[log] log(envutil): add debug logging to env var parse fallbacks#3825
[log] log(envutil): add debug logging to env var parse fallbacks#3825
Conversation
Add a debug logger to internal/envutil/envutil.go to surface misconfiguration earlier. The logger emits a debug message whenever an environment variable is set but cannot be used (invalid integer, unparseable duration, unrecognized boolean value), helping operators quickly identify why a configured value is being silently ignored. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Adds targeted debug logging in internal/envutil to surface invalid environment variable values (set-but-unusable) when parsing ints, durations, and booleans, helping operators detect misconfiguration earlier.
Changes:
- Introduce a package-level
envutil:envutildebug logger. - Emit debug logs when
GetEnvInt,GetEnvDuration, orGetEnvBoolfall back due to invalid (or non-positive) values.
Show a summary per file
| File | Description |
|---|---|
| internal/envutil/envutil.go | Adds a logger and fallback debug logs for type-converting env helpers. |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comments suppressed due to low confidence (2)
internal/envutil/envutil.go:46
- These debug logs include the full env var value in the message. To avoid leaking secrets into stderr/log files, consider sanitizing/truncating envValue before logging (the repo already uses internal/logger/sanitize for env vars in other places).
}
logEnvUtil.Printf("GetEnvDuration: %s=%q is not a valid positive duration, using default=%v", envKey, envValue, defaultValue)
}
internal/envutil/envutil.go:64
- This log line emits the raw environment variable value. To reduce the risk of secret exposure (and because debug logs are also written to the file logger), consider sanitizing/truncating envValue before including it in the log message.
}
logEnvUtil.Printf("GetEnvBool: %s=%q is not a recognized boolean value, using default=%v", envKey, envValue, defaultValue)
}
- Files reviewed: 1/1 changed files
- Comments generated: 2
| } | ||
| logEnvUtil.Printf("GetEnvInt: %s=%q is not a valid positive integer, using default=%d", envKey, envValue, defaultValue) | ||
| } |
There was a problem hiding this comment.
These debug logs print the raw environment variable value (%q). Since Logger.Printf also forwards to the file logger, this can persist potentially sensitive values if a secret-like env var is accidentally parsed via GetEnvInt. Consider sanitizing/truncating the value before logging (e.g., using internal/logger/sanitize helpers).
This issue also appears in the following locations of the same file:
- line 44
- line 62
| if d, err := time.ParseDuration(envValue); err == nil && d > 0 { | ||
| return d | ||
| } | ||
| logEnvUtil.Printf("GetEnvDuration: %s=%q is not a valid positive duration, using default=%v", envKey, envValue, defaultValue) |
There was a problem hiding this comment.
The doc comment says GetEnvDuration falls back only when unset/empty or ParseDuration fails, but the implementation also requires d > 0 (and the new log message refers to a “positive duration”). Update the comment to mention that zero/negative durations also fall back to defaultValue.
Address review feedback: 1. Sanitize raw env values using sanitize.TruncateSecret() in all 3 debug log lines (GetEnvInt, GetEnvDuration, GetEnvBool). Env vars could contain secrets, and debug logs are also written to the file logger, so full values should never be persisted. 2. Update GetEnvDuration doc comment to mention that zero/negative durations also fall back to defaultValue (matching the d > 0 condition in the code and the existing GetEnvInt doc pattern). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Review + FixesEvaluated the Copilot review and pushed fixes in Addressed
Own review notesThe PR itself is clean and well-targeted:
|
Summary
Adds debug logging to
internal/envutil/envutil.goto surface misconfiguration earlier.What changed
Added
var logEnvUtil = logger.New("envutil:envutil")and three targetedlogEnvUtil.Printfcalls — one in each type-converting function — that fire only when an environment variable is set but unusable:GetEnvIntGetEnvDurationGetEnvBool1/true/yes/on/0/false/no/off)The
GetEnvStringfunction is intentionally not logged — it has no parse step and adding a log there would be too noisy.Why
When an operator sets e.g.
MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD=512k(an invalid integer), the gateway silently falls back to the default with no indication of what happened. With this change, enablingDEBUG=envutil:*reveals the problem immediately:Quality checklist
var logEnvUtil = logger.New("envutil:envutil"))pkg:filenameconvention (matcheslogGitHub/logExpandin the same package)