feat: normalize azure errors
Signed-off-by: Adam Talbot <adam.talbot@venafi.com>
This commit is contained in:
Adam Talbot
parent
07aa7c5fb0
commit
934d4196ab
@ -11,11 +11,9 @@ this directory.
|
||||
package azuredns
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"os"
|
||||
"strings"
|
||||
@ -279,27 +277,63 @@ func stabilizeError(err error) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
redactResponse := func(resp *http.Response) *http.Response {
|
||||
if resp == nil {
|
||||
return nil
|
||||
return NormalizedError{
|
||||
Cause: err,
|
||||
}
|
||||
}
|
||||
|
||||
type NormalizedError struct {
|
||||
Cause error
|
||||
}
|
||||
|
||||
func (e NormalizedError) Error() string {
|
||||
var (
|
||||
authErr *azidentity.AuthenticationFailedError
|
||||
respErr *azcore.ResponseError
|
||||
)
|
||||
|
||||
switch {
|
||||
case errors.As(e.Cause, &authErr):
|
||||
msg := new(strings.Builder)
|
||||
fmt.Fprintln(msg, "authentication failed:")
|
||||
|
||||
if authErr.RawResponse != nil {
|
||||
if authErr.RawResponse.Request != nil {
|
||||
fmt.Fprintf(msg, "%s %s://%s%s\n", authErr.RawResponse.Request.Method, authErr.RawResponse.Request.URL.Scheme, authErr.RawResponse.Request.URL.Host, authErr.RawResponse.Request.URL.Path)
|
||||
}
|
||||
|
||||
fmt.Fprintln(msg, "--------------------------------------------------------------------------------")
|
||||
fmt.Fprintf(msg, "RESPONSE %s\n", authErr.RawResponse.Status)
|
||||
fmt.Fprintln(msg, "--------------------------------------------------------------------------------")
|
||||
}
|
||||
|
||||
response := *resp
|
||||
response.Body = io.NopCloser(bytes.NewReader([]byte("<REDACTED>")))
|
||||
return &response
|
||||
}
|
||||
fmt.Fprint(msg, "see logs for more information")
|
||||
|
||||
var authErr *azidentity.AuthenticationFailedError
|
||||
if errors.As(err, &authErr) {
|
||||
//nolint: bodyclose // False positive, this already a processed body, probably just pointing to a buffer.
|
||||
authErr.RawResponse = redactResponse(authErr.RawResponse)
|
||||
}
|
||||
return msg.String()
|
||||
case errors.As(e.Cause, &respErr):
|
||||
msg := new(strings.Builder)
|
||||
fmt.Fprintln(msg, "request error:")
|
||||
|
||||
var respErr *azcore.ResponseError
|
||||
if errors.As(err, &respErr) {
|
||||
//nolint: bodyclose // False positive, this already a processed body, probably just pointing to a buffer.
|
||||
respErr.RawResponse = redactResponse(respErr.RawResponse)
|
||||
}
|
||||
if respErr.RawResponse != nil {
|
||||
if respErr.RawResponse.Request != nil {
|
||||
fmt.Fprintf(msg, "%s %s://%s%s\n", respErr.RawResponse.Request.Method, respErr.RawResponse.Request.URL.Scheme, respErr.RawResponse.Request.URL.Host, respErr.RawResponse.Request.URL.Path)
|
||||
}
|
||||
|
||||
return err
|
||||
fmt.Fprintln(msg, "--------------------------------------------------------------------------------")
|
||||
fmt.Fprintf(msg, "RESPONSE %s\n", respErr.RawResponse.Status)
|
||||
if respErr.ErrorCode != "" {
|
||||
fmt.Fprintf(msg, "ERROR CODE: %s\n", respErr.ErrorCode)
|
||||
} else {
|
||||
fmt.Fprintln(msg, "ERROR CODE UNAVAILABLE")
|
||||
}
|
||||
fmt.Fprintln(msg, "--------------------------------------------------------------------------------")
|
||||
}
|
||||
|
||||
fmt.Fprint(msg, "see logs for more information")
|
||||
|
||||
return msg.String()
|
||||
|
||||
default:
|
||||
return e.Cause.Error()
|
||||
}
|
||||
}
|
||||
|
||||
@ -356,14 +356,12 @@ func TestGetAuthorizationFederatedSPT(t *testing.T) {
|
||||
_, err = spt.GetToken(context.TODO(), policy.TokenRequestOptions{Scopes: []string{"test"}})
|
||||
err = stabilizeError(err)
|
||||
assert.Error(t, err)
|
||||
assert.ErrorContains(t, err, fmt.Sprintf(`WorkloadIdentityCredential authentication failed
|
||||
assert.ErrorContains(t, err, fmt.Sprintf(`authentication failed:
|
||||
POST %s/adfs/oauth2/token
|
||||
--------------------------------------------------------------------------------
|
||||
RESPONSE 502 Bad Gateway
|
||||
--------------------------------------------------------------------------------
|
||||
<REDACTED>
|
||||
--------------------------------------------------------------------------------
|
||||
To troubleshoot, visit https://aka.ms/azsdk/go/identity/troubleshoot#workload`, ts.URL))
|
||||
see logs for more information`, ts.URL))
|
||||
})
|
||||
}
|
||||
|
||||
@ -406,12 +404,11 @@ func TestStabilizeResponseError(t *testing.T) {
|
||||
|
||||
err = dnsProvider.Present(context.TODO(), "test.com", "fqdn.test.com.", "test123")
|
||||
require.Error(t, err)
|
||||
require.ErrorContains(t, err, fmt.Sprintf(`Zone test.com. not found in AzureDNS for domain fqdn.test.com.. Err: GET %s/subscriptions/subscriptionID/resourceGroups/resourceGroupName/providers/Microsoft.Network/dnsZones/test.com
|
||||
require.ErrorContains(t, err, fmt.Sprintf(`Zone test.com. not found in AzureDNS for domain fqdn.test.com.. Err: request error:
|
||||
GET %s/subscriptions/subscriptionID/resourceGroups/resourceGroupName/providers/Microsoft.Network/dnsZones/test.com
|
||||
--------------------------------------------------------------------------------
|
||||
RESPONSE 502: 502 Bad Gateway
|
||||
RESPONSE 502 Bad Gateway
|
||||
ERROR CODE: TEST_ERROR_CODE
|
||||
--------------------------------------------------------------------------------
|
||||
<REDACTED>
|
||||
--------------------------------------------------------------------------------
|
||||
`, ts.URL))
|
||||
see logs for more information`, ts.URL))
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user