LOG-6863: safety parsing/read fields to avoid messing data in log event

[vparfonov]

Description

This PR addresses an issue where data in a Syslog log event could become corrupted after a merge operation. Such behavior can lead to unpredictable and hard-to-diagnose issues.

The fix involves parsing and merging data into a temporary value, from which the necessary information is extracted. This ensures that the original log event remains structured and valid.

/cc
/assign

Links

• Depending on PR(s):
• GitHub issue:
• JIRA:
• Enhancement proposal:

[openshift-ci-robot]

@vparfonov: This pull request references LOG-6863 which is a valid jira issue.

In response to this:

Description

/cc
/assign

Links

• Depending on PR(s):
• GitHub issue:
• JIRA:
• Enhancement proposal:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: vparfonov
Once this PR has been reviewed and has the lgtm label, please assign xperimental for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci-robot]

@vparfonov: This pull request references LOG-6863 which is a valid jira issue.

In response to this:

Description

This PR addresses an issue where data in a Syslog log event could become corrupted after a merge operation. Such behavior can lead to unpredictable and hard-to-diagnose issues.

The fix involves parsing and merging data into a temporary value, from which the necessary information is extracted. This ensures that the original log event remains structured and valid.

/cc
/assign

Links

• Depending on PR(s):
• GitHub issue:
• JIRA:
• Enhancement proposal:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[vparfonov]

/test all

[jcantrill]

This means we will only test this package and none of the others

[vparfonov]

I add this for fast testing

[jcantrill]

removing this dependency means we never compile the dev tool

[jcantrill]

Is it possible for "value" to be nil since its a pointer? Do we need to ensure it's non-nil? why do we need to pass a pointer string?

[vparfonov]

The pointer we use to set the field in struct if need

[jcantrill]

I missing the intent of this section:

• parse message to temp
• error we set temp to the log event
• non error we set temp to the merge of the message and the log event
• set field parsed_msg

we do not appear to do anything with the parsed_msg so we do any of this?

[vparfonov]

yes you are right here in this case it will not be used because will use default value, need to improve this part

[vparfonov]

see here: https://github.com/openshift/cluster-logging-operator/pull/3031/files#diff-5e163a7c0a921d0cadf304f92028d479584c00e484e1cd2204d718ebd7ee6975R33

[vparfonov]

By the way we can remove default calculation if value configured

[vparfonov]

/test all

[vparfonov]

/retest

[openshift-ci]

@vparfonov: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.