varnitgoyal95/deployment-portal-be
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[INFRA-425] | Anoop | Add error when unable to fetch secrets from vault

Browse Source
This commit is contained in:
anoop narang
2020-08-12 11:25:49 +05:30
parent 68708ab624
commit 9dcd4e6d0f
2 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/main/java/com/navi/infra/portal/dto/VaultResponse.java
View File

@@ -19,4 +19,8 @@ public class VaultResponse implements Serializable {
private int httpStatus;
private String responseBody;
public Boolean isOk() {
return httpStatus == 200;
}
}

9
src/main/java/com/navi/infra/portal/service/ManifestService.java
View File

@@ -26,8 +26,10 @@ import org.springframework.http.HttpStatus;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.server.ResponseStatusException;
@Service
@RequiredArgsConstructor
@Slf4j
@@ -44,6 +46,7 @@ public class ManifestService {
private final KubernetesManifestService kubernetesManifestService;
@PreAuthorize("hasAuthority('manifest.write')")
@Transactional
public ManifestResponse createOrUpdate(JsonNode manifestRequest) {
ManifestResponse manifestResponse = new ManifestResponse();
Set<ValidationMessage> validationReport = validationUtils.getReport(manifestRequest);
@@ -167,12 +170,18 @@ public class ManifestService {
if (manifest.hasSecrets() && AuthorizationContext.hasAuthority("secret.read")) {
VaultResponse vaultResponse = vaultService.fetchConfig(manifest.getSecretVaultPath());
if(!vaultResponse.isOk()) {
throw new RuntimeException(String.format("Unable to fetch secrets from vault, HTTP STATUS: %s", vaultResponse.getHttpStatus()));
}
manifestDeepCopy.addSecrets(vaultResponse.getData());
}
if (manifest.hasSuperSecrets() && AuthorizationContext.hasAuthority("supersecret.read")) {
VaultResponse vaultResponse = vaultService
.fetchConfig(manifest.getSuperSecretVaultPath());
if(!vaultResponse.isOk()) {
throw new RuntimeException(String.format("Unable to fetch super secrets from vault, HTTP STATUS: %s", vaultResponse.getHttpStatus()));
}
manifestDeepCopy.addSuperSecrets(vaultResponse.getData());
}
return manifestDeepCopy;