diff --git a/pkg/issuer/acme/dns/azuredns/azuredns.go b/pkg/issuer/acme/dns/azuredns/azuredns.go index 27994c73b..c6148feff 100644 --- a/pkg/issuer/acme/dns/azuredns/azuredns.go +++ b/pkg/issuer/acme/dns/azuredns/azuredns.go @@ -11,11 +11,9 @@ this directory. package azuredns import ( - "bytes" "context" "errors" "fmt" - "io" "net/http" "os" "strings" @@ -279,27 +277,63 @@ func stabilizeError(err error) error { return nil } - redactResponse := func(resp *http.Response) *http.Response { - if resp == nil { - return nil + return NormalizedError{ + Cause: err, + } +} + +type NormalizedError struct { + Cause error +} + +func (e NormalizedError) Error() string { + var ( + authErr *azidentity.AuthenticationFailedError + respErr *azcore.ResponseError + ) + + switch { + case errors.As(e.Cause, &authErr): + msg := new(strings.Builder) + fmt.Fprintln(msg, "authentication failed:") + + if authErr.RawResponse != nil { + if authErr.RawResponse.Request != nil { + fmt.Fprintf(msg, "%s %s://%s%s\n", authErr.RawResponse.Request.Method, authErr.RawResponse.Request.URL.Scheme, authErr.RawResponse.Request.URL.Host, authErr.RawResponse.Request.URL.Path) + } + + fmt.Fprintln(msg, "--------------------------------------------------------------------------------") + fmt.Fprintf(msg, "RESPONSE %s\n", authErr.RawResponse.Status) + fmt.Fprintln(msg, "--------------------------------------------------------------------------------") } - response := *resp - response.Body = io.NopCloser(bytes.NewReader([]byte(""))) - return &response - } + fmt.Fprint(msg, "see logs for more information") - var authErr *azidentity.AuthenticationFailedError - if errors.As(err, &authErr) { - //nolint: bodyclose // False positive, this already a processed body, probably just pointing to a buffer. - authErr.RawResponse = redactResponse(authErr.RawResponse) - } + return msg.String() + case errors.As(e.Cause, &respErr): + msg := new(strings.Builder) + fmt.Fprintln(msg, "request error:") - var respErr *azcore.ResponseError - if errors.As(err, &respErr) { - //nolint: bodyclose // False positive, this already a processed body, probably just pointing to a buffer. - respErr.RawResponse = redactResponse(respErr.RawResponse) - } + if respErr.RawResponse != nil { + if respErr.RawResponse.Request != nil { + fmt.Fprintf(msg, "%s %s://%s%s\n", respErr.RawResponse.Request.Method, respErr.RawResponse.Request.URL.Scheme, respErr.RawResponse.Request.URL.Host, respErr.RawResponse.Request.URL.Path) + } - return err + fmt.Fprintln(msg, "--------------------------------------------------------------------------------") + fmt.Fprintf(msg, "RESPONSE %s\n", respErr.RawResponse.Status) + if respErr.ErrorCode != "" { + fmt.Fprintf(msg, "ERROR CODE: %s\n", respErr.ErrorCode) + } else { + fmt.Fprintln(msg, "ERROR CODE UNAVAILABLE") + } + fmt.Fprintln(msg, "--------------------------------------------------------------------------------") + } + + fmt.Fprint(msg, "see logs for more information") + + return msg.String() + + default: + return e.Cause.Error() + } } diff --git a/pkg/issuer/acme/dns/azuredns/azuredns_test.go b/pkg/issuer/acme/dns/azuredns/azuredns_test.go index 0cd7c0c31..5823bab98 100644 --- a/pkg/issuer/acme/dns/azuredns/azuredns_test.go +++ b/pkg/issuer/acme/dns/azuredns/azuredns_test.go @@ -356,14 +356,12 @@ func TestGetAuthorizationFederatedSPT(t *testing.T) { _, err = spt.GetToken(context.TODO(), policy.TokenRequestOptions{Scopes: []string{"test"}}) err = stabilizeError(err) assert.Error(t, err) - assert.ErrorContains(t, err, fmt.Sprintf(`WorkloadIdentityCredential authentication failed + assert.ErrorContains(t, err, fmt.Sprintf(`authentication failed: POST %s/adfs/oauth2/token -------------------------------------------------------------------------------- RESPONSE 502 Bad Gateway -------------------------------------------------------------------------------- - --------------------------------------------------------------------------------- -To troubleshoot, visit https://aka.ms/azsdk/go/identity/troubleshoot#workload`, ts.URL)) +see logs for more information`, ts.URL)) }) } @@ -406,12 +404,11 @@ func TestStabilizeResponseError(t *testing.T) { err = dnsProvider.Present(context.TODO(), "test.com", "fqdn.test.com.", "test123") require.Error(t, err) - require.ErrorContains(t, err, fmt.Sprintf(`Zone test.com. not found in AzureDNS for domain fqdn.test.com.. Err: GET %s/subscriptions/subscriptionID/resourceGroups/resourceGroupName/providers/Microsoft.Network/dnsZones/test.com + require.ErrorContains(t, err, fmt.Sprintf(`Zone test.com. not found in AzureDNS for domain fqdn.test.com.. Err: request error: +GET %s/subscriptions/subscriptionID/resourceGroups/resourceGroupName/providers/Microsoft.Network/dnsZones/test.com -------------------------------------------------------------------------------- -RESPONSE 502: 502 Bad Gateway +RESPONSE 502 Bad Gateway ERROR CODE: TEST_ERROR_CODE -------------------------------------------------------------------------------- - --------------------------------------------------------------------------------- -`, ts.URL)) +see logs for more information`, ts.URL)) }