and not self.lookup_allowed(node):
+            LOG.error('Lookup is not allowed for node %(node)s in the '
+                      'provision state %(state)s',
+                      {'node': node.uuid, 'state': node.provision_state})
            raise exception.NotFound()

        if api_utils.allow_agent_token():