forked from getsops/sops
-
Notifications
You must be signed in to change notification settings - Fork 0
/
usererrors.go
164 lines (146 loc) · 4.34 KB
/
usererrors.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
package sops
import (
"fmt"
"io/ioutil"
"strings"
"github.com/fatih/color"
"github.com/goware/prefixer"
wordwrap "github.com/mitchellh/go-wordwrap"
)
// UserError is a well-formatted error for the purpose of being displayed to
// the end user.
type UserError interface {
error
UserError() string
}
var statusSuccess = color.New(color.FgGreen).Sprint("SUCCESS")
var statusFailed = color.New(color.FgRed).Sprint("FAILED")
type getDataKeyError struct {
RequiredSuccessfulKeyGroups int
GroupResults []error
}
func (err *getDataKeyError) successfulKeyGroups() int {
n := 0
for _, r := range err.GroupResults {
if r == nil {
n++
}
}
return n
}
func (err *getDataKeyError) Error() string {
return fmt.Sprintf("Error getting data key: %d successful groups "+
"required, got %d", err.RequiredSuccessfulKeyGroups,
err.successfulKeyGroups())
}
func (err *getDataKeyError) UserError() string {
var groupErrs []string
for i, res := range err.GroupResults {
groupErr := decryptGroupError{
err: res,
groupName: fmt.Sprintf("%d", i),
}
groupErrs = append(groupErrs, groupErr.UserError())
}
var trailer string
if err.RequiredSuccessfulKeyGroups == 0 {
trailer = "Recovery failed because no master key was able to decrypt " +
"the file. In order for SOPS to recover the file, at least one key " +
"has to be successful, but none were."
} else {
trailer = fmt.Sprintf("Recovery failed because the file was "+
"encrypted with a Shamir threshold of %d, but only %d part(s) "+
"were successfully recovered, one for each successful key group. "+
"In order for SOPS to recover the file, at least %d groups have "+
"to be successful. In order for a group to be successful, "+
"decryption has to succeed with any of the keys in that key group.",
err.RequiredSuccessfulKeyGroups, err.successfulKeyGroups(),
err.RequiredSuccessfulKeyGroups)
}
trailer = wordwrap.WrapString(trailer, 75)
return fmt.Sprintf("Failed to get the data key required to "+
"decrypt the SOPS file.\n\n%s\n\n%s",
strings.Join(groupErrs, "\n\n"), trailer)
}
type decryptGroupError struct {
groupName string
err error
}
func (r *decryptGroupError) Error() string {
return fmt.Sprintf("could not decrypt group %s: %s", r.groupName, r.err)
}
func (r *decryptGroupError) UserError() string {
var status string
if r.err == nil {
status = statusSuccess
} else {
status = statusFailed
}
header := fmt.Sprintf(`Group %s: %s`, r.groupName, status)
if r.err == nil {
return header
}
message := r.err.Error()
if userError, ok := r.err.(UserError); ok {
message = userError.UserError()
}
reader := prefixer.New(strings.NewReader(message), " ")
// Safe to ignore this error, as reading from a strings.Reader can't fail
errMsg, _ := ioutil.ReadAll(reader)
return fmt.Sprintf("%s\n%s", header, string(errMsg))
}
type decryptKeyErrors []error
func (e decryptKeyErrors) Error() string {
return fmt.Sprintf("error decrypting key: %s", []error(e))
}
func (e decryptKeyErrors) UserError() string {
var errStrs []string
for _, err := range []error(e) {
if userErr, ok := err.(UserError); ok {
errStrs = append(errStrs, userErr.UserError())
} else {
errStrs = append(errStrs, err.Error())
}
}
return strings.Join(errStrs, "\n\n")
}
type decryptKeyError struct {
keyName string
errs []error
}
func (e *decryptKeyError) isSuccessful() bool {
for _, err := range e.errs {
if err == nil {
return true
}
}
return false
}
func (e *decryptKeyError) Error() string {
return fmt.Sprintf("error decrypting key %s: %s", e.keyName, e.errs)
}
func (e *decryptKeyError) UserError() string {
var status string
if e.isSuccessful() {
status = statusSuccess
} else {
status = statusFailed
}
header := fmt.Sprintf("%s: %s", e.keyName, status)
if e.isSuccessful() {
return header
}
var errMessages []string
for _, err := range e.errs {
wrappedErr := wordwrap.WrapString(err.Error(), 60)
reader := prefixer.New(strings.NewReader(wrappedErr), " | ")
// Safe to ignore this error, as reading from a strings.Reader can't fail
errMsg, _ := ioutil.ReadAll(reader)
errMsg[0] = '-'
errMessages = append(errMessages, string(errMsg))
}
joinedMsgs := strings.Join(errMessages, "\n\n")
reader := prefixer.New(strings.NewReader(joinedMsgs), " ")
errMsg, _ := ioutil.ReadAll(reader)
return fmt.Sprintf("%s\n%s", header, string(errMsg))
}