Lint against unwrap/expect

src/auth/backends.rs

@@ -124,7 +124,10 @@ impl ValidateLogin for LdapBackend {
         event!(Level::TRACE, ?search_results, "Got raw search results");
 
         let search_entry = match search_results.len() {
-            1 => SearchEntry::construct(search_results.into_iter().next().unwrap()),
+            1 => {
+                #[allow(clippy::unwrap_used)] // we just checked the length is 1
+                SearchEntry::construct(search_results.into_iter().next().unwrap())
+            }
             0 => {
                 event!(Level::WARN, "No matching LDAP user found");
                 return Err(AuthenticationError::InvalidUserOrPassword);

src/auth/mod.rs

@@ -168,6 +168,7 @@ impl ServerPadlockGenerator {
 
     #[instrument]
     pub fn generate_padlock(&self, server_hash: &ServerHash) -> ServerPadlock {
+        #[allow(clippy::expect_used)]
         let mut hmac: Hmac<Sha256> = Hmac::new_from_slice(self.secret.0.expose_secret())
             .expect("HMAC should accept key of any length");
 
@@ -207,6 +208,7 @@ impl UserServerKeyGenerator {
 
         let padlock = self.padlock_generator.generate_padlock(server_hash);
 
+        #[allow(clippy::expect_used)]
         let timestamp = OffsetDateTime::now_utc()
             .format(format_description!(
                 "[year repr:last_two][month][day][hour repr:24][minute][second]"

src/main.rs

@@ -16,7 +16,12 @@
    along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 
-#![warn(clippy::pedantic, clippy::as_conversions)]
+#![warn(
+    clippy::pedantic,
+    clippy::as_conversions,
+    clippy::unwrap_used, // allow case by case, add comment explaining why panic can't happen
+    clippy::expect_used // allow case by case, expect message should be self-explanatory
+)]
 #![forbid(unsafe_code)]
 
 mod auth;
@@ -25,7 +30,7 @@ mod db;
 mod secrets;
 mod server;
 
-use std::{path::PathBuf, sync::Arc};
+use std::{env, path::PathBuf, sync::Arc};
 
 use auth::{
     AuthenticationBackend, ServerPadlockGenerator, UserAuthenticator, UserServerKeyGenerator,
@@ -35,17 +40,30 @@ use color_eyre::{eyre::Context, Result};
 use config::Config;
 use db::{Database, SqliteDatabase};
 use tokio::sync::Mutex;
-use tracing::{event, instrument, Level};
+use tracing::{event, instrument, level_filters::LevelFilter, Level};
 use tracing_error::ErrorLayer;
 use tracing_subscriber::{layer::SubscriberExt, util::SubscriberInitExt, EnvFilter};
 
 #[instrument]
 fn init() -> Result<()> {
+    const FILTER_ENV_VAR: &str = EnvFilter::DEFAULT_ENV;
+
     color_eyre::install()?;
 
-    let filter_layer = EnvFilter::try_from_default_env()
-        .or_else(|_| EnvFilter::try_new("info"))
-        .unwrap();
+    let mut filter_error = None;
+    let filter_layer = EnvFilter::builder()
+        .with_env_var(FILTER_ENV_VAR)
+        .try_from_env()
+        .unwrap_or_else(|e| {
+            // sure would be nice if the error type was useful
+            if env::var_os(FILTER_ENV_VAR).is_some() {
+                filter_error = Some(e);
+            }
+
+            EnvFilter::builder()
+                .with_default_directive(LevelFilter::INFO.into())
+                .parse_lossy("")
+        });
     let fmt_layer = tracing_subscriber::fmt::layer().with_target(true);
 
     tracing_subscriber::registry()
@@ -54,6 +72,14 @@ fn init() -> Result<()> {
         .with(ErrorLayer::default())
         .init();
 
+    if let Some(e) = filter_error {
+        event!(
+            Level::WARN,
+            error = %e,
+            r#"Tracing filter env variable `{FILTER_ENV_VAR}` contained invalid data, falling back to "info""#
+        );
+    }
+
     Ok(())
 }