From 7913cb33cd9e0be7615fa65a5651e18aae92efc4 Mon Sep 17 00:00:00 2001 From: Anurag Mittal Date: Tue, 4 Jun 2024 14:00:32 +0200 Subject: [PATCH 1/3] OSIS-149: update-assumeRole-backbeat-error (cherry picked from commit 7daa3d4339795545cb89bc893d1afd3a00abf506) --- .../scality/osis/service/impl/ScalityOsisServiceImpl.java | 7 +++---- .../main/java/com/scality/osis/utils/ScalityConstants.java | 4 +--- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/osis-core/src/main/java/com/scality/osis/service/impl/ScalityOsisServiceImpl.java b/osis-core/src/main/java/com/scality/osis/service/impl/ScalityOsisServiceImpl.java index e735e71..147f6ad 100644 --- a/osis-core/src/main/java/com/scality/osis/service/impl/ScalityOsisServiceImpl.java +++ b/osis-core/src/main/java/com/scality/osis/service/impl/ScalityOsisServiceImpl.java @@ -1249,10 +1249,9 @@ public Credentials getCredentials(String accountID) { } catch (VaultServiceException e) { if (!StringUtils.isNullOrEmpty(e.getErrorCode()) && - NO_SUCH_ENTITY_ERR.equals(e.getErrorCode()) && - ROLE_DOES_NOT_EXIST_ERR.equals(e.getReason())) { - // If role does not exists, invoke setupAssumeRole - logger.error(ROLE_DOES_NOT_EXIST_ERR + ". Recreating the role"); + ACCESS_DENIED.equals(e.getErrorCode())) { + // if access denied, invoke setupAssumeRole + logger.error(e.getReason() + ". Recreating the role"); // Call get Account with Account ID to retrieve account name AccountData account = vaultAdmin.getAccount(ScalityModelConverter.toGetAccountRequestWithID(accountID)); asyncScalityOsisService.setupAssumeRole(accountID, account.getName()); diff --git a/osis-core/src/main/java/com/scality/osis/utils/ScalityConstants.java b/osis-core/src/main/java/com/scality/osis/utils/ScalityConstants.java index ee86a6b..36b6f84 100644 --- a/osis-core/src/main/java/com/scality/osis/utils/ScalityConstants.java +++ b/osis-core/src/main/java/com/scality/osis/utils/ScalityConstants.java @@ -56,9 +56,7 @@ private ScalityConstants() { public static final String IAM_PREFIX = "/"; - public static final String NO_SUCH_ENTITY_ERR = "NoSuchEntity"; - - public static final String ROLE_DOES_NOT_EXIST_ERR = "Role does not exist"; + public static final String ACCESS_DENIED = "AccessDenied"; public static final String NOT_AVAILABLE = "Not Available"; From 945c616bf14b9fc8c9ffe3cd0eb921e6571397c3 Mon Sep 17 00:00:00 2001 From: Anurag Mittal Date: Tue, 4 Jun 2024 14:21:19 +0200 Subject: [PATCH 2/3] OSIS-149: update-unit-test (cherry picked from commit 549c209acaea2472061363534f8461326006bfdc) --- .../scality/osis/service/impl/ScalityOsisServiceMiscTests.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/osis-core/src/test/java/com/scality/osis/service/impl/ScalityOsisServiceMiscTests.java b/osis-core/src/test/java/com/scality/osis/service/impl/ScalityOsisServiceMiscTests.java index b9e5b55..978b353 100644 --- a/osis-core/src/test/java/com/scality/osis/service/impl/ScalityOsisServiceMiscTests.java +++ b/osis-core/src/test/java/com/scality/osis/service/impl/ScalityOsisServiceMiscTests.java @@ -198,7 +198,7 @@ void testGetCredentialsWithNoRole() { // Setup when(vaultAdminMock.getTempAccountCredentials(any(AssumeRoleRequest.class))) - .thenThrow(new VaultServiceException(HttpStatus.NOT_FOUND, "NoSuchEntity", "Role does not exist")) + .thenThrow(new VaultServiceException(HttpStatus.FORBIDDEN, "AccessDenied", "User: backbeat is not allowed to assume role")) .thenAnswer((Answer) invocation -> { final Credentials credentials = new Credentials(); credentials.setAccessKeyId(TEST_ACCESS_KEY); From 553833d03f51cdbc4d7c4af1076f89c014a4a023 Mon Sep 17 00:00:00 2001 From: Anurag Mittal Date: Tue, 4 Jun 2024 14:27:18 +0200 Subject: [PATCH 3/3] OSIS-149: bump-version-to-2.1.5 --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index ac55c87..4df8e9b 100644 --- a/build.gradle +++ b/build.gradle @@ -1,6 +1,6 @@ buildscript { ext { - osisVersion = '2.1.4' + osisVersion = '2.1.5' vaultclientVersion = '1.1.2' springBootVersion = '2.7.6' }