summaryrefslogtreecommitdiffstats
path: root/sms-service/src
diff options
context:
space:
mode:
authorKiran Kamineni <kiran.k.kamineni@intel.com>2018-02-26 16:16:41 -0800
committerKiran Kamineni <kiran.k.kamineni@intel.com>2018-02-26 16:19:32 -0800
commitcc2e23964a4609a9c405deb30c51864ff5e17254 (patch)
treeb5cee651a9736aa039391c0f13fc71aadec44a13 /sms-service/src
parente07366cf140811172dbefcda9450e5c7da14f7c9 (diff)
Improved error handling during startup
Server startup is silent when there are errors Making server startup more informative in cases where errors are encountered. Issue-ID: AAF-146 Change-Id: Iec9a44d0d10813cf77aef69dbfd5fd50eea10dbc Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
Diffstat (limited to 'sms-service/src')
-rw-r--r--sms-service/src/sms/backend/vault.go26
1 files changed, 20 insertions, 6 deletions
diff --git a/sms-service/src/sms/backend/vault.go b/sms-service/src/sms/backend/vault.go
index 6b9ad94..289fa3a 100644
--- a/sms-service/src/sms/backend/vault.go
+++ b/sms-service/src/sms/backend/vault.go
@@ -70,7 +70,11 @@ func (v *Vault) Init() error {
return fmt.Errorf("Vault is still sealed. Unseal before use")
}
- v.initRole()
+ err = v.initRole()
+ if err != nil {
+ log.Fatalln("Unable to initRole in Vault. Exiting...")
+ }
+
v.checkToken()
return nil
}
@@ -228,7 +232,10 @@ func (v *Vault) initRole() error {
rules := `path "sms/*" { capabilities = ["create", "read", "update", "delete", "list"] }
path "sys/mounts/sms*" { capabilities = ["update","delete","create"] }`
- v.vaultClient.Sys().PutPolicy(v.policyName, rules)
+ err := v.vaultClient.Sys().PutPolicy(v.policyName, rules)
+ if err != nil {
+ return errors.New("Unable to create policy for approle creation")
+ }
rName := v.vaultMount + "-role"
data := map[string]interface{}{
@@ -237,12 +244,15 @@ func (v *Vault) initRole() error {
}
// Delete role if it already exists
- v.vaultClient.Logical().Delete("auth/approle/role/" + rName)
+ _, err = v.vaultClient.Logical().Delete("auth/approle/role/" + rName)
+ if err != nil {
+ return errors.New("Unable to delete existing role")
+ }
//Check if approle is mounted
authMounts, err := v.vaultClient.Sys().ListAuth()
if err != nil {
- return err
+ return errors.New("Unable to get mounted auth backends")
}
approleMounted := false
@@ -262,13 +272,17 @@ func (v *Vault) initRole() error {
v.vaultClient.Logical().Write("auth/approle/role/"+rName, data)
sec, err := v.vaultClient.Logical().Read("auth/approle/role/" + rName + "/role-id")
if err != nil {
- log.Fatal(err)
+ return errors.New("Unable to create role ID for approle")
}
v.roleID = sec.Data["role_id"].(string)
// Create a secret-id to go with it
- sec, _ = v.vaultClient.Logical().Write("auth/approle/role/"+rName+"/secret-id",
+ sec, err = v.vaultClient.Logical().Write("auth/approle/role/"+rName+"/secret-id",
map[string]interface{}{})
+ if err != nil {
+ return errors.New("Unable to create secret ID for role")
+ }
+
v.secretID = sec.Data["secret_id"].(string)
return nil