Merge pull request #56 from dependabot/jurre/credential-errors

Report specific type of error when credentials can't be fetched
github · Dec 17, 2021 · a60a3de · a60a3de
2 parents 935d321 + 28a99c0
commit a60a3de
Show file tree

Hide file tree

Showing 5 changed files with 95 additions and 33 deletions.
diff --git a/__tests__/api_client.test.ts b/__tests__/api_client.test.ts
@@ -1,5 +1,5 @@
 import * as core from '@actions/core'
-import {ApiClient} from '../src/api-client'
+import {ApiClient, CredentialFetchingError} from '../src/api-client'
 
 describe('ApiClient', () => {
   const mockAxios: any = {
@@ -88,4 +88,26 @@ describe('ApiClient', () => {
     expect(core.setSecret).toHaveBeenCalledWith('qux-password')
     expect(core.setSecret).toHaveBeenCalledWith('qux-token')
   })
+
+  test('job credentials errors', async () => {
+    const apiResponse = {
+      errors: [
+        {
+          status: 422,
+          title: 'Secret Not Found',
+          detail: 'MISSING_SECRET_NAME'
+        }
+      ]
+    }
+
+    mockAxios.get.mockRejectedValue({
+      isAxiosError: true,
+      response: {status: 422, data: apiResponse}
+    })
+    await expect(api.getCredentials()).rejects.toThrowError(
+      new CredentialFetchingError(
+        'fetching credentials: received code 422: {"errors":[{"status":422,"title":"Secret Not Found","detail":"MISSING_SECRET_NAME"}]}'
+      )
+    )
+  })
 })
diff --git a/dist/main/index.js b/dist/main/index.js
diff --git a/dist/main/index.js.map b/dist/main/index.js.map
diff --git a/src/api-client.ts b/src/api-client.ts
@@ -1,5 +1,5 @@
 import * as core from '@actions/core'
-import {AxiosInstance} from 'axios'
+import axios, {AxiosInstance} from 'axios'
 import {JobParameters} from './inputs'
 
 // JobDetails are information about the repository and dependencies to be updated
@@ -26,6 +26,8 @@ export type Credential = {
   token?: string
 }
 
+export class CredentialFetchingError extends Error {}
+
 export class ApiClient {
   constructor(
     private readonly client: AxiosInstance,
@@ -52,24 +54,34 @@ export class ApiClient {
 
   async getCredentials(): Promise<Credential[]> {
     const credentialsURL = `/update_jobs/${this.params.jobId}/credentials`
-    const res: any = await this.client.get(credentialsURL, {
-      headers: {Authorization: this.params.credentialsToken}
-    })
-    if (res.status !== 200) {
-      throw new Error(`Unexpected status code: ${res.status}`)
-    }
+    try {
+      const res: any = await this.client.get(credentialsURL, {
+        headers: {Authorization: this.params.credentialsToken}
+      })
 
-    // Mask any secrets we've just retrieved from Actions logs
-    for (const credential of res.data.data.attributes.credentials) {
-      if (credential.password) {
-        core.setSecret(credential.password)
+      // Mask any secrets we've just retrieved from Actions logs
+      for (const credential of res.data.data.attributes.credentials) {
+        if (credential.password) {
+          core.setSecret(credential.password)
+        }
+        if (credential.token) {
+          core.setSecret(credential.token)
+        }
       }
-      if (credential.token) {
-        core.setSecret(credential.token)
+
+      return res.data.data.attributes.credentials
+    } catch (error) {
+      if (axios.isAxiosError(error)) {
+        const err = error
+        throw new CredentialFetchingError(
+          `fetching credentials: received code ${
+            err.response?.status
+          }: ${JSON.stringify(err.response?.data)}`
+        )
+      } else {
+        throw error
       }
     }
-
-    return res.data.data.attributes.credentials
   }
 
   async reportJobError(error: JobError): Promise<void> {

diff --git a/src/main.ts b/src/main.ts
@@ -4,7 +4,7 @@ import {Context} from '@actions/github/lib/context'
 import {getJobParameters} from './inputs'
 import {ImageService} from './image-service'
 import {Updater, UpdaterFetchError} from './updater'
-import {ApiClient} from './api-client'
+import {ApiClient, CredentialFetchingError} from './api-client'
 import axios from 'axios'
 
 export const UPDATER_IMAGE_NAME =
@@ -93,7 +93,13 @@ export async function run(context: Context): Promise<void> {
       }
       botSay('finished')
     } catch (error) {
-      await failJob(apiClient, error)
+      if (error instanceof CredentialFetchingError) {
+        core.error('Error retrieving update job credentials')
+        await failJob(apiClient, error, DependabotErrorType.UpdateRun)
+      } else {
+        await failJob(apiClient, error)
+      }
+
       return
     }
   } catch (error) {