This is an automated email from the ASF dual-hosted git repository.
rawlin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
The following commit(s) were added to refs/heads/master by this push:
new a65b195 Better error handling when creating a DS on a CDN with no
keys (#4581)
a65b195 is described below
commit a65b1952f5c802a6bb65f17d41fdc141928ea673
Author: Michael Hoppal <[email protected]>
AuthorDate: Fri Apr 3 10:31:11 2020 -0600
Better error handling when creating a DS on a CDN with no keys (#4581)
---
.../deliveryservice/deliveryservices.go | 4 ++--
traffic_ops/traffic_ops_golang/deliveryservice/dnssec.go | 15 ++++++++-------
2 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/traffic_ops/traffic_ops_golang/deliveryservice/deliveryservices.go
b/traffic_ops/traffic_ops_golang/deliveryservice/deliveryservices.go
index 4de8059..744cbae 100644
--- a/traffic_ops/traffic_ops_golang/deliveryservice/deliveryservices.go
+++ b/traffic_ops/traffic_ops_golang/deliveryservice/deliveryservices.go
@@ -357,8 +357,8 @@ func createV15(w http.ResponseWriter, r *http.Request, inf
*api.APIInfo, reqDS t
}
if dnssecEnabled {
- if err := PutDNSSecKeys(tx, cfg, *ds.XMLID, cdnName,
ds.ExampleURLs); err != nil {
- return nil, http.StatusInternalServerError, nil,
errors.New("creating DNSSEC keys: " + err.Error())
+ if userErr, sysErr, statusCode := PutDNSSecKeys(tx, cfg,
*ds.XMLID, cdnName, ds.ExampleURLs); userErr != nil || sysErr != nil {
+ return nil, statusCode, userErr, sysErr
}
}
diff --git a/traffic_ops/traffic_ops_golang/deliveryservice/dnssec.go
b/traffic_ops/traffic_ops_golang/deliveryservice/dnssec.go
index 312e7ec..94852a1 100644
--- a/traffic_ops/traffic_ops_golang/deliveryservice/dnssec.go
+++ b/traffic_ops/traffic_ops_golang/deliveryservice/dnssec.go
@@ -24,6 +24,7 @@ import (
"encoding/base64"
"errors"
"fmt"
+ "net/http"
"strconv"
"strings"
"time"
@@ -35,30 +36,30 @@ import (
"github.com/miekg/dns"
)
-func PutDNSSecKeys(tx *sql.Tx, cfg *config.Config, xmlID string, cdnName
string, exampleURLs []string) error {
+func PutDNSSecKeys(tx *sql.Tx, cfg *config.Config, xmlID string, cdnName
string, exampleURLs []string) (error, error, int) {
keys, ok, err := riaksvc.GetDNSSECKeys(cdnName, tx,
cfg.RiakAuthOptions, cfg.RiakPort)
if err != nil {
- return errors.New("getting DNSSec keys from Riak: " +
err.Error())
+ return nil, errors.New("getting DNSSec keys from Riak: " +
err.Error()), http.StatusInternalServerError
} else if !ok {
- return errors.New("getting DNSSec keys from Riak: no DNSSec
keys found")
+ return fmt.Errorf("there are no DNSSec keys for the CDN %s
which is required to create keys for the deliveryservice", cdnName), nil,
http.StatusBadRequest
}
cdnKeys, ok := keys[cdnName]
// TODO warn and continue?
if !ok {
- return errors.New("getting DNSSec keys from Riak: no DNSSec
keys for CDN")
+ return fmt.Errorf("there are no DNSSec keys for the CDN %s
which is required to create keys for the deliveryservice", cdnName), nil,
http.StatusBadRequest
}
kExp := getKeyExpiration(cdnKeys.KSK, dnssecDefaultKSKExpiration)
zExp := getKeyExpiration(cdnKeys.ZSK, dnssecDefaultZSKExpiration)
overrideTTL := false
dsKeys, err := CreateDNSSECKeys(tx, cfg, xmlID, exampleURLs, cdnKeys,
kExp, zExp, dnssecDefaultTTL, overrideTTL)
if err != nil {
- return errors.New("creating DNSSEC keys for delivery service '"
+ xmlID + "': " + err.Error())
+ return nil, errors.New("creating DNSSEC keys for delivery
service '" + xmlID + "': " + err.Error()), http.StatusInternalServerError
}
keys[xmlID] = dsKeys
if err := riaksvc.PutDNSSECKeys(keys, cdnName, tx, cfg.RiakAuthOptions,
cfg.RiakPort); err != nil {
- return errors.New("putting Riak DNSSEC keys: " + err.Error())
+ return nil, errors.New("putting Riak DNSSEC keys: " +
err.Error()), http.StatusInternalServerError
}
- return nil
+ return nil, nil, http.StatusOK
}
// CreateDNSSECKeys creates DNSSEC keys for the given delivery service,
updating existing keys if they exist. The overrideTTL parameter determines
whether to reuse existing key TTLs if they exist, or to override existing TTLs
with the ttl parameter's value.
