-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding timeout vault option and better error handling #5
Changes from 2 commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
package vault | ||
|
||
import ( | ||
"context" | ||
"errors" | ||
"fmt" | ||
"net" | ||
"net/url" | ||
"os" | ||
"strings" | ||
"syscall" | ||
) | ||
|
||
// Error is the custom error type for this package | ||
type Error struct { | ||
MessageParts []string | ||
OriginalError error | ||
} | ||
|
||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Might want to add a String() func to this so if someone outputs it in a log things look correct. https://tour.golang.org/methods/17 |
||
// Error returns the error string | ||
func (verr Error) Error() string { | ||
return fmt.Sprintf("Vault Error: %s", strings.Join(verr.MessageParts, "; ")) | ||
} | ||
|
||
// parseError parses known errors into more user-friendly messages | ||
func (v *Vault) parseError(err error) Error { | ||
|
||
var verr Error | ||
verr.OriginalError = err | ||
|
||
// Catch some known HTTP errors | ||
if uerr, ok := err.(*url.Error); ok { | ||
if oerr, ok := uerr.Err.(*net.OpError); ok { | ||
if addr, ok := oerr.Addr.(*net.TCPAddr); ok { | ||
if addr.IP.String() == "127.0.0.1" { | ||
verr.MessageParts = append(verr.MessageParts, "Vault appears to be connecting to localhost, ensure correct Vault address is set") | ||
} | ||
} | ||
|
||
if serr, ok := oerr.Err.(*os.SyscallError); ok { | ||
if serr.Err == syscall.ECONNREFUSED { | ||
verr.MessageParts = append(verr.MessageParts, "Connection Refused") | ||
} | ||
} | ||
} | ||
} | ||
|
||
if err == context.DeadlineExceeded { | ||
verr.MessageParts = append(verr.MessageParts, fmt.Sprintf("Timeout connecting after %v seconds. Ensure connectivity to Vault.", v.config.Timeout)) | ||
} | ||
|
||
verr.MessageParts = append(verr.MessageParts, fmt.Sprintf("%v", err)) | ||
|
||
return verr | ||
} | ||
|
||
// newError returns a new error based on a given string | ||
func (v *Vault) newError(msg string) Error { | ||
return v.parseError(errors.New(msg)) | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,6 @@ | ||
package vault | ||
|
||
import ( | ||
"errors" | ||
"path/filepath" | ||
) | ||
|
||
|
@@ -11,17 +10,17 @@ func (v *Vault) GetSecretKey(path string, key string) (string, error) { | |
|
||
secret, err := v.client.Logical().Read(path) | ||
if err != nil { | ||
return "", err | ||
return "", v.parseError(err) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I would assume you want to return Error (or whatever we might change it too) so if someone wants to handle it a different way farther down (say another stimpack calling it) they would not have to see if its castable. |
||
} | ||
|
||
// If we got back an empty response, fail | ||
if secret == nil { | ||
return "", errors.New("Could not find secret `" + path + "`") | ||
return "", v.newError("Could not find secret `" + path + "`") | ||
} | ||
|
||
// If the provided key doesn't exist, fail | ||
if secret.Data[key] == nil { | ||
return "", errors.New("Vault: Could not find key `" + key + "` for secret `" + path + "`") | ||
return "", v.newError("Vault: Could not find key `" + key + "` for secret `" + path + "`") | ||
} | ||
|
||
return secret.Data[key].(string), nil | ||
|
@@ -33,12 +32,12 @@ func (v *Vault) GetSecretKeys(path string) (map[string]string, error) { | |
|
||
secret, err := v.client.Logical().Read(path) | ||
if err != nil { | ||
return nil, err | ||
return nil, v.parseError(err) | ||
} | ||
|
||
// If we got back an empty response, fail | ||
if secret == nil { | ||
return nil, errors.New("Could not find secret `" + path + "`") | ||
return nil, v.newError("Could not find secret `" + path + "`") | ||
} | ||
|
||
// Loop through and get all the keys | ||
|
@@ -57,12 +56,12 @@ func (v *Vault) ListSecrets(path string) ([]string, error) { | |
|
||
secret, err := v.client.Logical().List(path) | ||
if err != nil { | ||
return nil, err | ||
return nil, v.parseError(err) | ||
} | ||
|
||
// If we got back an empty response, fail | ||
if secret == nil { | ||
return nil, errors.New("Could not find secret `" + path + "`") | ||
return nil, v.newError("Could not find secret `" + path + "`") | ||
} | ||
|
||
// Loop through and get all the keys | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Feel like this should be named something more specific, to easy to confuse error and Error and mismatch them. I would say something like StimError, or even StimVaultError