feat: Omit specific headers by default

[ConradLang]

Purpose

Alternative to #84

Pino has a limitation where you can either redact or remove specified redact.paths by setting redact.remove to true or false.

In some cases, it's reasonable to want to redact some properties e.g. headers.authorization so you know that you have an authorization header but in other cases, the header, e.g. x-envoy-peer-metadata only contributes to increasing the log message size and therefore cost.

To reduce costs, we should be able to remove the properties that are not relevant for diagnostic purposes.

Approach

• Properties containing headers that should be omitted were identified via this Splunk query over 1 business day:

  index="*" 
  | fields *x-envoy-*
  | fieldsummary
  | rex mode=sed field=values "s~\[?\{\"value\":\"~~g
    s~\",\"count\":\d+\}[,\]]*~~g"
  | eval avgBytes=round(len(values)/distinct_count,0), totalMiB=avgBytes*count/1024/1024
  | table field, count, distinct_count, avgBytes, totalMiB
  | sort 0 -totalMiB
  

  • The headers are typically under req, headers, and requestHeader properties.

• Added defaultOmitHeaderNames which is a list of header names to omit.

  export const defaultOmitHeaderNames = [
    'x-envoy-attempt-count',
    'x-envoy-decorator-operation',
    'x-envoy-expected-rq-timeout-ms',
    'x-envoy-external-address',
    'x-envoy-internal',
    'x-envoy-peer-metadata',
    'x-envoy-peer-metadata-id',
  ];

• Add a omitHeaderNames logger option that defaults to the defaultOmitHeaderNames. If a consumer wants to opt out, they can supply an empty list or their own list instead.

• A headers custom serializer omits the specified headers from the headers property of the logged object.

• The existing req custom serializer also omits the specified headers from the req.headers property of the logged object.

Notes

💡 It may be helpful to review commit-by-commit.

Answers from discussion with @72636c

1. ✅ What's the risk classification for this change since it affects much of SEEK?
   Minimal Risk based on this being "...business critical given it ladders up to a citizenship ask (cost savings), has limited risk (only removes headers from logs that you’ve de-risked, pending point 3), and it’s still up to individual team discretion to review & choose to merge the version bump".
2. ✅ There is no reqHeaders custom serializer so some guidance around this is needed. We could add this as it would be a clone of the headers custom serializer.
   Since reqHeaders is produced by two services of one team, we will not be adding a specific custom serializer.
3. ✅ Still following up with cloud platform team on these headers.
   Cloud platform team is ok with this change and has had a look at this PR.
4. ✅ Is it ok to remove the default export from serializers since it isn't used internally and I don't think it's accessible via e.g. import serializers from '@seek/logger/lib-commonjs/serializers'.
   Removed default export from serializers.

Issues

Relates to #83 but does not resolve it.

[ConradLang]

Is the release summary format ok?
I'm not sure what it will look like in the release notes.

[72636c]

My assumption is that this is overall cheaper than re-spreading the object on every iteration

[ConradLang]

Delete seems the fastest; thanks for showing me this.

Tested in TS Playground

[72636c]

My thinking is that we don't need to be quite this defensive, because the only variable input to createOmitPropertiesSerializer is omitHeaderNames, and that should be statically defined and type checked in the consumer repo.

By contrast it makes sense to be defensive when serializing an arbitrary logging object as we don't have any type guarantees around that.

[ConradLang]

I don't mind this change since as you say they're meant to be statically defined and type-checked.

My thoughts were that it's done on initialisation and cleansing external inputs is just automatic (since you can cast as unknown as ExpectedType) so wasn't expensive anyway.

[72636c]

Thanks a bunch for your patience on this one, it looks great 🙌

I've made a few hopefully uncontroversial tweaks to the implementation. Let me know if you'd like me to run through any of these or if you feel any are regressions.

Otherwise I'll aim to merge this in and cut a release tomorrow.

[72636c]

Just noting this limitation here; we can also surface in the changeset or README if you think it necessary.

I assume we are comfortable with this for now; we can weigh up the cost of lowercasing the property names if it turns out to be an issue.

[ConradLang]

@72636c : I'm happy with the changes and learnt a few things too.

Thanks for your review and updates!