Skip to content

Improve error wrapping in tbot identity service #62103

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
strideynet merged 1 commit into from
Dec 10, 2025
Merged

Improve error wrapping in tbot identity service #62103

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 11 additions & 8 deletions lib/tbot/bot/destination/directory.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -410,8 +410,9 @@ func (dd *Directory) Write(ctx context.Context, name string, data []byte) error
// things have drifted since `Init()` was run. We don't bother with secure
// botfs.Create() since it's a no-op for directory creation.
if dir, _ := filepath.Split(name); dir != "" {
if err := mkdir(filepath.Join(dd.Path, dir)); err != nil {
return trace.Wrap(err)
dirPath := filepath.Join(dd.Path, dir)
if err := mkdir(dirPath); err != nil {
return trace.Wrap(err, "creating directory %q", dirPath)
}
}

Expand All @@ -427,7 +428,7 @@ func (dd *Directory) Write(ctx context.Context, name string, data []byte) error
return trace.Wrap(err)
}
} else if err != nil {
return trace.Wrap(err)
return trace.Wrap(err, "reading %q", path)
}

if dd.aclsEnabled {
Expand All @@ -445,7 +446,7 @@ func (dd *Directory) Write(ctx context.Context, name string, data []byte) error
}
}

return trace.Wrap(botfs.Write(path, data, dd.Symlinks))
return trace.Wrap(botfs.Write(path, data, dd.Symlinks), "writing %q", path)
}

func (dd *Directory) Read(ctx context.Context, name string) ([]byte, error) {
Expand All @@ -456,9 +457,10 @@ func (dd *Directory) Read(ctx context.Context, name string) ([]byte, error) {
)
defer span.End()

data, err := botfs.Read(filepath.Join(dd.Path, name), dd.Symlinks)
artifactPath := filepath.Join(dd.Path, name)
data, err := botfs.Read(artifactPath, dd.Symlinks)
if err != nil {
return nil, trace.Wrap(err)
return nil, trace.Wrap(err, "reading %q", artifactPath)
}

return data, nil
Expand All @@ -472,8 +474,9 @@ func (dd *Directory) TryLock() (func() error, error) {
// TryLock should only be used for bot data directory and not for
// destinations until an investigation on how locks will play with
// ACLs has been completed.
unlock, err := utils.FSTryWriteLock(filepath.Join(dd.Path, "lock"))
return unlock, trace.Wrap(err)
lockPath := filepath.Join(dd.Path, "lock")
unlock, err := utils.FSTryWriteLock(lockPath)
return unlock, trace.Wrap(err, "locking %q", lockPath)
}

func (dm *Directory) MarshalYAML() (any, error) {
Expand Down
18 changes: 9 additions & 9 deletions lib/tbot/services/identity/output.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -211,7 +211,7 @@ func (s *OutputService) generate(ctx context.Context) error {
s.insecure,
s.fips,
); err != nil {
return trace.Wrap(err)
return trace.Wrap(err, "rendering OpenSSH configuration files")
}
}

Expand Down Expand Up @@ -300,13 +300,13 @@ func renderSSHConfig(
proxyHost,
)
if err != nil {
return trace.Wrap(err)
return trace.Wrap(err, "generating known_hosts")
}

if err := dest.Write(
ctx, ssh.KnownHostsName, []byte(knownHosts),
); err != nil {
return trace.Wrap(err)
return trace.Wrap(err, "writing known_hosts to destination")
}

// We only want to proceed further if we have a directory destination
Expand All @@ -322,7 +322,7 @@ func renderSSHConfig(
// Destination backends is left as an exercise to the user.
absDestPath, err := filepath.Abs(destDirectory.Path)
if err != nil {
return trace.Wrap(err)
return trace.Wrap(err, "determining absolute path")
}

executablePath, err := getExecutablePath()
Expand Down Expand Up @@ -371,7 +371,7 @@ func renderSSHConfig(
// be disabled.
Resume: true,
}); err != nil {
return trace.Wrap(err)
return trace.Wrap(err, "generating global ssh_config")
}

// Generate the per cluster files
Expand Down Expand Up @@ -401,10 +401,10 @@ func renderSSHConfig(
// be disabled.
Resume: true,
}); err != nil {
return trace.Wrap(err)
return trace.Wrap(err, "generating ssh_config for cluster %q", clusterName)
}
if err := destDirectory.Write(ctx, sshConfigName, []byte(sb.String())); err != nil {
return trace.Wrap(err)
return trace.Wrap(err, "writing ssh_config for cluster %q", clusterName)
}

knownHosts, ok := clusterKnownHosts[clusterName]
Expand All @@ -417,12 +417,12 @@ func renderSSHConfig(
continue
}
if err := destDirectory.Write(ctx, knownHostsName, []byte(knownHosts)); err != nil {
return trace.Wrap(err)
return trace.Wrap(err, "writing known_hosts for cluster %q", clusterName)
}
}

if err := destDirectory.Write(ctx, ssh.ConfigName, []byte(sshConfigBuilder.String())); err != nil {
return trace.Wrap(err)
return trace.Wrap(err, "writing global ssh_config")
}

return nil
Expand Down
Loading