Log errors to log file

Currently errors are being written out to the screen Log them to a log file with the appropriate prefix instead This uses the sms/log framework for logging Issue-ID: AAF-159 Change-Id: Ib4f4dbc87fa4b1ee92ed1055de94f8324bd1a192 Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
author: Kiran Kamineni <kiran.k.kamineni@intel.com> 2018-03-06 11:36:40 -0800
committer: Kiran Kamineni <kiran.k.kamineni@intel.com> 2018-03-06 17:25:21 -0800
commit: ce2498616ae1a81debadec35233d82b0ef7b8657 (patch)
tree: 44714207890cda3b0877f919d0eb39e22ba7527d /sms-service/src
parent: bf1a8c07c590c8f6c7a7c882a7dd5f157b09250e (diff)
2 files changed, 55 insertions, 13 deletions
diff --git a/sms-service/src/sms/backend/vault.go b/sms-service/src/sms/backend/vault.go
index 0b62bb5..a4ebaaa 100644
--- a/sms-service/src/sms/backend/vault.go
+++ b/sms-service/src/sms/backend/vault.go
@@ -19,6 +19,7 @@ package backend
 import (
 	uuid "github.com/hashicorp/go-uuid"
 	vaultapi "github.com/hashicorp/vault/api"
+	smslogger "sms/log"
 
 	"errors"
 	"fmt"
@@ -50,7 +51,8 @@ func (v *Vault) Init() error {
 	vaultCFG.Address = v.vaultAddress
 	client, err := vaultapi.NewClient(vaultCFG)
 	if err != nil {
-		return err
+		smslogger.WriteError(err.Error())
+		return errors.New("Unable to create new vault client")
 	}
 
 	v.engineType = "kv"
@@ -61,7 +63,8 @@ func (v *Vault) Init() error {
 
 	err = v.initRole()
 	if err != nil {
-		//print error message and try to initrole later
+		smslogger.WriteError(err.Error())
+		smslogger.WriteInfo("InitRole will try again later")
 	}
 
 	return nil
@@ -72,7 +75,8 @@ func (v *Vault) GetStatus() (bool, error) {
 	sys := v.vaultClient.Sys()
 	sealStatus, err := sys.SealStatus()
 	if err != nil {
-		return false, err
+		smslogger.WriteError(err.Error())
+		return false, errors.New("Error getting status")
 	}
 
 	return sealStatus.Sealed, nil
@@ -84,7 +88,8 @@ func (v *Vault) Unseal(shard string) error {
 	sys := v.vaultClient.Sys()
 	_, err := sys.Unseal(shard)
 	if err != nil {
-		return err
+		smslogger.WriteError(err.Error())
+		return errors.New("Unable to execute unseal operation with specified shard")
 	}
 
 	return nil
@@ -96,18 +101,21 @@ func (v *Vault) Unseal(shard string) error {
 func (v *Vault) GetSecret(dom string, name string) (Secret, error) {
 	err := v.checkToken()
 	if err != nil {
-		return Secret{}, errors.New("Token check returned error: " + err.Error())
+		smslogger.WriteError(err.Error())
+		return Secret{}, errors.New("Token check failed")
 	}
 
 	dom = v.vaultMount + "/" + dom
 
 	sec, err := v.vaultClient.Logical().Read(dom + "/" + name)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		return Secret{}, errors.New("Unable to read Secret at provided path")
 	}
 
 	// sec and err are nil in the case where a path does not exist
 	if sec == nil {
+		smslogger.WriteWarn("Vault read was empty. Invalid Path")
 		return Secret{}, errors.New("Secret not found at the provided path")
 	}
 
@@ -119,23 +127,27 @@ func (v *Vault) GetSecret(dom string, name string) (Secret, error) {
 func (v *Vault) ListSecret(dom string) ([]string, error) {
 	err := v.checkToken()
 	if err != nil {
-		return nil, errors.New("Token check returned error: " + err.Error())
+		smslogger.WriteError(err.Error())
+		return nil, errors.New("Token check failed")
 	}
 
 	dom = v.vaultMount + "/" + dom
 
 	sec, err := v.vaultClient.Logical().List(dom)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		return nil, errors.New("Unable to read Secret at provided path")
 	}
 
 	// sec and err are nil in the case where a path does not exist
 	if sec == nil {
+		smslogger.WriteWarn("Vaultclient returned empty data")
 		return nil, errors.New("Secret not found at the provided path")
 	}
 
 	val, ok := sec.Data["keys"].([]interface{})
 	if !ok {
+		smslogger.WriteError("Secret not found at the provided path")
 		return nil, errors.New("Secret not found at the provided path")
 	}
 
@@ -152,7 +164,8 @@ func (v *Vault) CreateSecretDomain(name string) (SecretDomain, error) {
 	// Check if token is still valid
 	err := v.checkToken()
 	if err != nil {
-		return SecretDomain{}, err
+		smslogger.WriteError(err.Error())
+		return SecretDomain{}, errors.New("Token Check failed")
 	}
 
 	name = strings.TrimSpace(name)
@@ -167,7 +180,8 @@ func (v *Vault) CreateSecretDomain(name string) (SecretDomain, error) {
 
 	err = v.vaultClient.Sys().Mount(mountPath, mountInput)
 	if err != nil {
-		return SecretDomain{}, err
+		smslogger.WriteError(err.Error())
+		return SecretDomain{}, errors.New("Unable to create Secret Domain")
 	}
 
 	uuid, _ := uuid.GenerateUUID()
@@ -179,7 +193,8 @@ func (v *Vault) CreateSecretDomain(name string) (SecretDomain, error) {
 func (v *Vault) CreateSecret(dom string, sec Secret) error {
 	err := v.checkToken()
 	if err != nil {
-		return errors.New("Token checking returned an error" + err.Error())
+		smslogger.WriteError(err.Error())
+		return errors.New("Token check failed")
 	}
 
 	dom = v.vaultMount + "/" + dom
@@ -188,6 +203,7 @@ func (v *Vault) CreateSecret(dom string, sec Secret) error {
 	// TODO: Check if values is not empty
 	_, err = v.vaultClient.Logical().Write(dom+"/"+sec.Name, sec.Values)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		return errors.New("Unable to create Secret at provided path")
 	}
 
@@ -199,7 +215,8 @@ func (v *Vault) CreateSecret(dom string, sec Secret) error {
 func (v *Vault) DeleteSecretDomain(name string) error {
 	err := v.checkToken()
 	if err != nil {
-		return err
+		smslogger.WriteError(err.Error())
+		return errors.New("Token Check Failed")
 	}
 
 	name = strings.TrimSpace(name)
@@ -207,6 +224,7 @@ func (v *Vault) DeleteSecretDomain(name string) error {
 
 	err = v.vaultClient.Sys().Unmount(mountPath)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		return errors.New("Unable to delete domain specified")
 	}
 
@@ -217,7 +235,8 @@ func (v *Vault) DeleteSecretDomain(name string) error {
 func (v *Vault) DeleteSecret(dom string, name string) error {
 	err := v.checkToken()
 	if err != nil {
-		return errors.New("Token checking returned an error" + err.Error())
+		smslogger.WriteError(err.Error())
+		return errors.New("Token check failed")
 	}
 
 	dom = v.vaultMount + "/" + dom
@@ -225,6 +244,7 @@ func (v *Vault) DeleteSecret(dom string, name string) error {
 	// Vault return is empty on successful delete
 	_, err = v.vaultClient.Logical().Delete(dom + "/" + name)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		return errors.New("Unable to delete Secret at provided path")
 	}
 
@@ -241,6 +261,7 @@ func (v *Vault) initRole() error {
 			path "sys/mounts/sms*" { capabilities = ["update","delete","create"] }`
 	err := v.vaultClient.Sys().PutPolicy(v.policyName, rules)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		return errors.New("Unable to create policy for approle creation")
 	}
 
@@ -253,6 +274,7 @@ func (v *Vault) initRole() error {
 	//Check if applrole is mounted
 	authMounts, err := v.vaultClient.Sys().ListAuth()
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		return errors.New("Unable to get mounted auth backends")
 	}
 
@@ -273,6 +295,7 @@ func (v *Vault) initRole() error {
 	v.vaultClient.Logical().Write("auth/approle/role/"+rName, data)
 	sec, err := v.vaultClient.Logical().Read("auth/approle/role/" + rName + "/role-id")
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		return errors.New("Unable to create role ID for approle")
 	}
 	v.roleID = sec.Data["role_id"].(string)
@@ -281,6 +304,7 @@ func (v *Vault) initRole() error {
 	sec, err = v.vaultClient.Logical().Write("auth/approle/role/"+rName+"/secret-id",
 		map[string]interface{}{})
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		return errors.New("Unable to create secret ID for role")
 	}
 
@@ -300,7 +324,8 @@ func (v *Vault) checkToken() error {
 	if v.initRoleDone == false {
 		err := v.initRole()
 		if err != nil {
-			return err
+			smslogger.WriteError(err.Error())
+			return errors.New("Unable to initRole in checkToken")
 		}
 	}
 
@@ -314,7 +339,8 @@ func (v *Vault) checkToken() error {
 	out, err := v.vaultClient.Logical().Write("auth/approle/login",
 		map[string]interface{}{"role_id": v.roleID, "secret_id": v.secretID})
 	if err != nil {
-		return err
+		smslogger.WriteError(err.Error())
+		return errors.New("Unable to create Temporary Token for Role")
 	}
 
 	tok, err := out.TokenID()
diff --git a/sms-service/src/sms/handler/handler.go b/sms-service/src/sms/handler/handler.go
index 2288092..496b782 100644
--- a/sms-service/src/sms/handler/handler.go
+++ b/sms-service/src/sms/handler/handler.go
@@ -22,6 +22,7 @@ import (
 	"net/http"
 
 	smsbackend "sms/backend"
+	smslogger "sms/log"
 )
 
 // handler stores two interface implementations that implement
@@ -37,18 +38,21 @@ func (h handler) createSecretDomainHandler(w http.ResponseWriter, r *http.Reques
 
 	err := json.NewDecoder(r.Body).Decode(&d)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		http.Error(w, err.Error(), http.StatusBadRequest)
 		return
 	}
 
 	dom, err := h.secretBackend.CreateSecretDomain(d.Name)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
 	err = json.NewEncoder(w).Encode(dom)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
@@ -63,6 +67,7 @@ func (h handler) deleteSecretDomainHandler(w http.ResponseWriter, r *http.Reques
 
 	err := h.secretBackend.DeleteSecretDomain(domName)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
@@ -80,12 +85,14 @@ func (h handler) createSecretHandler(w http.ResponseWriter, r *http.Request) {
 	var b smsbackend.Secret
 	err := json.NewDecoder(r.Body).Decode(&b)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		http.Error(w, err.Error(), http.StatusBadRequest)
 		return
 	}
 
 	err = h.secretBackend.CreateSecret(domName, b)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
@@ -101,12 +108,14 @@ func (h handler) getSecretHandler(w http.ResponseWriter, r *http.Request) {
 
 	sec, err := h.secretBackend.GetSecret(domName, secName)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
 	err = json.NewEncoder(w).Encode(sec)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
@@ -119,12 +128,14 @@ func (h handler) listSecretHandler(w http.ResponseWriter, r *http.Request) {
 
 	sec, err := h.secretBackend.ListSecret(domName)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
 	err = json.NewEncoder(w).Encode(sec)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
@@ -138,6 +149,7 @@ func (h handler) deleteSecretHandler(w http.ResponseWriter, r *http.Request) {
 
 	err := h.secretBackend.DeleteSecret(domName, secName)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
@@ -152,6 +164,7 @@ type backendStatus struct {
 func (h handler) statusHandler(w http.ResponseWriter, r *http.Request) {
 	s, err := h.secretBackend.GetStatus()
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
@@ -159,6 +172,7 @@ func (h handler) statusHandler(w http.ResponseWriter, r *http.Request) {
 	status := backendStatus{Seal: s}
 	err = json.NewEncoder(w).Encode(status)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
@@ -182,12 +196,14 @@ func (h handler) unsealHandler(w http.ResponseWriter, r *http.Request) {
 	decoder.DisallowUnknownFields()
 	err := decoder.Decode(&inp)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		http.Error(w, "Bad input JSON", http.StatusBadRequest)
 		return
 	}
 
 	err = h.secretBackend.Unseal(inp.UnsealShard)
 	if err != nil {
+		smslogger.WriteError(err.Error())
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
author	Kiran Kamineni <kiran.k.kamineni@intel.com>	2018-03-06 11:36:40 -0800
committer	Kiran Kamineni <kiran.k.kamineni@intel.com>	2018-03-06 17:25:21 -0800
commit	ce2498616ae1a81debadec35233d82b0ef7b8657 (patch)
tree	44714207890cda3b0877f919d0eb39e22ba7527d /sms-service/src
parent	bf1a8c07c590c8f6c7a7c882a7dd5f157b09250e (diff)