From 1cfbfe0abacc4d49b4e58c7e26f251f0f6d47d4e Mon Sep 17 00:00:00 2001 From: Charith Ellawala Date: Wed, 24 Jun 2026 12:33:53 +0100 Subject: [PATCH 1/2] Handle permission denied errors from the API Signed-off-by: Charith Ellawala --- bundle/bundle.go | 1 + bundle/v2/client.go | 28 ++++++++++++++++++++-------- 2 files changed, 21 insertions(+), 8 deletions(-) diff --git a/bundle/bundle.go b/bundle/bundle.go index 29b50d3..b273c5c 100644 --- a/bundle/bundle.go +++ b/bundle/bundle.go @@ -41,6 +41,7 @@ var ( ErrDownloadFailed = errors.New("download failed") ErrNoSegmentDownloadURL = errors.New("no download URLs") ErrInvalidResponse = errors.New("invalid response from server") + ErrPermissionDenied = errors.New("permission denied: make sure the credentials used are correct for the deployment") ErrStreamEnded = errors.New("stream ended") ) diff --git a/bundle/v2/client.go b/bundle/v2/client.go index 31b06ea..3c42f3c 100644 --- a/bundle/v2/client.go +++ b/bundle/v2/client.go @@ -149,7 +149,14 @@ func (c *Client) GetBundle(ctx context.Context, source Source) (string, bundlev2 resp, err := c.rpcClient.GetBundle(ctx, connect.NewRequest(&bundlev2.GetBundleRequest{PdpId: c.PDPIdentifier, Source: source.ToProto(), BundleType: &c.bundleType})) if err != nil { log.Error(err, "GetBundle RPC failed") - return "", bundlev2.BundleType_BUNDLE_TYPE_UNSPECIFIED, nil, err + switch connect.CodeOf(err) { + case connect.CodeNotFound: + return "", bundlev2.BundleType_BUNDLE_TYPE_UNSPECIFIED, nil, bundle.ErrBundleNotFound + case connect.CodePermissionDenied: + return "", bundlev2.BundleType_BUNDLE_TYPE_UNSPECIFIED, nil, bundle.ErrPermissionDenied + default: + return "", bundlev2.BundleType_BUNDLE_TYPE_UNSPECIFIED, nil, err + } } base.LogResponsePayload(log, resp.Msg) @@ -318,15 +325,20 @@ func (c *Client) watchStreamRecv(stream *connect.BidiStreamForClient[bundlev2.Wa return r.err } - if connect.CodeOf(r.err) == connect.CodeNotFound { + switch connect.CodeOf(r.err) { + case connect.CodeNotFound: log.V(1).Error(r.err, "Label does not exist") _ = publishWatchEvent(bundle.ServerEvent{Kind: bundle.ServerEventError, Error: bundle.ErrBundleNotFound}) return bundle.ErrBundleNotFound + case connect.CodePermissionDenied: + log.V(1).Error(r.err, "Permission denied") + _ = publishWatchEvent(bundle.ServerEvent{Kind: bundle.ServerEventError, Error: bundle.ErrPermissionDenied}) + return bundle.ErrPermissionDenied + default: + log.V(1).Error(r.err, "Error receiving message") + _ = publishWatchEvent(bundle.ServerEvent{Kind: bundle.ServerEventError, Error: r.err}) + return r.err } - - log.V(1).Error(r.err, "Error receiving message") - _ = publishWatchEvent(bundle.ServerEvent{Kind: bundle.ServerEventError, Error: r.err}) - return r.err } if r.msg != nil { @@ -448,7 +460,7 @@ func (c *Client) getBundleFile(ctx context.Context, binfo *bundlev2.BundleInfo) return "", err } - bdlCacheKey := *((*cache.ActionID)(binfo.OutputHash)) + bdlCacheKey := *(*cache.ActionID)(binfo.OutputHash) defer func() { if outErr == nil && outPath != "" { source, err := sourceFromProto(binfo.GetSource()) @@ -580,7 +592,7 @@ func (c *Client) GetCachedBundle(source Source) (string, error) { return "", fmt.Errorf("no cache entry for %s: %w", source, err) } - bdlCacheKey := *((*cache.ActionID)(entry)) + bdlCacheKey := *(*cache.ActionID)(entry) bdlEntry, err := c.cache.Get(bdlCacheKey) if err != nil { return "", fmt.Errorf("failed to find bundle in cache: %w", err) From db39dcbbce320ad19baed68a1be58d1f958f5c93 Mon Sep 17 00:00:00 2001 From: Charith Ellawala Date: Wed, 24 Jun 2026 12:37:36 +0100 Subject: [PATCH 2/2] Shorten error message Signed-off-by: Charith Ellawala --- bundle/bundle.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bundle/bundle.go b/bundle/bundle.go index b273c5c..e8ffc61 100644 --- a/bundle/bundle.go +++ b/bundle/bundle.go @@ -41,7 +41,7 @@ var ( ErrDownloadFailed = errors.New("download failed") ErrNoSegmentDownloadURL = errors.New("no download URLs") ErrInvalidResponse = errors.New("invalid response from server") - ErrPermissionDenied = errors.New("permission denied: make sure the credentials used are correct for the deployment") + ErrPermissionDenied = errors.New("permission denied") ErrStreamEnded = errors.New("stream ended") )