backport of commit b19562db9a8c1b65ea660ed0d51aaf9498a9887d (#24025)
Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
This commit is contained in:
parent
03294624da
commit
2bf61de125
|
@ -467,7 +467,7 @@ func (ps *PolicyStore) GetNonEGPPolicyType(nsID string, name string) (*PolicyTyp
|
||||||
pt, ok := ps.policyTypeMap.Load(index)
|
pt, ok := ps.policyTypeMap.Load(index)
|
||||||
if !ok {
|
if !ok {
|
||||||
// Doesn't exist
|
// Doesn't exist
|
||||||
return nil, fmt.Errorf("policy does not exist in type map: %v", index)
|
return nil, ErrPolicyNotExistInTypeMap
|
||||||
}
|
}
|
||||||
|
|
||||||
policyType, ok := pt.(PolicyType)
|
policyType, ok := pt.(PolicyType)
|
||||||
|
|
|
@ -360,7 +360,7 @@ func TestPolicyStore_GetNonEGPPolicyType(t *testing.T) {
|
||||||
paramNamespace: "1AbcD",
|
paramNamespace: "1AbcD",
|
||||||
paramPolicyName: "policy1",
|
paramPolicyName: "policy1",
|
||||||
isErrorExpected: true,
|
isErrorExpected: true,
|
||||||
expectedErrorMessage: "policy does not exist in type map: 1AbcD/policy1",
|
expectedErrorMessage: "policy does not exist in type map",
|
||||||
},
|
},
|
||||||
"not-in-map-rgp": {
|
"not-in-map-rgp": {
|
||||||
policyStoreKey: "2WxyZ/policy2",
|
policyStoreKey: "2WxyZ/policy2",
|
||||||
|
@ -368,7 +368,7 @@ func TestPolicyStore_GetNonEGPPolicyType(t *testing.T) {
|
||||||
paramNamespace: "1AbcD",
|
paramNamespace: "1AbcD",
|
||||||
paramPolicyName: "policy1",
|
paramPolicyName: "policy1",
|
||||||
isErrorExpected: true,
|
isErrorExpected: true,
|
||||||
expectedErrorMessage: "policy does not exist in type map: 1AbcD/policy1",
|
expectedErrorMessage: "policy does not exist in type map",
|
||||||
},
|
},
|
||||||
"unknown-policy-type": {
|
"unknown-policy-type": {
|
||||||
policyStoreKey: "1AbcD/policy1",
|
policyStoreKey: "1AbcD/policy1",
|
||||||
|
|
|
@ -52,7 +52,8 @@ var (
|
||||||
// to complete, unless overridden on a per-handler basis
|
// to complete, unless overridden on a per-handler basis
|
||||||
DefaultMaxRequestDuration = 90 * time.Second
|
DefaultMaxRequestDuration = 90 * time.Second
|
||||||
|
|
||||||
ErrNoApplicablePolicies = errors.New("no applicable policies")
|
ErrNoApplicablePolicies = errors.New("no applicable policies")
|
||||||
|
ErrPolicyNotExistInTypeMap = errors.New("policy does not exist in type map")
|
||||||
|
|
||||||
egpDebugLogging bool
|
egpDebugLogging bool
|
||||||
|
|
||||||
|
@ -180,6 +181,13 @@ func (c *Core) getApplicableGroupPolicies(ctx context.Context, tokenNS *namespac
|
||||||
|
|
||||||
for _, policyName := range nsPolicies {
|
for _, policyName := range nsPolicies {
|
||||||
t, err := c.policyStore.GetNonEGPPolicyType(policyNS.ID, policyName)
|
t, err := c.policyStore.GetNonEGPPolicyType(policyNS.ID, policyName)
|
||||||
|
if err != nil && errors.Is(err, ErrPolicyNotExistInTypeMap) {
|
||||||
|
// When we attempt to get a non-EGP policy type, and receive an
|
||||||
|
// explicit error that it doesn't exist (in the type map) we log the
|
||||||
|
// ns/policy and continue without error.
|
||||||
|
c.Logger().Debug(fmt.Errorf("%w: %v/%v", err, policyNS.ID, policyName).Error())
|
||||||
|
continue
|
||||||
|
}
|
||||||
if err != nil || t == nil {
|
if err != nil || t == nil {
|
||||||
return nil, fmt.Errorf("failed to look up type of policy: %w", err)
|
return nil, fmt.Errorf("failed to look up type of policy: %w", err)
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue