diff --git a/go/daemon/daemon.go b/go/daemon/daemon.go index 633d91b..df9170f 100644 --- a/go/daemon/daemon.go +++ b/go/daemon/daemon.go @@ -115,6 +115,7 @@ func New( // // Errors: // - network.ErrInvalidConfig +// - ErrAlreadyJoined func (d *Daemon) CreateNetwork( ctx context.Context, name, domain string, ipNet nebula.IPNet, hostName nebula.HostName, diff --git a/go/daemon/network/errors.go b/go/daemon/network/errors.go index 3327735..5959aa8 100644 --- a/go/daemon/network/errors.go +++ b/go/daemon/network/errors.go @@ -10,6 +10,7 @@ const ( errCodeInvalidConfig errCodeHostNotFound errCodeIPInUse + errCodeSecretNotFound ) var ( @@ -30,4 +31,8 @@ var ( // ErrIPInUse is returned when performing an operation which was provided an // IP already in use by another host in the network. ErrIPInUse = jsonrpc2.NewError(errCodeIPInUse, "IP in use") + + // ErrSecretNotFound is returned when a secret was required to perform some + // action, but the secret is not found in the secret store. + ErrSecretNotFound = jsonrpc2.NewError(errCodeSecretNotFound, "Secret not found") ) diff --git a/go/daemon/network/network.go b/go/daemon/network/network.go index c00046c..3f2a495 100644 --- a/go/daemon/network/network.go +++ b/go/daemon/network/network.go @@ -85,6 +85,7 @@ type RPC interface { // Errors: // - ErrIPInUse - if IP field of CreateHostOpts is given, and already in use // by another host in the network. + // - ErrSecretNotFound - This Network doesn't have the CA signing key. CreateHost( context.Context, nebula.HostName, CreateHostOpts, ) ( @@ -97,6 +98,7 @@ type RPC interface { // // Errors: // - ErrHostNotFound + // - ErrSecretNotFound - This Network doesn't have the CA signing key. CreateNebulaCertificate( context.Context, nebula.HostName, nebula.EncryptingPublicKey, ) ( @@ -907,6 +909,9 @@ func (n *network) CreateHost( ctx, n.secretsStore, ) if err != nil { + if errors.Is(err, secrets.ErrNotFound) { + err = ErrSecretNotFound + } return JoiningBootstrap{}, fmt.Errorf("getting CA signing key: %w", err) } @@ -977,6 +982,9 @@ func (n *network) CreateNebulaCertificate( ctx, n.secretsStore, ) if err != nil { + if errors.Is(err, secrets.ErrNotFound) { + err = ErrSecretNotFound + } return nebula.Certificate{}, fmt.Errorf("getting CA signing key: %w", err) } diff --git a/tasks/v0.0.3/code/audit-error-docs.md b/tasks/v0.0.3/code/audit-error-docs.md deleted file mode 100644 index e73d43f..0000000 --- a/tasks/v0.0.3/code/audit-error-docs.md +++ /dev/null @@ -1,12 +0,0 @@ ---- -type: task ---- - -# Audit Error Code Documentation - -Audit all code for RPC methods in both `daemon` and `daemon/network`, ensuring -that all error codes which can be returned are properly documented, and that all -errors which should have an error code have one. - -`CreateNebulaCertificate` should return a specific error for if the CA root key -secret couldn't be found.