From fed72ded0d137a76edec7261d58232e08c403738 Mon Sep 17 00:00:00 2001 From: Christopher Boumenot Date: Tue, 28 Jun 2016 17:20:15 -0700 Subject: [PATCH] azure: handle non-OK responses for key vault Check the response when fetching a secret from KeyVault. Any non-OK (200) are considered to be an error. This will provide a more informed error message for the user. --- builder/azure/arm/step_get_certificate.go | 4 ---- builder/azure/common/vault.go | 10 ++++++++++ 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/builder/azure/arm/step_get_certificate.go b/builder/azure/arm/step_get_certificate.go index 5f9554aab..22403ea94 100644 --- a/builder/azure/arm/step_get_certificate.go +++ b/builder/azure/arm/step_get_certificate.go @@ -39,10 +39,6 @@ func (s *StepGetCertificate) getCertificateUrl(keyVaultName string, secretName s return "", err } - if secret == nil || secret.ID == nil { - return "", fmt.Errorf("certificate is nil") - } - return *secret.ID, err } diff --git a/builder/azure/common/vault.go b/builder/azure/common/vault.go index 94f6d3503..3ab48c692 100644 --- a/builder/azure/common/vault.go +++ b/builder/azure/common/vault.go @@ -7,6 +7,7 @@ package common import ( + "fmt" "net/http" "strings" @@ -60,6 +61,15 @@ func (client *VaultClient) GetSecret(vaultName, secretName string) (*Secret, err return nil, err } + if resp.StatusCode != 200 { + return nil, fmt.Errorf( + "Failed to fetch secret from %s/%s, HTTP status code=%d (%s)", + vaultName, + secretName, + resp.StatusCode, + http.StatusText(resp.StatusCode)) + } + var secret Secret err = autorest.Respond(