Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add checks for other error types within the PKI plugin #14195

Merged
merged 2 commits into from
Feb 22, 2022

Conversation

stevendpclark
Copy link
Contributor

Overview

The PKI plugin assumes the code it is calling always returns an error of type errutil.UserError or errutil.InternalError. While I believe so far this is still true, it would be easy to add a code path that just returns a generic error and we would completely ignore it.

This is mainly to protect against a future code change that someone does not know this is an assumption within the handlers.

Issue: VAULT-5192

Testing

This can't really be tested from outside of Vault, nor to my knowledge within the current codebase as we don't have code paths that do this. I accidentally added one which since has been modified to return within a wrapped errutil.InternalError.

 - The PKI plugin assumes the code it is calling always returns an error
   of type errutil.UserError or errutil.InternalError. While I believe
   so far this is still true, it would be easy to add a code path that
   just returns a generic error and we would completely ignore it.
 - This was found within some managed key testing where I forgot to wrap
   an error within one of the expected types
@stevendpclark stevendpclark requested a review from a team February 22, 2022 16:05
@vercel vercel bot temporarily deployed to Preview – vault February 22, 2022 16:06 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook February 22, 2022 16:06 Inactive
Copy link
Contributor

@victorr victorr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@stevendpclark stevendpclark merged commit 34f128f into main Feb 22, 2022
@stevendpclark stevendpclark deleted the stevendpclark/vault-5192-solidify-error-handling branch February 22, 2022 19:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants