From b75a68088c58acecf7c6a0f4d64b9a65802dd4c2 Mon Sep 17 00:00:00 2001
From: joshvanl <vleeuwenjoshua@gmail.com>
Date: Tue, 14 Sep 2021 18:01:41 +0100
Subject: [PATCH] Vault internal client should check health conn err before
 checking response status

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
---
 pkg/internal/vault/vault.go | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/pkg/internal/vault/vault.go b/pkg/internal/vault/vault.go
index 60717908d..36e95f4db 100644
--- a/pkg/internal/vault/vault.go
+++ b/pkg/internal/vault/vault.go
@@ -383,13 +383,25 @@ func (v *Vault) IsVaultInitializedAndUnsealed() error {
 	healthURL := path.Join("/v1", "sys", "health")
 	healthRequest := v.client.NewRequest("GET", healthURL)
 	healthResp, err := v.client.RawRequest(healthRequest)
+
+	if healthResp != nil {
+		defer healthResp.Body.Close()
+	}
+
 	// 429 = if unsealed and standby
 	// 472 = if disaster recovery mode replication secondary and active
 	// 473 = if performance standby
-	if err != nil && healthResp.StatusCode != 429 && healthResp.StatusCode != 472 && healthResp.StatusCode != 473 {
-		return err
+	if err != nil {
+		switch {
+		case healthResp == nil:
+			return err
+		case healthResp.StatusCode == 429, healthResp.StatusCode == 472, healthResp.StatusCode == 473:
+			return nil
+		default:
+			return fmt.Errorf("error calling Vault %s: %w", healthURL, err)
+		}
 	}
-	defer healthResp.Body.Close()
+
 	return nil
 }