Feat/har capture and logger improvements

[moshloop]

Summary by CodeRabbit

Release Notes

• New Features

  • Added HAR (HTTP Archive) capture support to record and export detailed HTTP request/response data, including automated redaction of sensitive headers and credentials.
  • Added redirect policy configuration to control maximum redirects.

• Improvements

  • Enhanced sensitive data redaction with improved masking of authorization headers and authentication credentials.
  • Logs now consistently output to stderr.

• Chores

  • Updated multiple dependencies to latest stable versions.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1b2ed21 and 00e7a54.

⛔ Files ignored due to path filters (2)

• cmd/hx/go.sum is excluded by !**/*.sum
• go.sum is excluded by !**/*.sum

📒 Files selected for processing (22)

• .github/workflows/release.yml
• .gitignore
• Makefile
• cmd/hx/.gitignore
• cmd/hx/Makefile
• cmd/hx/fixtures/hx.md
• cmd/hx/go.mod
• cmd/hx/hx_integration_test.go
• cmd/hx/root.go
• go.mod
• har/collector.go
• har/collector_test.go
• har/har.go
• har/middleware.go
• har/middleware_test.go
• http/client.go
• http/middlewares/oauth.go
• logger/default.go
• logger/sanitize.go
• logger/sanitize_test.go
• logger/slog.go
• logger/slog_test.go

---

Walkthrough

This PR introduces HAR (HTTP Archive) capture capabilities to the HTTP client infrastructure, enabling request/response logging in standardized format. Changes include new HAR data models, middleware for capturing HTTP details, CLI integration via --har flag, and supporting updates to fixtures, logging sanitization, and dependencies.

Changes

Cohort / File(s)	Summary
HAR Core Implementation har/har.go, har/middleware.go, har/collector.go	Introduces HAR 1.2 data structures (File, Log, Entry, Request, Response), configuration with content-type filtering and body size limits, middleware for intercepting HTTP traffic and capturing requests/responses with sensitive header redaction, and concurrent-safe collector for accumulating entries with handler callbacks.
HAR Tests har/collector_test.go, har/middleware_test.go	Comprehensive test coverage for HAR collector (multi-request accumulation, retries, redirects, OAuth flows, token redaction) and middleware (capture behavior, header/cookie redaction, body truncation, content-type filtering).
HTTP Client HAR Integration http/client.go, http/middlewares/oauth.go	Adds HAR support to Client with new HAR(), HARWithConfig(), and HARCollector() methods; integrates HAR middleware into OAuth token flow via configurable TokenTransport for capturing token requests.
CLI HAR Support cmd/hx/root.go	Implements --har flag to enable HAR capture; constructs HAR collector when flag is set, writes HAR output to stdout or file after requests complete, and integrates with error handling paths.
Fixtures and Integration Tests cmd/hx/fixtures/hx.md, cmd/hx/hx_integration_test.go	Updates fixture table schema from 3-column (Name, Args, CEL Validation) to 4-column (Name, ExitCode, Args, CEL Validation) format with revised command formatting; replaces earlier HTTP client integration tests with HAR-based tests that validate HAR file structure and token redaction.
Build System Makefile, cmd/hx/Makefile, cmd/hx/.gitignore, .gitignore	Adds top-level build and install targets delegating to cmd/hx; introduces fixtures target in cmd/hx for generating test fixtures; ignores .ginkgo, testdata/, and \*.har files.
Logger Improvements logger/default.go, logger/sanitize.go, logger/sanitize_test.go, logger/slog.go	Removes deprecated LogToStderr flag from public Flags type; adds PrintableSecret function for obfuscated secret representation; expands SensitiveKeys to include "authorization"; enforces logging to stderr unconditionally.
Dependency Updates cmd/hx/go.mod, go.mod	Bumps multiple dependencies including cobra, Kubernetes modules, OpenTelemetry, and cel-related packages; updates flanksource/commons to v1.46.1; numerous indirect transitive version updates.
CI/CD .github/workflows/release.yml	Updates upload-artifact action to different version hash while preserving input parameters.

Sequence Diagram

sequenceDiagram
    participant Client as Client Code
    participant HAR as HAR Middleware
    participant RoundTripper as HTTP Transport
    participant Server as HTTP Server
    participant Collector as HAR Collector

    Client->>HAR: Send HTTP Request
    HAR->>HAR: Record Timestamp<br/>Build Request Object
    HAR->>RoundTripper: Execute Request
    RoundTripper->>Server: Send Request
    Server-->>RoundTripper: Send Response
    HAR->>HAR: Capture Response<br/>Build Response Object<br/>Read Body (respecting maxSize)
    HAR->>HAR: Redact Sensitive Headers<br/>Build Timings
    HAR->>Collector: Handler(HAR Entry)
    Collector->>Collector: Thread-safe Add Entry<br/>to entries slice
    HAR-->>Client: Return Response

Loading

Possibly related PRs

• flanksource/commons#289: Extends HTTP Client with additional logging-related fields/methods similar to this PR's HAR integration into the same Client type.

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/har-capture-and-logger-improvements

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🎉 This PR is included in version 1.47.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀