-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Secrets: Error standardization - Secrets API #7691
base: master
Are you sure you want to change the base?
Changes from 1 commit
198987c
2d6b930
55bd0d1
4a098e7
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change | ||||
---|---|---|---|---|---|---|
@@ -0,0 +1,104 @@ | ||||||
/* | ||||||
* | ||||||
* Copyright 2024 The Dapr Authors | ||||||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||||||
* you may not use this file except in compliance with the License. | ||||||
* You may obtain a copy of the License at | ||||||
* http://www.apache.org/licenses/LICENSE-2.0 | ||||||
* Unless required by applicable law or agreed to in writing, software | ||||||
* distributed under the License is distributed on an "AS IS" BASIS, | ||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||||
* See the License for the specific language governing permissions and | ||||||
* limitations under the License. | ||||||
* / | ||||||
*/ | ||||||
|
||||||
package errors | ||||||
|
||||||
import ( | ||||||
"fmt" | ||||||
"net/http" | ||||||
|
||||||
"github.com/dapr/kit/errors" | ||||||
"google.golang.org/grpc/codes" | ||||||
) | ||||||
|
||||||
type SecretsStoreError struct { | ||||||
name string | ||||||
skipResourceInfo bool | ||||||
} | ||||||
|
||||||
func SecretsStore(name string) *SecretsStoreError { | ||||||
return &SecretsStoreError{ | ||||||
name: name, | ||||||
} | ||||||
} | ||||||
|
||||||
func (s *SecretsStoreError) NotConfigured() error { | ||||||
return s.build( | ||||||
errors.NewBuilder( | ||||||
codes.FailedPrecondition, | ||||||
http.StatusInternalServerError, | ||||||
fmt.Sprintf("secret store is not configured"), | ||||||
"ERR_SECRET_STORES_NOT_CONFIGURED", | ||||||
), | ||||||
"NOT_CONFIGURED", | ||||||
) | ||||||
} | ||||||
|
||||||
func (s *SecretsStoreError) PermissionDenied(key string) error { | ||||||
return s.build( | ||||||
errors.NewBuilder( | ||||||
codes.PermissionDenied, | ||||||
http.StatusForbidden, | ||||||
fmt.Sprintf("access denied by policy to get %q from %q", key, s.name), | ||||||
"ERR_SECRETS_PERMISSION_DENIED", | ||||||
), | ||||||
"PERMISSION_DENIED", | ||||||
) | ||||||
} | ||||||
|
||||||
func (s *SecretsStoreError) NotFound() error { | ||||||
return s.build( | ||||||
errors.NewBuilder( | ||||||
codes.InvalidArgument, | ||||||
http.StatusUnauthorized, | ||||||
fmt.Sprintf("failed finding secret store with key %s", s.name), | ||||||
"ERR_SECRET_STORE_NOT_FOUND", | ||||||
), | ||||||
"NOT_FOUND", | ||||||
) | ||||||
} | ||||||
|
||||||
func (s *SecretsStoreError) GetSecret(key string, error string) error { | ||||||
return s.build( | ||||||
errors.NewBuilder( | ||||||
codes.Internal, | ||||||
http.StatusInternalServerError, | ||||||
fmt.Sprintf("failed getting secret with key %s from secret store %s: %s", key, s.name, error), | ||||||
"ERR_SECRET_GET", | ||||||
), | ||||||
"SECRET_GET", | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
Since we prefix the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Makes sense There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
|
||||||
) | ||||||
} | ||||||
|
||||||
func (s *SecretsStoreError) BulkSecretGet(error string) error { | ||||||
return s.build( | ||||||
errors.NewBuilder( | ||||||
codes.Internal, | ||||||
http.StatusInternalServerError, | ||||||
fmt.Sprintf("failed getting secrets from secret store %s: %v", s.name, error), | ||||||
"ERR_SECRET_GET", | ||||||
), | ||||||
"SECRET_GET", | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
|
||||||
) | ||||||
} | ||||||
|
||||||
func (s *SecretsStoreError) build(err *errors.ErrorBuilder, errCode string) error { | ||||||
if !s.skipResourceInfo { | ||||||
err = err.WithResourceInfo("secrets", s.name, "", "") | ||||||
} | ||||||
return err. | ||||||
WithErrorInfo(errors.CodePrefixSecretStore+errCode, nil). | ||||||
Build() | ||||||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -75,13 +75,6 @@ var ( | |
ErrOutboundHealthNotReady = APIError{"dapr outbound is not ready", "ERR_OUTBOUND_HEALTH_NOT_READY", http.StatusInternalServerError, grpcCodes.Internal} | ||
ErrHealthAppIDNotMatch = APIError{"dapr app-id does not match", "ERR_HEALTH_APPID_NOT_MATCH", http.StatusInternalServerError, grpcCodes.Internal} | ||
|
||
// Secrets. | ||
ErrSecretStoreNotConfigured = APIError{"secret store is not configured", "ERR_SECRET_STORES_NOT_CONFIGURED", http.StatusInternalServerError, grpcCodes.FailedPrecondition} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @cicoyle looks like typo here btw. ERR_SECRET_STORES_NOT_CONFIGURED => ERR_SECRET_STORE_NOT_CONFIGURED. Fix it? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We will have to keep the legacy tag as is: |
||
ErrSecretStoreNotFound = APIError{"failed finding secret store with key %s", "ERR_SECRET_STORE_NOT_FOUND", http.StatusUnauthorized, grpcCodes.InvalidArgument} | ||
ErrSecretPermissionDenied = APIError{"access denied by policy to get %q from %q", "ERR_PERMISSION_DENIED", http.StatusForbidden, grpcCodes.PermissionDenied} | ||
ErrSecretGet = APIError{"failed getting secret with key %s from secret store %s: %s", "ERR_SECRET_GET", http.StatusInternalServerError, grpcCodes.Internal} | ||
ErrBulkSecretGet = APIError{"failed getting secrets from secret store %s: %v", "ERR_SECRET_GET", http.StatusInternalServerError, grpcCodes.Internal} | ||
|
||
// Crypto. | ||
ErrCryptoProvidersNotConfigured = APIError{"crypto providers not configured", "ERR_CRYPTO_PROVIDERS_NOT_CONFIGURED", http.StatusInternalServerError, grpcCodes.Internal} | ||
ErrCryptoProviderNotFound = APIError{"crypto provider %s not found", "ERR_CRYPTO_PROVIDER_NOT_FOUND", http.StatusBadRequest, grpcCodes.InvalidArgument} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We have to keep this as the legacy tag for backwards compatibility