Add a basic e2e test for X-Request-Id reflection

hslatman · hslatman · commit cf8a50157f7a · 2024-02-28T01:05:38.000+01:00
diff --git a/api/api_test.go b/api/api_test.go
@@ -884,16 +884,12 @@ func Test_Sign(t *testing.T) {
 		CsrPEM: CertificateRequest{csr},
 		OTT:    "foobarzar",
 	})
-	if err != nil {
-		t.Fatal(err)
-	}
+	require.NoError(t, err)
 	invalid, err := json.Marshal(SignRequest{
 		CsrPEM: CertificateRequest{csr},
 		OTT:    "",
 	})
-	if err != nil {
-		t.Fatal(err)
-	}
+	require.NoError(t, err)
 
 	expected1 := []byte(`{"crt":"` + strings.ReplaceAll(certPEM, "\n", `\n`) + `\n","ca":"` + strings.ReplaceAll(rootPEM, "\n", `\n`) + `\n","certChain":["` + strings.ReplaceAll(certPEM, "\n", `\n`) + `\n","` + strings.ReplaceAll(rootPEM, "\n", `\n`) + `\n"]}`)
 	expected2 := []byte(`{"crt":"` + strings.ReplaceAll(stepCertPEM, "\n", `\n`) + `\n","ca":"` + strings.ReplaceAll(rootPEM, "\n", `\n`) + `\n","certChain":["` + strings.ReplaceAll(stepCertPEM, "\n", `\n`) + `\n","` + strings.ReplaceAll(rootPEM, "\n", `\n`) + `\n"]}`)
diff --git a/ca/ca_test.go b/ca/ca_test.go
@@ -289,6 +289,9 @@ ZEp7knvU2psWRw==
 
 			if assert.Equals(t, rr.Code, tc.status) {
 				body := &ClosingBuffer{rr.Body}
+				resp := &http.Response{
+					Body: body,
+				}
 				if rr.Code < http.StatusBadRequest {
 					var sign api.SignResponse
 					assert.FatalError(t, readJSON(body, &sign))
@@ -325,7 +328,7 @@ ZEp7knvU2psWRw==
 					assert.FatalError(t, err)
 					assert.Equals(t, intermediate, realIntermediate)
 				} else {
-					err := readError(body)
+					err := readError(resp)
 					if tc.errMsg == "" {
 						assert.FatalError(t, errors.New("must validate response error"))
 					}
@@ -369,6 +372,9 @@ func TestCAProvisioners(t *testing.T) {
 
 			if assert.Equals(t, rr.Code, tc.status) {
 				body := &ClosingBuffer{rr.Body}
+				resp := &http.Response{
+					Body: body,
+				}
 				if rr.Code < http.StatusBadRequest {
 					var resp api.ProvisionersResponse
 
@@ -379,7 +385,7 @@ func TestCAProvisioners(t *testing.T) {
 					assert.FatalError(t, err)
 					assert.Equals(t, a, b)
 				} else {
-					err := readError(body)
+					err := readError(resp)
 					if tc.errMsg == "" {
 						assert.FatalError(t, errors.New("must validate response error"))
 					}
@@ -436,12 +442,15 @@ func TestCAProvisionerEncryptedKey(t *testing.T) {
 
 			if assert.Equals(t, rr.Code, tc.status) {
 				body := &ClosingBuffer{rr.Body}
+				resp := &http.Response{
+					Body: body,
+				}
 				if rr.Code < http.StatusBadRequest {
 					var ek api.ProvisionerKeyResponse
 					assert.FatalError(t, readJSON(body, &ek))
 					assert.Equals(t, ek.Key, tc.expectedKey)
 				} else {
-					err := readError(body)
+					err := readError(resp)
 					if tc.errMsg == "" {
 						assert.FatalError(t, errors.New("must validate response error"))
 					}
@@ -498,12 +507,15 @@ func TestCARoot(t *testing.T) {
 
 			if assert.Equals(t, rr.Code, tc.status) {
 				body := &ClosingBuffer{rr.Body}
+				resp := &http.Response{
+					Body: body,
+				}
 				if rr.Code < http.StatusBadRequest {
 					var root api.RootResponse
 					assert.FatalError(t, readJSON(body, &root))
 					assert.Equals(t, root.RootPEM.Certificate, rootCrt)
 				} else {
-					err := readError(body)
+					err := readError(resp)
 					if tc.errMsg == "" {
 						assert.FatalError(t, errors.New("must validate response error"))
 					}
@@ -641,6 +653,9 @@ func TestCARenew(t *testing.T) {
 
 			if assert.Equals(t, rr.Code, tc.status) {
 				body := &ClosingBuffer{rr.Body}
+				resp := &http.Response{
+					Body: body,
+				}
 				if rr.Code < http.StatusBadRequest {
 					var sign api.SignResponse
 					assert.FatalError(t, readJSON(body, &sign))
@@ -673,7 +688,7 @@ func TestCARenew(t *testing.T) {
 
 					assert.Equals(t, *sign.TLSOptions, authority.DefaultTLSOptions)
 				} else {
-					err := readError(body)
+					err := readError(resp)
 					if tc.errMsg == "" {
 						assert.FatalError(t, errors.New("must validate response error"))
 					}
diff --git a/ca/client.go b/ca/client.go
@@ -622,7 +622,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var version api.VersionResponse
 	if err := readJSON(resp.Body, &version); err != nil {
@@ -652,7 +652,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var health api.HealthResponse
 	if err := readJSON(resp.Body, &health); err != nil {
@@ -687,7 +687,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var root api.RootResponse
 	if err := readJSON(resp.Body, &root); err != nil {
@@ -726,7 +726,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var sign api.SignResponse
 	if err := readJSON(resp.Body, &sign); err != nil {
@@ -765,7 +765,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var sign api.SignResponse
 	if err := readJSON(resp.Body, &sign); err != nil {
@@ -802,7 +802,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var sign api.SignResponse
 	if err := readJSON(resp.Body, &sign); err != nil {
@@ -842,7 +842,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var sign api.SignResponse
 	if err := readJSON(resp.Body, &sign); err != nil {
@@ -883,7 +883,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var revoke api.RevokeResponse
 	if err := readJSON(resp.Body, &revoke); err != nil {
@@ -926,7 +926,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var provisioners api.ProvisionersResponse
 	if err := readJSON(resp.Body, &provisioners); err != nil {
@@ -958,7 +958,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var key api.ProvisionerKeyResponse
 	if err := readJSON(resp.Body, &key); err != nil {
@@ -988,7 +988,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var roots api.RootsResponse
 	if err := readJSON(resp.Body, &roots); err != nil {
@@ -1018,7 +1018,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var federation api.FederationResponse
 	if err := readJSON(resp.Body, &federation); err != nil {
@@ -1052,7 +1052,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var sign api.SSHSignResponse
 	if err := readJSON(resp.Body, &sign); err != nil {
@@ -1086,7 +1086,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var renew api.SSHRenewResponse
 	if err := readJSON(resp.Body, &renew); err != nil {
@@ -1120,7 +1120,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var rekey api.SSHRekeyResponse
 	if err := readJSON(resp.Body, &rekey); err != nil {
@@ -1154,7 +1154,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var revoke api.SSHRevokeResponse
 	if err := readJSON(resp.Body, &revoke); err != nil {
@@ -1184,7 +1184,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var keys api.SSHRootsResponse
 	if err := readJSON(resp.Body, &keys); err != nil {
@@ -1214,7 +1214,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var keys api.SSHRootsResponse
 	if err := readJSON(resp.Body, &keys); err != nil {
@@ -1248,7 +1248,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var cfg api.SSHConfigResponse
 	if err := readJSON(resp.Body, &cfg); err != nil {
@@ -1287,7 +1287,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var check api.SSHCheckPrincipalResponse
 	if err := readJSON(resp.Body, &check); err != nil {
@@ -1316,7 +1316,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var hosts api.SSHGetHostsResponse
 	if err := readJSON(resp.Body, &hosts); err != nil {
@@ -1348,7 +1348,7 @@ retry:
 			retried = true
 			goto retry
 		}
-		return nil, readError(resp.Body)
+		return nil, readError(resp)
 	}
 	var bastion api.SSHBastionResponse
 	if err := readJSON(resp.Body, &bastion); err != nil {
@@ -1516,12 +1516,13 @@ func readProtoJSON(r io.ReadCloser, m proto.Message) error {
 	return protojson.Unmarshal(data, m)
 }
 
-func readError(r io.ReadCloser) error {
-	defer r.Close()
+func readError(r *http.Response) error {
+	defer r.Body.Close()
 	apiErr := new(errs.Error)
-	if err := json.NewDecoder(r).Decode(apiErr); err != nil {
+	if err := json.NewDecoder(r.Body).Decode(apiErr); err != nil {
 		return err
 	}
+	apiErr.RequestID = r.Header.Get("X-Request-Id")
 	return apiErr
 }
 
diff --git a/errs/error.go b/errs/error.go
@@ -49,10 +49,11 @@ func WithKeyVal(key string, val interface{}) Option {
 
 // Error represents the CA API errors.
 type Error struct {
-	Status  int
-	Err     error
-	Msg     string
-	Details map[string]interface{}
+	Status    int
+	Err       error
+	Msg       string
+	Details   map[string]interface{}
+	RequestID string `json:"-"`
 }
 
 // ErrorResponse represents an error in JSON format.
diff --git a/test/e2e/requestid_test.go b/test/e2e/requestid_test.go

Original file line number	Diff line number	Diff line change
`@@ -622,7 +622,7 @@ retry:`
`622`	`622`	`retried = true`
`623`	`623`	`goto retry`
`624`	`624`	`}`
`625`		`- return nil, readError(resp.Body)`
	`625`	`+ return nil, readError(resp)`
`626`	`626`	`}`
`627`	`627`	`var version api.VersionResponse`
`628`	`628`	`if err := readJSON(resp.Body, &version); err != nil {`
`@@ -652,7 +652,7 @@ retry:`
`652`	`652`	`retried = true`
`653`	`653`	`goto retry`
`654`	`654`	`}`
`655`		`- return nil, readError(resp.Body)`
	`655`	`+ return nil, readError(resp)`
`656`	`656`	`}`
`657`	`657`	`var health api.HealthResponse`
`658`	`658`	`if err := readJSON(resp.Body, &health); err != nil {`
`@@ -687,7 +687,7 @@ retry:`
`687`	`687`	`retried = true`
`688`	`688`	`goto retry`
`689`	`689`	`}`
`690`		`- return nil, readError(resp.Body)`
	`690`	`+ return nil, readError(resp)`
`691`	`691`	`}`
`692`	`692`	`var root api.RootResponse`
`693`	`693`	`if err := readJSON(resp.Body, &root); err != nil {`
`@@ -726,7 +726,7 @@ retry:`
`726`	`726`	`retried = true`
`727`	`727`	`goto retry`
`728`	`728`	`}`
`729`		`- return nil, readError(resp.Body)`
	`729`	`+ return nil, readError(resp)`
`730`	`730`	`}`
`731`	`731`	`var sign api.SignResponse`
`732`	`732`	`if err := readJSON(resp.Body, &sign); err != nil {`
`@@ -765,7 +765,7 @@ retry:`
`765`	`765`	`retried = true`
`766`	`766`	`goto retry`
`767`	`767`	`}`
`768`		`- return nil, readError(resp.Body)`
	`768`	`+ return nil, readError(resp)`
`769`	`769`	`}`
`770`	`770`	`var sign api.SignResponse`
`771`	`771`	`if err := readJSON(resp.Body, &sign); err != nil {`
`@@ -802,7 +802,7 @@ retry:`
`802`	`802`	`retried = true`
`803`	`803`	`goto retry`
`804`	`804`	`}`
`805`		`- return nil, readError(resp.Body)`
	`805`	`+ return nil, readError(resp)`
`806`	`806`	`}`
`807`	`807`	`var sign api.SignResponse`
`808`	`808`	`if err := readJSON(resp.Body, &sign); err != nil {`
`@@ -842,7 +842,7 @@ retry:`
`842`	`842`	`retried = true`
`843`	`843`	`goto retry`
`844`	`844`	`}`
`845`		`- return nil, readError(resp.Body)`
	`845`	`+ return nil, readError(resp)`
`846`	`846`	`}`
`847`	`847`	`var sign api.SignResponse`
`848`	`848`	`if err := readJSON(resp.Body, &sign); err != nil {`
`@@ -883,7 +883,7 @@ retry:`
`883`	`883`	`retried = true`
`884`	`884`	`goto retry`
`885`	`885`	`}`
`886`		`- return nil, readError(resp.Body)`
	`886`	`+ return nil, readError(resp)`
`887`	`887`	`}`
`888`	`888`	`var revoke api.RevokeResponse`
`889`	`889`	`if err := readJSON(resp.Body, &revoke); err != nil {`
`@@ -926,7 +926,7 @@ retry:`
`926`	`926`	`retried = true`
`927`	`927`	`goto retry`
`928`	`928`	`}`
`929`		`- return nil, readError(resp.Body)`
	`929`	`+ return nil, readError(resp)`
`930`	`930`	`}`
`931`	`931`	`var provisioners api.ProvisionersResponse`
`932`	`932`	`if err := readJSON(resp.Body, &provisioners); err != nil {`
`@@ -958,7 +958,7 @@ retry:`
`958`	`958`	`retried = true`
`959`	`959`	`goto retry`
`960`	`960`	`}`
`961`		`- return nil, readError(resp.Body)`
	`961`	`+ return nil, readError(resp)`
`962`	`962`	`}`
`963`	`963`	`var key api.ProvisionerKeyResponse`
`964`	`964`	`if err := readJSON(resp.Body, &key); err != nil {`
`@@ -988,7 +988,7 @@ retry:`
`988`	`988`	`retried = true`
`989`	`989`	`goto retry`
`990`	`990`	`}`
`991`		`- return nil, readError(resp.Body)`
	`991`	`+ return nil, readError(resp)`
`992`	`992`	`}`
`993`	`993`	`var roots api.RootsResponse`
`994`	`994`	`if err := readJSON(resp.Body, &roots); err != nil {`
`@@ -1018,7 +1018,7 @@ retry:`
`1018`	`1018`	`retried = true`
`1019`	`1019`	`goto retry`
`1020`	`1020`	`}`
`1021`		`- return nil, readError(resp.Body)`
	`1021`	`+ return nil, readError(resp)`
`1022`	`1022`	`}`
`1023`	`1023`	`var federation api.FederationResponse`
`1024`	`1024`	`if err := readJSON(resp.Body, &federation); err != nil {`
`@@ -1052,7 +1052,7 @@ retry:`
`1052`	`1052`	`retried = true`
`1053`	`1053`	`goto retry`
`1054`	`1054`	`}`
`1055`		`- return nil, readError(resp.Body)`
	`1055`	`+ return nil, readError(resp)`
`1056`	`1056`	`}`
`1057`	`1057`	`var sign api.SSHSignResponse`
`1058`	`1058`	`if err := readJSON(resp.Body, &sign); err != nil {`
`@@ -1086,7 +1086,7 @@ retry:`
`1086`	`1086`	`retried = true`
`1087`	`1087`	`goto retry`
`1088`	`1088`	`}`
`1089`		`- return nil, readError(resp.Body)`
	`1089`	`+ return nil, readError(resp)`
`1090`	`1090`	`}`
`1091`	`1091`	`var renew api.SSHRenewResponse`
`1092`	`1092`	`if err := readJSON(resp.Body, &renew); err != nil {`
`@@ -1120,7 +1120,7 @@ retry:`
`1120`	`1120`	`retried = true`
`1121`	`1121`	`goto retry`
`1122`	`1122`	`}`
`1123`		`- return nil, readError(resp.Body)`
	`1123`	`+ return nil, readError(resp)`
`1124`	`1124`	`}`
`1125`	`1125`	`var rekey api.SSHRekeyResponse`
`1126`	`1126`	`if err := readJSON(resp.Body, &rekey); err != nil {`
`@@ -1154,7 +1154,7 @@ retry:`
`1154`	`1154`	`retried = true`
`1155`	`1155`	`goto retry`
`1156`	`1156`	`}`
`1157`		`- return nil, readError(resp.Body)`
	`1157`	`+ return nil, readError(resp)`
`1158`	`1158`	`}`
`1159`	`1159`	`var revoke api.SSHRevokeResponse`
`1160`	`1160`	`if err := readJSON(resp.Body, &revoke); err != nil {`
`@@ -1184,7 +1184,7 @@ retry:`
`1184`	`1184`	`retried = true`
`1185`	`1185`	`goto retry`
`1186`	`1186`	`}`
`1187`		`- return nil, readError(resp.Body)`
	`1187`	`+ return nil, readError(resp)`
`1188`	`1188`	`}`
`1189`	`1189`	`var keys api.SSHRootsResponse`
`1190`	`1190`	`if err := readJSON(resp.Body, &keys); err != nil {`
`@@ -1214,7 +1214,7 @@ retry:`
`1214`	`1214`	`retried = true`
`1215`	`1215`	`goto retry`
`1216`	`1216`	`}`
`1217`		`- return nil, readError(resp.Body)`
	`1217`	`+ return nil, readError(resp)`
`1218`	`1218`	`}`
`1219`	`1219`	`var keys api.SSHRootsResponse`
`1220`	`1220`	`if err := readJSON(resp.Body, &keys); err != nil {`
`@@ -1248,7 +1248,7 @@ retry:`
`1248`	`1248`	`retried = true`
`1249`	`1249`	`goto retry`
`1250`	`1250`	`}`
`1251`		`- return nil, readError(resp.Body)`
	`1251`	`+ return nil, readError(resp)`
`1252`	`1252`	`}`
`1253`	`1253`	`var cfg api.SSHConfigResponse`
`1254`	`1254`	`if err := readJSON(resp.Body, &cfg); err != nil {`
`@@ -1287,7 +1287,7 @@ retry:`
`1287`	`1287`	`retried = true`
`1288`	`1288`	`goto retry`
`1289`	`1289`	`}`
`1290`		`- return nil, readError(resp.Body)`
	`1290`	`+ return nil, readError(resp)`
`1291`	`1291`	`}`
`1292`	`1292`	`var check api.SSHCheckPrincipalResponse`
`1293`	`1293`	`if err := readJSON(resp.Body, &check); err != nil {`
`@@ -1316,7 +1316,7 @@ retry:`
`1316`	`1316`	`retried = true`
`1317`	`1317`	`goto retry`
`1318`	`1318`	`}`
`1319`		`- return nil, readError(resp.Body)`
	`1319`	`+ return nil, readError(resp)`
`1320`	`1320`	`}`
`1321`	`1321`	`var hosts api.SSHGetHostsResponse`
`1322`	`1322`	`if err := readJSON(resp.Body, &hosts); err != nil {`
`@@ -1348,7 +1348,7 @@ retry:`
`1348`	`1348`	`retried = true`
`1349`	`1349`	`goto retry`
`1350`	`1350`	`}`
`1351`		`- return nil, readError(resp.Body)`
	`1351`	`+ return nil, readError(resp)`
`1352`	`1352`	`}`
`1353`	`1353`	`var bastion api.SSHBastionResponse`
`1354`	`1354`	`if err := readJSON(resp.Body, &bastion); err != nil {`
`@@ -1516,12 +1516,13 @@ func readProtoJSON(r io.ReadCloser, m proto.Message) error {`
`1516`	`1516`	`return protojson.Unmarshal(data, m)`
`1517`	`1517`	`}`
`1518`	`1518`
`1519`		`-func readError(r io.ReadCloser) error {`
`1520`		`- defer r.Close()`
	`1519`	`+func readError(r *http.Response) error {`
	`1520`	`+ defer r.Body.Close()`
`1521`	`1521`	`apiErr := new(errs.Error)`
`1522`		`- if err := json.NewDecoder(r).Decode(apiErr); err != nil {`
	`1522`	`+ if err := json.NewDecoder(r.Body).Decode(apiErr); err != nil {`
`1523`	`1523`	`return err`
`1524`	`1524`	`}`
	`1525`	`+ apiErr.RequestID = r.Header.Get("X-Request-Id")`
`1525`	`1526`	`return apiErr`
`1526`	`1527`	`}`
`1527`	`1528`