From d0cb902554076c51c2887f558710528f4aed66b2 Mon Sep 17 00:00:00 2001
From: Fanni1993 <fanni1492@gmail.com>
Date: Thu, 17 Jun 2021 13:57:56 +0200
Subject: [PATCH] Add logger remove remained fmt.Printf

---
 .../lambda/request_cert/main.go                  | 16 ++++++++++++++--
 venafi-snowflake-connector/lambda/utils/auth.go  |  6 +++---
 2 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/venafi-snowflake-connector/lambda/request_cert/main.go b/venafi-snowflake-connector/lambda/request_cert/main.go
index 0e6d490..bb1aeab 100644
--- a/venafi-snowflake-connector/lambda/request_cert/main.go
+++ b/venafi-snowflake-connector/lambda/request_cert/main.go
@@ -5,6 +5,7 @@ import (
 	"crypto/x509/pkix"
 	"encoding/json"
 	"fmt"
+	"os"
 	"strings"
 
 	"github.com/Venafi/vcert/v4"
@@ -32,6 +33,8 @@ type SnowFlakeType struct {
 
 func RequestCert(ctx context.Context, request events.APIGatewayProxyRequest) (events.APIGatewayProxyResponse, error) {
 
+	log.AddTarget(os.Stdout, log.LevelDebug)
+
 	var dataForRequestCert VenafiConnectorConfig
 	var snowflakeData SnowFlakeType
 	err := json.Unmarshal([]byte(request.Body), &snowflakeData)
@@ -43,12 +46,16 @@ func RequestCert(ctx context.Context, request events.APIGatewayProxyRequest) (ev
 		}, nil
 	}
 
+	// Parse parameters sent by Snowflake from Lambda Event
 	dataForRequestCert.TppURL = fmt.Sprintf("%v", snowflakeData.Data[0][1])
 	dataForRequestCert.DNSName = fmt.Sprintf("%v", snowflakeData.Data[0][2]) // TODO: UPN, DNS should allow multiple values
 	dataForRequestCert.Zone = fmt.Sprintf("%v", snowflakeData.Data[0][3])
 	dataForRequestCert.UPN = fmt.Sprintf("%v", snowflakeData.Data[0][4])
 	dataForRequestCert.CommonName = fmt.Sprintf("%v", snowflakeData.Data[0][5])
 
+	log.Infof("Finished parse parameters from event object")
+
+	// Get access token from S3. If access token is expired, generate a new one.
 	accessToken, err := utils.GetAccessToken(dataForRequestCert.TppURL)
 	if err != nil {
 		log.Errorf("Failed to get accesss token: %s", err)
@@ -58,6 +65,8 @@ func RequestCert(ctx context.Context, request events.APIGatewayProxyRequest) (ev
 		}, nil
 	}
 
+	log.Info("Got valid access token from S3")
+
 	config := &vcert.Config{
 		ConnectorType: endpoint.ConnectorTypeTPP,
 		BaseUrl:       dataForRequestCert.TppURL,
@@ -65,7 +74,7 @@ func RequestCert(ctx context.Context, request events.APIGatewayProxyRequest) (ev
 		Credentials: &endpoint.Authentication{
 			AccessToken: accessToken},
 	}
-
+	// Create a new Connector for Venafi API calls
 	c, err := vcert.NewClient(config)
 	if err != nil {
 		log.Errorf("Failed to connect to endpoint: %s", err)
@@ -84,7 +93,6 @@ func RequestCert(ctx context.Context, request events.APIGatewayProxyRequest) (ev
 		UPNs:     []string{dataForRequestCert.UPN},
 		DNSNames: []string{dataForRequestCert.DNSName},
 	}
-
 	err = c.GenerateRequest(nil, enrollReq)
 	if err != nil {
 		log.Errorf("Failed to generate request: %v ", err)
@@ -94,6 +102,8 @@ func RequestCert(ctx context.Context, request events.APIGatewayProxyRequest) (ev
 		}, nil
 	}
 
+	log.Info("Generate request was successful")
+	// Request a new certificate using Venafi API
 	requestID, err := c.RequestCertificate(enrollReq)
 	if err != nil {
 		log.Errorf("Failed to request certificate:: %v ", err)
@@ -103,7 +113,9 @@ func RequestCert(ctx context.Context, request events.APIGatewayProxyRequest) (ev
 		}, nil
 	}
 	log.Infof("Certificate request was successful. RequestID is: %s", requestID)
+
 	escaped_requestID := strings.Replace(fmt.Sprintf("%v", requestID), "\\", "\\\\", -1)
+	// Transform data to a form which is readable by Snowflake
 	return events.APIGatewayProxyResponse{ // Success HTTP response
 		Body:       fmt.Sprintf("{'data': [[0, '%v']]}", escaped_requestID),
 		StatusCode: 200,
diff --git a/venafi-snowflake-connector/lambda/utils/auth.go b/venafi-snowflake-connector/lambda/utils/auth.go
index a1c2452..ba7a594 100644
--- a/venafi-snowflake-connector/lambda/utils/auth.go
+++ b/venafi-snowflake-connector/lambda/utils/auth.go
@@ -105,7 +105,7 @@ func GetNewAccessToken(single_credential_for_tpp map[string]string) *map[string]
 
 	new_creds, err := c.RefreshAccessToken(&auth)
 	if err != nil {
-		fmt.Printf("err: %v", err.Error())
+		log.Errorf("err: %v", err.Error())
 		return nil
 	}
 	single_credential_for_tpp["access_token"] = new_creds.Access_token
@@ -138,9 +138,9 @@ func getCredentials(filename, bucket, zone string) ([]byte, error) {
 		Key:    aws.String(filename),
 	})
 	if err != nil {
-		fmt.Printf("Failed to get credentials: %v", err)
+		log.Errorf("Failed to get credentials: %v", err)
 		return []byte{}, fmt.Errorf("failed to get credentials, %v", err)
 	}
-	fmt.Printf("file downloaded, %d bytes\n", n)
+	log.Debugf("file downloaded, %d bytes\n", n)
 	return buff.Bytes(), nil
 }