Skip to content

Commit

Permalink
feat: normalize azure errors
Browse files Browse the repository at this point in the history
Signed-off-by: Adam Talbot <adam.talbot@venafi.com>
  • Loading branch information
ThatsMrTalbot authored and cert-manager-bot committed Jun 13, 2024
1 parent 3403251 commit 7ec86d2
Show file tree
Hide file tree
Showing 2 changed files with 60 additions and 29 deletions.
74 changes: 54 additions & 20 deletions pkg/issuer/acme/dns/azuredns/azuredns.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,9 @@ this directory.
package azuredns

import (
"bytes"
"context"
"errors"
"fmt"
"io"
"net/http"
"os"
"strings"
Expand Down Expand Up @@ -279,27 +277,63 @@ func stabilizeError(err error) error {
return nil
}

redactResponse := func(resp *http.Response) *http.Response {
if resp == nil {
return nil
return NormalizedError{
Cause: err,
}
}

type NormalizedError struct {
Cause error
}

func (e NormalizedError) Error() string {
var (
authErr *azidentity.AuthenticationFailedError
respErr *azcore.ResponseError
)

switch {
case errors.As(e.Cause, &authErr):
msg := new(strings.Builder)
fmt.Fprintln(msg, "authentication failed:")

if authErr.RawResponse != nil {
if authErr.RawResponse.Request != nil {
fmt.Fprintf(msg, "%s %s://%s%s\n", authErr.RawResponse.Request.Method, authErr.RawResponse.Request.URL.Scheme, authErr.RawResponse.Request.URL.Host, authErr.RawResponse.Request.URL.Path)
}

fmt.Fprintln(msg, "--------------------------------------------------------------------------------")
fmt.Fprintf(msg, "RESPONSE %s\n", authErr.RawResponse.Status)
fmt.Fprintln(msg, "--------------------------------------------------------------------------------")
}

response := *resp
response.Body = io.NopCloser(bytes.NewReader([]byte("<REDACTED>")))
return &response
}
fmt.Fprint(msg, "see logs for more information")

var authErr *azidentity.AuthenticationFailedError
if errors.As(err, &authErr) {
//nolint: bodyclose // False positive, this already a processed body, probably just pointing to a buffer.
authErr.RawResponse = redactResponse(authErr.RawResponse)
}
return msg.String()
case errors.As(e.Cause, &respErr):
msg := new(strings.Builder)
fmt.Fprintln(msg, "request error:")

var respErr *azcore.ResponseError
if errors.As(err, &respErr) {
//nolint: bodyclose // False positive, this already a processed body, probably just pointing to a buffer.
respErr.RawResponse = redactResponse(respErr.RawResponse)
}
if respErr.RawResponse != nil {
if respErr.RawResponse.Request != nil {
fmt.Fprintf(msg, "%s %s://%s%s\n", respErr.RawResponse.Request.Method, respErr.RawResponse.Request.URL.Scheme, respErr.RawResponse.Request.URL.Host, respErr.RawResponse.Request.URL.Path)
}

return err
fmt.Fprintln(msg, "--------------------------------------------------------------------------------")
fmt.Fprintf(msg, "RESPONSE %s\n", respErr.RawResponse.Status)
if respErr.ErrorCode != "" {
fmt.Fprintf(msg, "ERROR CODE: %s\n", respErr.ErrorCode)
} else {
fmt.Fprintln(msg, "ERROR CODE UNAVAILABLE")
}
fmt.Fprintln(msg, "--------------------------------------------------------------------------------")
}

fmt.Fprint(msg, "see logs for more information")

return msg.String()

default:
return e.Cause.Error()
}
}
15 changes: 6 additions & 9 deletions pkg/issuer/acme/dns/azuredns/azuredns_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -356,14 +356,12 @@ func TestGetAuthorizationFederatedSPT(t *testing.T) {
_, err = spt.GetToken(context.TODO(), policy.TokenRequestOptions{Scopes: []string{"test"}})
err = stabilizeError(err)
assert.Error(t, err)
assert.ErrorContains(t, err, fmt.Sprintf(`WorkloadIdentityCredential authentication failed
assert.ErrorContains(t, err, fmt.Sprintf(`authentication failed:
POST %s/adfs/oauth2/token
--------------------------------------------------------------------------------
RESPONSE 502 Bad Gateway
--------------------------------------------------------------------------------
<REDACTED>
--------------------------------------------------------------------------------
To troubleshoot, visit https://aka.ms/azsdk/go/identity/troubleshoot#workload`, ts.URL))
see logs for more information`, ts.URL))
})
}

Expand Down Expand Up @@ -406,12 +404,11 @@ func TestStabilizeResponseError(t *testing.T) {

err = dnsProvider.Present(context.TODO(), "test.com", "fqdn.test.com.", "test123")
require.Error(t, err)
require.ErrorContains(t, err, fmt.Sprintf(`Zone test.com. not found in AzureDNS for domain fqdn.test.com.. Err: GET %s/subscriptions/subscriptionID/resourceGroups/resourceGroupName/providers/Microsoft.Network/dnsZones/test.com
require.ErrorContains(t, err, fmt.Sprintf(`Zone test.com. not found in AzureDNS for domain fqdn.test.com.. Err: request error:
GET %s/subscriptions/subscriptionID/resourceGroups/resourceGroupName/providers/Microsoft.Network/dnsZones/test.com
--------------------------------------------------------------------------------
RESPONSE 502: 502 Bad Gateway
RESPONSE 502 Bad Gateway
ERROR CODE: TEST_ERROR_CODE
--------------------------------------------------------------------------------
<REDACTED>
--------------------------------------------------------------------------------
`, ts.URL))
see logs for more information`, ts.URL))
}

0 comments on commit 7ec86d2

Please sign in to comment.