fail gracefully on inspec compliance profiles when bad token is provided #930

vjeffrey · 2016-08-17T16:18:25Z

just a quick fix to handle inspec compliance profiles when an incorrect token has been previously provided.

@chris-rock

stevendanna · 2016-08-17T16:28:11Z

lib/bundles/inspec-compliance/api.rb

@@ -36,6 +36,7 @@ def self.profiles(config)
          end
        end.flatten
      else
+        puts '401 Unauthorized. Please check your token.'


Are we sure the only case where data == '' is a 401? My first impression when reading this code is that I'm a bit surprised that this isn't a case statement on the http response code. Also, if possible it feels like this is a case where we would want to exit with a non-zero exit status.

good point, thanks!! ya, i'll rework this a bit later -- a case statement on the http response code sounds like the right thing to do there

agree with @stevendanna we should check the http code

chris-rock · 2016-08-17T23:28:56Z

lib/bundles/inspec-compliance/api.rb

        puts '401 Unauthorized. Please check your token.'
        []
+      else
+        puts response_code


We should add a message that indicates an error. I assume most users do not know http codes by heart ;-)

oops, ya! i'll add it :)

vjeffrey · 2016-08-17T23:35:44Z

i'm getting some odd travis failures on ubuntu.... :(

vjeffrey · 2016-08-18T00:36:03Z

lib/bundles/inspec-compliance/api.rb

      else
+        puts response_code, 'An error occured'


is this ok? @chris-rock or were you thinking something else/more specific?

I'm not familiar with the compliance API, but response.message will typically be filled with the error message that the server sent back, so you might try something like:

puts "An unexpected error occurred (HTTP #{response_code}): #{response.message}"

Cool idea @stevendanna

In addition to that the API class should not do any output. Only the cli class should do that. therefore we need to return the message as the other methods do it.

Only the cli class should do that. therefore we need to return the message as the other methods do it.

👍 On this. I was going to potentially recommending creating a custom exception that you could raise in the case of an HTTP error. The exception can contain the message the cli class should print on rescue. However, I noticed that this code base stays away from exceptions for the most part.

oooh nice! thanks! i'll add the message stuff and have the api class the return the message so the cli class can take care of the output :)

@stevendanna the whole API implementation needs a refactor, because I want to merge it with the content in our audit cookbook. But lets not address this in that iteration

chef-supermarket added the Signed CLA label Aug 17, 2016

vjeffrey force-pushed the vj/fix-cli-profiles-output-bad-token branch from bcb62f3 to 7a054f0 Compare August 17, 2016 16:19

chef-supermarket added the Signed CLA label Aug 17, 2016

stevendanna reviewed Aug 17, 2016
View reviewed changes

chef-supermarket added the Signed CLA label Aug 17, 2016

chris-rock reviewed Aug 17, 2016
View reviewed changes

vjeffrey force-pushed the vj/fix-cli-profiles-output-bad-token branch from b5d34ee to f1d9650 Compare August 18, 2016 00:32