Merge pull request #25 from cyberark/log-for-config_20180707

add some logging when configuring the API, read ~/.netrc

.dockerignore

@@ -1,2 +1,3 @@
 .git
 output/
+vendor/

.gitignore

@@ -1 +1,2 @@
-output/
+/output/
+/vendor/

CHANGELOG.md

@@ -1,3 +1,15 @@
+# v0.3.2
+
+* Use github.com/sirupsen/logrus for logging.
+* When the log level for logrus is set to DebugLevel, show debug information, including:
+
+  * what configuration information is contained in each of the
+    locations (e.g. the environment, config files, etc), as well as
+    the final configuration
+
+  * the HTTP request sent to, and the responses received from, the Conjur server
+
+
 # v0.3.1
 
 * Make `CONJUR_VERSION` an alias for `CONJUR_MAJOR_VERSION` to match other client libraries.

Dockerfile

@@ -1,13 +1,16 @@
-FROM golang:1.8
+FROM golang:1.10
 MAINTAINER Conjur Inc.
 
 RUN go get -u github.com/jstemmer/go-junit-report
 RUN go get -u github.com/golang/dep/cmd/dep
 RUN go get github.com/smartystreets/goconvey
-RUN apt-get update && apt-get install jq
+RUN apt-get update && apt-get install -y jq less vim
 
 WORKDIR /go/src/github.com/cyberark/conjur-api-go
 
+COPY Gopkg.toml Gopkg.lock ./
+RUN dep ensure --vendor-only
+
 COPY . .
 
 ENV GOOS=linux

VERSION

@@ -0,0 +1 @@
+0.3.2

_setup.sh

@@ -1,18 +1,34 @@
 #!/bin/bash -ex
 
+# This bug in the current version of compose causes problems in
+# Jenkins:
+# https://github.com/docker/compose/issues/5929. docker-compose will
+# malfunction if it's run in a directory that has a name starting with
+# '_' or '-'. Until we get the fix, set COMPOSE_PROJECT_NAME
+export COMPOSE_PROJECT_NAME="$(basename $PWD | sed 's/^[_-]*\(.*\)/\1/')"
+
+exec_on() {
+  local container="$1"; shift
+
+  docker exec "$(docker-compose ps -q $container)" "$@"
+}
+
 # Build test container & start the cluster
 docker-compose pull conjur cuke-master
 docker-compose build
-docker-compose up -d
-docker-compose exec -T test ./wait_for_server.sh
 
-api_key=$(docker-compose exec -T conjur conjurctl role retrieve-key cucumber:user:admin | tr -d '\r')
+CONJUR_DATA_KEY="$(docker-compose run -T --no-deps conjur data-key generate)" \
+  docker-compose up --no-deps -d postgres conjur cuke-master
+exec_on conjur conjurctl wait
+exec_on cuke-master /opt/conjur/evoke/bin/wait_for_conjur
+
+api_key=$(exec_on conjur conjurctl role retrieve-key cucumber:user:admin | tr -d '\r')
 
-docker-compose exec -T cuke-master bash -c "conjur authn login -u admin -p secret"
-docker-compose exec -T cuke-master bash -c "conjur user create --as-group security_admin alice"
-docker-compose exec -T cuke-master bash -c "conjur variable create existent-variable-with-undefined-value"
-docker-compose exec -T cuke-master bash -c "conjur variable create existent-variable-with-defined-value"
-docker-compose exec -T cuke-master bash -c "conjur variable values add existent-variable-with-defined-value existent-variable-defined-value"
+exec_on cuke-master bash -c 'conjur authn login -u admin -p secret'
+exec_on cuke-master conjur user create --as-group security_admin alice
+exec_on cuke-master conjur variable create existent-variable-with-undefined-value
+exec_on cuke-master conjur variable create existent-variable-with-defined-value
+exec_on cuke-master conjur variable values add existent-variable-with-defined-value existent-variable-defined-value
 
-api_key_v4=$(docker-compose exec -T cuke-master bash -c "conjur user rotate_api_key")
-ssl_cert_v4=$(docker-compose exec -T cuke-master bash -c "cat /opt/conjur/etc/ssl/ca.pem")
+api_key_v4=$(exec_on cuke-master conjur user rotate_api_key)
+ssl_cert_v4=$(exec_on cuke-master cat /opt/conjur/etc/ssl/ca.pem)

conjurapi/authn/token_file_authenticator_test.go

@@ -14,6 +14,7 @@ func TestTokenFileAuthenticator_RefreshToken(t *testing.T) {
 		token_file_name := token_file.Name()
 		token_file_contents := "token-from-file-contents"
 		token_file.Write([]byte(token_file_contents))
+		token_file.Close()
 		defer os.Remove(token_file_name)
 
 		Convey("Return the token from the file", func() {

conjurapi/client.go

@@ -13,6 +13,7 @@ import (
 
 	"github.com/bgentry/go-netrc/netrc"
 	"github.com/cyberark/conjur-api-go/conjurapi/authn"
+	log "github.com/sirupsen/logrus"
 )
 
 type Authenticator interface {
@@ -134,6 +135,7 @@ func (c *Client) SubmitRequest(req *http.Request) (resp *http.Response, err erro
 		return
 	}
 
+	log.Debugf("req: %+v\n", req)
 	resp, err = c.httpClient.Do(req)
 	if err != nil {
 		return

conjurapi/config.go

@@ -5,6 +5,8 @@ import (
 	"io/ioutil"
 	"os"
 	"strings"
+
+	log "github.com/sirupsen/logrus"
 	"gopkg.in/yaml.v1"
 )
 
@@ -22,17 +24,19 @@ func (c *Config) validate() error {
 	errors := []string{}
 
 	if c.ApplianceURL == "" {
-		errors = append(errors, fmt.Sprintf("Must specify an ApplianceURL in %v", c))
+		errors = append(errors, "Must specify an ApplianceURL")
 	}
 
 	if c.Account == "" {
-		errors = append(errors, fmt.Sprintf("Must specify an Account in %v", c))
+		errors = append(errors, "Must specify an Account")
 	}
 
 	c.Https = c.SSLCertPath != "" || c.SSLCert != ""
 
 	if len(errors) == 0 {
 		return nil
+	} else if log.GetLevel() == log.DebugLevel {
+		errors = append(errors, fmt.Sprintf("config: %+v", c))
 	}
 	return fmt.Errorf("%s", strings.Join(errors, " -- "))
 }
@@ -76,18 +80,20 @@ func (c *Config) mergeYAML(filename string) {
 	buf, err := ioutil.ReadFile(filename)
 
 	if err != nil {
+		log.Debugf("Failed reading %s, %v\n", filename, err)
 		return
 	}
 
 	aux := struct {
 		ConjurVersion string `yaml:"version"`
-		Config `yaml:",inline"`
+		Config        `yaml:",inline"`
 	}{}
 	if err := yaml.Unmarshal(buf, &aux); err != nil {
 		return
 	}
 	aux.Config.V4 = aux.ConjurVersion == "4"
 
+	log.Debugf("Config from %s: %+v\n", filename, aux.Config)
 	c.merge(&aux.Config)
 }
 
@@ -103,27 +109,25 @@ func (c *Config) mergeEnv() {
 		V4:           majorVersion4,
 	}
 
+	log.Debugf("Config from environment: %+v\n", env)
 	c.merge(&env)
 }
 
 func LoadConfig() Config {
-	config := Config{}
+	// Default to using ~/.netrc, subsequent configuration can
+	// override it.
+	config := Config{NetRCPath: os.ExpandEnv("$HOME/.netrc")}
 
 	config.mergeYAML("/etc/conjur.conf")
 
 	conjurrc := os.Getenv("CONJURRC")
-
-	if conjurrc != "" {
-		config.mergeYAML(conjurrc)
-	} else {
-		path := os.ExpandEnv("$HOME/.conjurrc")
-		config.mergeYAML(path)
-
-		path = os.ExpandEnv("$PWD/.conjurrc")
-		config.mergeYAML(path)
+	if conjurrc == "" {
+		conjurrc = os.ExpandEnv("$HOME/.conjurrc")
 	}
+	config.mergeYAML(conjurrc)
 
 	config.mergeEnv()
 
+	log.Debugf("Final config: %+v\n", config)
 	return config
 }

conjurapi/config_test.go

@@ -1,11 +1,11 @@
 package conjurapi
 
 import (
+	"fmt"
 	. "github.com/smartystreets/goconvey/convey"
+	"io/ioutil"
 	"os"
 	"testing"
-	"io/ioutil"
-	"fmt"
 )
 
 func TempFileForTesting(prefix string, fileContents string) (string, error) {
@@ -81,6 +81,25 @@ var versiontests = []struct {
 }
 
 func TestConfig_mergeYAML(t *testing.T) {
+	Convey("No other netrc specified", t, func() {
+		e := ClearEnv()
+		defer e.RestoreEnv()
+
+		os.Setenv("HOME", "/Users/conjuruser")
+		os.Setenv("CONJUR_ACCOUNT", "account")
+		os.Setenv("CONJUR_APPLIANCE_URL", "appliance-url")
+
+		Convey("Uses $HOME/.netrc by deafult", func() {
+			config := LoadConfig()
+
+			So(config, ShouldResemble, Config{
+				Account:      "account",
+				ApplianceURL: "appliance-url",
+				NetRCPath:    "/Users/conjuruser/.netrc",
+			})
+		})
+	})
+
 	for index, versiontest := range versiontests {
 		Convey(fmt.Sprintf("Given a filled conjurrc file with %s", versiontest.label), t, func() {
 			conjurrcFileContents := fmt.Sprintf(`

conjurapi/response/error.go

@@ -5,6 +5,8 @@ import (
 	"io/ioutil"
 	"net/http"
 	"strings"
+
+	log "github.com/sirupsen/logrus"
 )
 
 type ConjurError struct {
@@ -33,13 +35,27 @@ func NewConjurError(resp *http.Response) error {
 	if err != nil {
 		cerr.Message = strings.TrimSpace(string(body))
 	}
+
+	// If the body's empty, use the HTTP status as the message
+	if cerr.Message == "" {
+		cerr.Message = resp.Status
+	}
+
 	return &cerr
 }
 
 func (self *ConjurError) Error() string {
+	log.Debugf("self.Details: %+v, self.Message: %+v\n", self.Details, self.Message)
+
+	var b strings.Builder
+
+	if self.Message != "" {
+		b.WriteString(self.Message + ". ")
+	}
+
 	if self.Details != nil && self.Details.Message != "" {
-		return self.Details.Message
-	} else {
-		return self.Message
+		b.WriteString(self.Details.Message + ".")
 	}
+
+	return b.String()
 }