You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
fix: flatten errors correctly for directory based CSAF providers (#76)
## What
Flatten errors correctly for directory based CSAF poviders.
Aligned error structure for directory based CSAF poviders. Previously
`errors.FlattenError` did only support ROLIE feed based csaf providers
as this feature was only targeted at restricted CSAF sources which are
always ROLIE feed based.
This was not clearly enough stated in the function doc comment which can
easily lead to incorrect results when using this function with directory
based CSAF providers. In this case `errors.FlattenError` was a no-op
just returning the original error.
## Why
We want to support fine grained error handling also for directory based
CSAF providers and avoid traps for the caller of `errors.FlattenError`.
The caller usually won't know if the CSAF provider is ROLIE or directory
based, unless it is a restricted CSAF provider which rules out the
latter case. Thus this would make it hard to rely on the output.
errorCh<- csafErrs.ErrInvalidCredentials{Message: fmt.Sprintf("invalid credentials to retrieve CSAF document %s at URL %s: %s", filename, file.URL(), resp.Status)}
495
+
caseresp.StatusCode==http.StatusForbidden:
496
+
// if we have access to the feed containing the document, we also must have access to itself, otherwise this indicates a problem with the provider
497
+
errorCh<- csafErrs.ErrCsafProviderIssue{Message: fmt.Sprintf("access denied to CSAF document %s at URL %s: %s", filename, file.URL(), resp.Status)}
495
498
caseresp.StatusCode==http.StatusNotFound:
496
499
errorCh<- csafErrs.ErrCsafProviderIssue{Message: fmt.Sprintf("could not find CSAF document %s listed in table of content at URL %s: %s ", filename, file.URL(), resp.Status)}
497
500
caseresp.StatusCode>=500:
498
-
errorCh<-fmt.Errorf("could not retrieve CSAF document %s at URL %s: %s %w", filename, file.URL(), resp.Status, csafErrs.ErrRetryable) // mark as retryable error
499
-
default:
501
+
providerErr:= csafErrs.ErrCsafProviderIssue{Message: fmt.Sprintf("could not retrieve CSAF document %s at URL %s: %s", filename, file.URL(), resp.Status)}
502
+
errorCh<-fmt.Errorf("%w %w", providerErr, csafErrs.ErrRetryable) // mark error as retryable as failure for server side errors are often temporary
503
+
default: // client error or fringe case
500
504
errorCh<-fmt.Errorf("could not retrieve CSAF document %s at URL %s: %s", filename, file.URL(), resp.Status)
feedErrs=append(feedErrs, errs.ErrInvalidCredentials{Message: fmt.Sprintf("invalid credentials for TLP:%s ROLIE feed at %s: %s", label, feedURL.String(), res.Status)})
323
-
caseres.StatusCode==http.StatusNotFound:
324
-
feedErrs=append(feedErrs, errs.ErrCsafProviderIssue{Message: fmt.Sprintf("could not find TLP:%s ROLIE feed at %s: %s", label, feedURL.String(), res.Status)})
325
339
caseres.StatusCode==http.StatusForbidden:
326
340
// user has insufficient permissions to access feed, no error
327
-
caseres.StatusCode>500:
328
-
feedErrs=append(feedErrs, fmt.Errorf("could not retrieve TLP:%s ROLIE feed at %s: %s %w", label, feedURL.String(), res.Status, errs.ErrRetryable)) // mark error as retryable
329
-
default:
341
+
caseres.StatusCode==http.StatusNotFound:
342
+
feedErrs=append(feedErrs, errs.ErrCsafProviderIssue{Message: fmt.Sprintf("could not find TLP:%s ROLIE feed at %s: %s", label, feedURL.String(), res.Status)})
343
+
caseres.StatusCode>=500:
344
+
providerErr:= errs.ErrCsafProviderIssue{Message: fmt.Sprintf("could not retrieve TLP:%s ROLIE feed at %s: %s", label, feedURL.String(), res.Status)}
345
+
feedErrs=append(feedErrs, fmt.Errorf("%w %w", providerErr, errs.ErrRetryable)) // mark error as retryable as failure for server side errors are often temporary
346
+
default: // client error or fringe case
330
347
feedErrs=append(feedErrs, fmt.Errorf("could not retrieve TLP:%s ROLIE feed at %s: %s", label, feedURL.String(), res.Status))
0 commit comments