netchecks icon indicating copy to clipboard operation
netchecks copied to clipboard
verified publisher icon hardbyte

Improve error messages

Open hardbyte opened this issue 2 years ago • 0 comments

Currently an invalid NetworkAssertion can be applied to a cluster and an error event is associated with the resource:

For example, leaving off the path in a secret volume projection Items:

Handler 'creation' failed with an exception. Will retry. Traceback (most recent call last): File "/home/brian/.cache/pypoetry/virtualenvs/netcheck-operator-A1Zto0ba-py3.11/lib/python3.11/site-packages/kopf/_core/actions/execution.py", line 276, in execute_handler_once result = await invoke_handler( ^^^^^^^^^^^^^^^^^^^^^ File "/home/brian/.cache/pypoetry/virtualenvs/netcheck-operator-A1Zto0ba-py3.11/lib/python3.11/site-packages/kopf/_core/actions/execution.py", line 371, in invoke_handl...lumes[1].secret.items[0].path: Required value, spec.template.spec.containers[0].volumeMounts[1].name: Not found: \"somecontext\"]","reason":"Invalid","details":{"name":"http-with-external-secret-data","group":"batch","kind":"Job","causes":[{"reason":"FieldValueRequired","message":"Required value","field":"spec.template.spec.volumes[1].secret.items[0].path"},{"reason":"FieldValueNotFound","message":"Not found: \"somecontext\"","field":"spec.template.spec.containers[0].volumeMounts[1].name"}]},"code":422}

Kopf also adds status information to the NetworkAssertion resource:

status:
  kopf:
    progress:
      creation:
        delayed: '2023-06-01T21:55:11.104245'
        failure: false
        message: >+
          (422)

          Reason: Unprocessable Entity

          HTTP response headers: HTTPHeaderDict({'Audit-Id':
          'd4766624-951e-4e92-bffe-79b12ec8e2ea', 'Cache-Control': 'no-cache,
          private', 'Content-Type': 'application/json',
          'X-Kubernetes-Pf-Flowschema-Uid':
          'b7fe9208-0b6a-4b16-88fd-9f0110a73375',
          'X-Kubernetes-Pf-Prioritylevel-Uid':
          '2a031122-adc7-4705-ac5a-396a7b4d679a', 'Date': 'Thu, 01 Jun 2023
          21:54:11 GMT', 'Content-Length': '667'})

          HTTP response body:
          {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Job.batch
          \"http-with-external-secret-data\" is invalid:
          [spec.template.spec.volumes[1].secret.items[0].path: Required value,
          spec.template.spec.containers[0].volumeMounts[1].name: Not found:
          \"somecontext\"]","reason":"Invalid","details":{"name":"http-with-external-secret-data","group":"batch","kind":"Job","causes":[{"reason":"FieldValueRequired","message":"Required
          value","field":"spec.template.spec.volumes[1].secret.items[0].path"},{"reason":"FieldValueNotFound","message":"Not
          found:
          \"somecontext\"","field":"spec.template.spec.containers[0].volumeMounts[1].name"}]},"code":422}

        purpose: create
        retries: 2
        started: '2023-06-01T21:53:10.897556'
        success: false

The CRD could include better schema information to allow the validation to occur earlier.

hardbyte avatar Jun 01 '23 21:06 hardbyte