use staging, add logging

.github/workflows/build.yaml

@@ -20,7 +20,6 @@ jobs:
         with:
           images: |
             us-central1-docker.pkg.dev/pomerium-public-stg/jit-example/jit-example
-            us-central1-docker.pkg.dev/pomerium-public-prd/jit-example/jit-example
           tags: |
             type=sha
             type=raw,value=latest,enable={{is_default_branch}}

server.go

@@ -19,21 +19,24 @@ func serve(ctx context.Context) error {
 	log.Info().Str("addr", addr).Msg("starting http server")
 
 	mux := http.NewServeMux()
-	mux.HandleFunc("GET /", handleIndex)
-	mux.HandleFunc("POST /request-access", handleRequestAccess)
-
-	mux.HandleFunc("GET /admin", handleAdmin)
 	mux.HandleFunc("POST /admin/approve-access", handleAdminApproveAccess)
 	mux.HandleFunc("POST /admin/revoke-access", handleAdminRevokeAccess)
+	mux.HandleFunc("GET /admin", handleAdmin)
+
+	mux.HandleFunc("POST /request-access", handleRequestAccess)
+	mux.HandleFunc("GET /", handleIndex)
 
 	authMiddleware, err := newAuthMiddleware(config.jwksEndpoint)
 	if err != nil {
 		return fmt.Errorf("error creating auth middleware: %w", err)
 	}
 
+	loggingMiddleware := newLoggingMiddleware()
+
+	h := authMiddleware(loggingMiddleware(mux))
 	srv := http.Server{
 		Addr:    addr,
-		Handler: authMiddleware(mux),
+		Handler: h,
 	}
 	context.AfterFunc(ctx, func() {
 		shutdownContext, clearTimeout := context.WithTimeout(context.Background(), time.Second*5)
@@ -43,6 +46,15 @@ func serve(ctx context.Context) error {
 	return srv.ListenAndServe()
 }
 
+func newLoggingMiddleware() func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			log.Info().Str("method", r.Method).Str("path", r.URL.Path).Msg("http request")
+			next.ServeHTTP(w, r)
+		})
+	}
+}
+
 func newAuthMiddleware(jwksEndpoint string) (func(http.Handler) http.Handler, error) {
 	verifier, err := sdk.New(&sdk.Options{
 		JWKSEndpoint: jwksEndpoint,