Merge pull request #2470 from munnerz/remove-misleading-errors
Don't log misleading error messages
This commit is contained in:
jetstack-bot
GitHub
commit
9ca34f773f
@ -6,7 +6,6 @@ go_library(
|
|||||||
importpath = "github.com/jetstack/cert-manager/pkg/util/kube",
|
importpath = "github.com/jetstack/cert-manager/pkg/util/kube",
|
||||||
visibility = ["//visibility:public"],
|
visibility = ["//visibility:public"],
|
||||||
deps = [
|
deps = [
|
||||||
"//pkg/logs:go_default_library",
|
|
||||||
"//pkg/util/errors:go_default_library",
|
"//pkg/util/errors:go_default_library",
|
||||||
"//pkg/util/pki:go_default_library",
|
"//pkg/util/pki:go_default_library",
|
||||||
"@io_k8s_api//core/v1:go_default_library",
|
"@io_k8s_api//core/v1:go_default_library",
|
||||||
|
|||||||
@ -24,7 +24,6 @@ import (
|
|||||||
api "k8s.io/api/core/v1"
|
api "k8s.io/api/core/v1"
|
||||||
corelisters "k8s.io/client-go/listers/core/v1"
|
corelisters "k8s.io/client-go/listers/core/v1"
|
||||||
|
|
||||||
logf "github.com/jetstack/cert-manager/pkg/logs"
|
|
||||||
"github.com/jetstack/cert-manager/pkg/util/errors"
|
"github.com/jetstack/cert-manager/pkg/util/errors"
|
||||||
"github.com/jetstack/cert-manager/pkg/util/pki"
|
"github.com/jetstack/cert-manager/pkg/util/pki"
|
||||||
)
|
)
|
||||||
@ -33,26 +32,17 @@ import (
|
|||||||
// secret with 'name' in 'namespace'. It will read the private key data from the secret
|
// secret with 'name' in 'namespace'. It will read the private key data from the secret
|
||||||
// entry with name 'keyName'.
|
// entry with name 'keyName'.
|
||||||
func SecretTLSKeyRef(ctx context.Context, secretLister corelisters.SecretLister, namespace, name, keyName string) (crypto.Signer, error) {
|
func SecretTLSKeyRef(ctx context.Context, secretLister corelisters.SecretLister, namespace, name, keyName string) (crypto.Signer, error) {
|
||||||
log := logf.FromContext(ctx)
|
|
||||||
log = logf.WithRelatedResourceName(log, name, namespace, "Secret")
|
|
||||||
|
|
||||||
secret, err := secretLister.Secrets(namespace).Get(name)
|
secret, err := secretLister.Secrets(namespace).Get(name)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error(err, "failed to retrieve secret")
|
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
log = logf.WithRelatedResource(log, secret)
|
|
||||||
log.V(logf.DebugLevel).Info("got secret resource")
|
|
||||||
|
|
||||||
log = log.WithValues("secret_key", keyName)
|
|
||||||
keyBytes, ok := secret.Data[keyName]
|
keyBytes, ok := secret.Data[keyName]
|
||||||
if !ok {
|
if !ok {
|
||||||
log.Error(nil, "no data for key in secret")
|
|
||||||
return nil, errors.NewInvalidData("no data for %q in secret '%s/%s'", keyName, namespace, name)
|
return nil, errors.NewInvalidData("no data for %q in secret '%s/%s'", keyName, namespace, name)
|
||||||
}
|
}
|
||||||
key, err := pki.DecodePrivateKeyBytes(keyBytes)
|
key, err := pki.DecodePrivateKeyBytes(keyBytes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error(err, "error decoding private key")
|
|
||||||
return key, errors.NewInvalidData(err.Error())
|
return key, errors.NewInvalidData(err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -67,28 +57,18 @@ func SecretTLSKey(ctx context.Context, secretLister corelisters.SecretLister, na
|
|||||||
}
|
}
|
||||||
|
|
||||||
func SecretTLSCertChain(ctx context.Context, secretLister corelisters.SecretLister, namespace, name string) ([]*x509.Certificate, error) {
|
func SecretTLSCertChain(ctx context.Context, secretLister corelisters.SecretLister, namespace, name string) ([]*x509.Certificate, error) {
|
||||||
log := logf.FromContext(ctx)
|
|
||||||
log = logf.WithRelatedResourceName(log, name, namespace, "Secret")
|
|
||||||
|
|
||||||
secret, err := secretLister.Secrets(namespace).Get(name)
|
secret, err := secretLister.Secrets(namespace).Get(name)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error(err, "failed to retrieve secret")
|
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
log = logf.WithRelatedResource(log, secret)
|
|
||||||
log.V(logf.DebugLevel).Info("got secret resource")
|
|
||||||
|
|
||||||
log = log.WithValues("secret_key", api.TLSCertKey)
|
|
||||||
certBytes, ok := secret.Data[api.TLSCertKey]
|
certBytes, ok := secret.Data[api.TLSCertKey]
|
||||||
if !ok {
|
if !ok {
|
||||||
log.Error(nil, "no data for key in secret")
|
|
||||||
return nil, errors.NewInvalidData("no data for %q in secret '%s/%s'", api.TLSCertKey, namespace, name)
|
return nil, errors.NewInvalidData("no data for %q in secret '%s/%s'", api.TLSCertKey, namespace, name)
|
||||||
}
|
}
|
||||||
|
|
||||||
log.V(logf.DebugLevel).Info("attempting to decode certificate chain")
|
|
||||||
cert, err := pki.DecodeX509CertificateChainBytes(certBytes)
|
cert, err := pki.DecodeX509CertificateChainBytes(certBytes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error(err, "error decoding x509 certificate")
|
|
||||||
return cert, errors.NewInvalidData(err.Error())
|
return cert, errors.NewInvalidData(err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -96,36 +76,26 @@ func SecretTLSCertChain(ctx context.Context, secretLister corelisters.SecretList
|
|||||||
}
|
}
|
||||||
|
|
||||||
func SecretTLSKeyPair(ctx context.Context, secretLister corelisters.SecretLister, namespace, name string) ([]*x509.Certificate, crypto.Signer, error) {
|
func SecretTLSKeyPair(ctx context.Context, secretLister corelisters.SecretLister, namespace, name string) ([]*x509.Certificate, crypto.Signer, error) {
|
||||||
log := logf.FromContext(ctx)
|
|
||||||
log = logf.WithRelatedResourceName(log, name, namespace, "Secret")
|
|
||||||
|
|
||||||
secret, err := secretLister.Secrets(namespace).Get(name)
|
secret, err := secretLister.Secrets(namespace).Get(name)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
log = logf.WithRelatedResource(log, secret)
|
|
||||||
|
|
||||||
log = log.WithValues("secret_key", api.TLSPrivateKeyKey)
|
|
||||||
keyBytes, ok := secret.Data[api.TLSPrivateKeyKey]
|
keyBytes, ok := secret.Data[api.TLSPrivateKeyKey]
|
||||||
if !ok {
|
if !ok {
|
||||||
log.Error(nil, "no data for key in secret")
|
|
||||||
return nil, nil, errors.NewInvalidData("no private key data for %q in secret '%s/%s'", api.TLSPrivateKeyKey, namespace, name)
|
return nil, nil, errors.NewInvalidData("no private key data for %q in secret '%s/%s'", api.TLSPrivateKeyKey, namespace, name)
|
||||||
}
|
}
|
||||||
key, err := pki.DecodePrivateKeyBytes(keyBytes)
|
key, err := pki.DecodePrivateKeyBytes(keyBytes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error(err, "error decoding private key")
|
|
||||||
return nil, nil, errors.NewInvalidData(err.Error())
|
return nil, nil, errors.NewInvalidData(err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
log = log.WithValues("secret_key", api.TLSCertKey)
|
|
||||||
certBytes, ok := secret.Data[api.TLSCertKey]
|
certBytes, ok := secret.Data[api.TLSCertKey]
|
||||||
if !ok {
|
if !ok {
|
||||||
log.Error(nil, "no data for key in secret")
|
|
||||||
return nil, key, errors.NewInvalidData("no certificate data for %q in secret '%s/%s'", api.TLSCertKey, namespace, name)
|
return nil, key, errors.NewInvalidData("no certificate data for %q in secret '%s/%s'", api.TLSCertKey, namespace, name)
|
||||||
}
|
}
|
||||||
cert, err := pki.DecodeX509CertificateChainBytes(certBytes)
|
cert, err := pki.DecodeX509CertificateChainBytes(certBytes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error(err, "error decoding x509 certificate")
|
|
||||||
return nil, key, errors.NewInvalidData(err.Error())
|
return nil, key, errors.NewInvalidData(err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user