From c2e5d8c2c8929f1089bba3ac47551084ae2fbf95 Mon Sep 17 00:00:00 2001 From: Maggie Dreyer Date: Wed, 28 Nov 2018 15:57:11 -0800 Subject: [PATCH 1/2] Revert "Remove option for not raising exceptions for now." This reverts commit 5e5ed917a549323ff8f730f7df9cfdc481f6fa51, putting back the option to prevent exceptions from being raised. --- lib/puppet/functions/vault_lookup/lookup.rb | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/lib/puppet/functions/vault_lookup/lookup.rb b/lib/puppet/functions/vault_lookup/lookup.rb index f748d65..5106cb9 100644 --- a/lib/puppet/functions/vault_lookup/lookup.rb +++ b/lib/puppet/functions/vault_lookup/lookup.rb @@ -2,9 +2,21 @@ dispatch :lookup do param 'String', :path optional_param 'String', :vault_url + optional_param 'Boolean', :raise_exceptions end - def lookup(path, vault_url = nil) + def lookup(path, vault_url = nil, raise_exceptions = true) + _lookup(path, vault_url) + rescue StandardError => e + raise if raise_exceptions + + Puppet.err(e.message) + nil + end + + private + + def _lookup(path, vault_url) if vault_url.nil? Puppet.debug 'No Vault address was set on function, defaulting to value from VAULT_ADDR env value' vault_url = ENV['VAULT_ADDR'] @@ -38,8 +50,6 @@ def lookup(path, vault_url = nil) Puppet::Pops::Types::PSensitiveType::Sensitive.new(data) end - private - def get_auth_token(connection) response = connection.post('/v1/auth/cert/login', '') unless response.is_a?(Net::HTTPOK) From 9f7b6db1931a2acd42c4f83d6ea98cee833344bf Mon Sep 17 00:00:00 2001 From: Maggie Dreyer Date: Wed, 28 Nov 2018 16:07:36 -0800 Subject: [PATCH 2/2] Test the ability to disable raising exceptions --- spec/functions/lookup_spec.rb | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/spec/functions/lookup_spec.rb b/spec/functions/lookup_spec.rb index 415647e..6081abe 100644 --- a/spec/functions/lookup_spec.rb +++ b/spec/functions/lookup_spec.rb @@ -64,6 +64,13 @@ }.to raise_error(Puppet::Error, %r{No vault_url given and VAULT_ADDR env variable not set}) end + it 'returns nil instead of raising when raising is disabled' do + expect { + result = function.execute('/v1/whatever', 'vault.docker', false) + expect(result).to be(nil) + }.not_to raise_error + end + it 'raises a Puppet error when auth fails' do connection = instance_double('Puppet::Network::HTTP::Connection', address: 'vault.doesnotexist') expect(Puppet::Network::HttpPool).to receive(:http_instance).and_return(connection)