consul icon indicating copy to clipboard operation
consul copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Errors/acl not found improvements

Open skpratt opened this issue 2 years ago • 0 comments

Description

These errors provide additional helpful information in the case where the ACL system has not been bootstrapped and when a token does not exist.

Testing & Reproduction steps

Locally: spin up consul server cluster with ACLs enabled.

  • Try to interact with ACL system before bootstrapping has completed:

    • sample error, logs: "leaf cert watch returned an error: rpc error making call: ACL system must be bootstrapped"
    • sample error, CLI: Failed to create new token: Unexpected response code: 403 (ACL system must be bootstrapped)

  • Delete a token and then try to read/update/clone it:

    • sample error, logs: [ERROR] agent.http: Request error: method=GET url=/v1/acl/token/XXXX from=address:port error="Permission denied: token does not exist"
    • sample error, CLI: Error reading token "XXXXX": Unexpected response code: 403 (Permission denied: token does not exist)

PR Checklist

  • [ ] updated test coverage
  • [ ] external facing docs updated
  • [ ] not a security concern

skpratt avatar Jan 30 '23 04:01 skpratt