From 7daa3d4339795545cb89bc893d1afd3a00abf506 Mon Sep 17 00:00:00 2001 From: Anurag Mittal Date: Tue, 4 Jun 2024 14:00:32 +0200 Subject: [PATCH 1/3] OSIS-149: update-assumeRole-backbeat-error --- .../scality/osis/service/impl/ScalityOsisServiceImpl.java | 7 +++---- .../main/java/com/scality/osis/utils/ScalityConstants.java | 4 +--- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/osis-core/src/main/java/com/scality/osis/service/impl/ScalityOsisServiceImpl.java b/osis-core/src/main/java/com/scality/osis/service/impl/ScalityOsisServiceImpl.java index aed9fa8..6b5c713 100644 --- a/osis-core/src/main/java/com/scality/osis/service/impl/ScalityOsisServiceImpl.java +++ b/osis-core/src/main/java/com/scality/osis/service/impl/ScalityOsisServiceImpl.java @@ -1260,10 +1260,9 @@ public Credentials getCredentials(String accountID) { } catch (VaultServiceException e) { if (!StringUtils.isNullOrEmpty(e.getErrorCode()) && - NO_SUCH_ENTITY_ERR.equals(e.getErrorCode()) && - ROLE_DOES_NOT_EXIST_ERR.equals(e.getReason())) { - // If role does not exists, invoke setupAssumeRole - logger.error(ROLE_DOES_NOT_EXIST_ERR + ". Recreating the role"); + ACCESS_DENIED.equals(e.getErrorCode())) { + // if access denied, invoke setupAssumeRole + logger.error(e.getReason() + ". Recreating the role"); // Call get Account with Account ID to retrieve account name AccountData account = vaultAdmin.getAccount(ScalityModelConverter.toGetAccountRequestWithID(accountID)); asyncScalityOsisService.setupAssumeRole(accountID, account.getName()); diff --git a/osis-core/src/main/java/com/scality/osis/utils/ScalityConstants.java b/osis-core/src/main/java/com/scality/osis/utils/ScalityConstants.java index e536caf..630c8d1 100644 --- a/osis-core/src/main/java/com/scality/osis/utils/ScalityConstants.java +++ b/osis-core/src/main/java/com/scality/osis/utils/ScalityConstants.java @@ -56,9 +56,7 @@ private ScalityConstants() { public static final String IAM_PREFIX = "/"; - public static final String NO_SUCH_ENTITY_ERR = "NoSuchEntity"; - - public static final String ROLE_DOES_NOT_EXIST_ERR = "Role does not exist"; + public static final String ACCESS_DENIED = "AccessDenied"; public static final String NOT_AVAILABLE = "Not Available"; From 48607a003ec3a3d823a72898a95f79b939aecb67 Mon Sep 17 00:00:00 2001 From: Anurag Mittal Date: Tue, 4 Jun 2024 14:21:19 +0200 Subject: [PATCH 2/3] OSIS-149: update-unit-test --- .../scality/osis/service/impl/ScalityOsisServiceMiscTests.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/osis-core/src/test/java/com/scality/osis/service/impl/ScalityOsisServiceMiscTests.java b/osis-core/src/test/java/com/scality/osis/service/impl/ScalityOsisServiceMiscTests.java index 53984fe..30e5d00 100644 --- a/osis-core/src/test/java/com/scality/osis/service/impl/ScalityOsisServiceMiscTests.java +++ b/osis-core/src/test/java/com/scality/osis/service/impl/ScalityOsisServiceMiscTests.java @@ -339,7 +339,7 @@ void testGetCredentialsWithNoRole() { // Setup when(vaultAdminMock.getTempAccountCredentials(any(AssumeRoleRequest.class))) - .thenThrow(new VaultServiceException(HttpStatus.NOT_FOUND, "NoSuchEntity", "Role does not exist")) + .thenThrow(new VaultServiceException(HttpStatus.FORBIDDEN, "AccessDenied", "User: backbeat is not allowed to assume role")) .thenAnswer((Answer) invocation -> { final Credentials credentials = new Credentials(); credentials.setAccessKeyId(TEST_ACCESS_KEY); From 0e4fbb91fe7316e213bc75d53efdb4181c02ba07 Mon Sep 17 00:00:00 2001 From: Anurag Mittal Date: Tue, 4 Jun 2024 14:25:30 +0200 Subject: [PATCH 3/3] OSIS-149: bump-version-to-2.2.4 --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index fae98bc..019d43a 100644 --- a/build.gradle +++ b/build.gradle @@ -1,6 +1,6 @@ buildscript { ext { - osisVersion = '2.2.3' + osisVersion = '2.2.4' vaultclientVersion = '1.1.2' springBootVersion = '2.7.6' }