From 96074a87d82bcd214acc3e50d5890a6a419913ce Mon Sep 17 00:00:00 2001 From: Adriaan van der Bergh Date: Tue, 31 Mar 2026 15:54:14 +0200 Subject: [PATCH 1/2] fix: improve error messages in auth setup and credentials parsing --- core/CHANGELOG.md | 3 +++ core/VERSION | 2 +- core/auth/auth.go | 4 ++-- core/auth/auth_test.go | 29 +++++++++++++++++++++++++++++ 4 files changed, 35 insertions(+), 3 deletions(-) diff --git a/core/CHANGELOG.md b/core/CHANGELOG.md index c116888a8..6328eafb7 100644 --- a/core/CHANGELOG.md +++ b/core/CHANGELOG.md @@ -1,3 +1,6 @@ +## v0.24.1 +- **Improvement:** Fix misleading error messages in authentication setup and credentials parsing. + ## v0.24.0 - **Bugfix:** Allow setting waiter timeouts via context, that are longer than the default timeout. diff --git a/core/VERSION b/core/VERSION index 6897c006a..b61be290f 100644 --- a/core/VERSION +++ b/core/VERSION @@ -1 +1 @@ -v0.24.0 +v0.24.1 diff --git a/core/auth/auth.go b/core/auth/auth.go index b393afbb7..273bcb018 100644 --- a/core/auth/auth.go +++ b/core/auth/auth.go @@ -54,7 +54,7 @@ func SetupAuth(cfg *config.Configuration) (rt http.RoundTripper, err error) { } else if cfg.WorkloadIdentityFederation { wifRoundTripper, err := WorkloadIdentityFederationAuth(cfg) if err != nil { - return nil, fmt.Errorf("configuring no auth client: %w", err) + return nil, fmt.Errorf("configuring workload identity federation client: %w", err) } return wifRoundTripper, nil } else if cfg.ServiceAccountKey != "" || cfg.ServiceAccountKeyPath != "" { @@ -278,7 +278,7 @@ func readCredentialsFile(path string) (*Credentials, error) { var credentials Credentials err = json.Unmarshal(credentialsRaw, &credentials) if err != nil { - return nil, fmt.Errorf("unmaPrivateKeyrshalling credentials: %w", err) + return nil, fmt.Errorf("unmarshalling credentials: %w", err) } return &credentials, nil } diff --git a/core/auth/auth_test.go b/core/auth/auth_test.go index b861bf581..79ea73049 100644 --- a/core/auth/auth_test.go +++ b/core/auth/auth_test.go @@ -367,6 +367,18 @@ func TestReadCredentials(t *testing.T) { } } +func TestReadCredentialsFileErrorMessage(t *testing.T) { + setTemporaryHome(t) + + _, err := readCredentialsFile("test_resources/test_invalid_structure.json") + if err == nil { + t.Fatalf("error expected") + } + if !strings.Contains(err.Error(), "unmarshalling credentials") { + t.Fatalf("expected unmarshalling credentials error, got %s", err) + } +} + func TestDefaultAuth(t *testing.T) { privateKey, err := generatePrivateKey() if err != nil { @@ -768,6 +780,23 @@ func TestKeyAuthPemInsteadOfJsonKeyErrorHandling(t *testing.T) { } } +func TestSetupAuthWorkloadIdentityErrorMessage(t *testing.T) { + setTemporaryHome(t) + t.Setenv("STACKIT_SERVICE_ACCOUNT_EMAIL", "") + t.Setenv("STACKIT_FEDERATED_TOKEN_FILE", "") + + _, err := SetupAuth(&config.Configuration{WorkloadIdentityFederation: true}) + if err == nil { + t.Fatalf("error expected") + } + if !strings.Contains(err.Error(), "configuring workload identity federation client") { + t.Fatalf("expected workload identity federation error, got %s", err) + } + if strings.Contains(err.Error(), "configuring no auth client") { + t.Fatalf("unexpected no auth error message: %s", err) + } +} + func TestNoAuth(t *testing.T) { for _, test := range []struct { desc string From 29645260f69d4a8b68f6673fc417a74b98e8d456 Mon Sep 17 00:00:00 2001 From: Adriaan van der Bergh Date: Wed, 1 Apr 2026 09:41:51 +0200 Subject: [PATCH 2/2] chore: copy core change into root changelog --- CHANGELOG.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1b06c1483..8982c1755 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -99,9 +99,11 @@ - **Dependencies:** Bump STACKIT SDK core module from `v0.21.1` to `v0.24.0` - `vpn`: [v0.4.1](services/vpn/CHANGELOG.md#v041) - **Dependencies:** Bump STACKIT SDK core module from `v0.23.0` to `v0.24.0` - -- `core`: [v0.24.0](core/CHANGELOG.md#v0240) - - **Bugfix:** Allow setting waiter timeouts via context, that are longer than the default timeout. +- `core`: + - [v0.24.1](core/CHANGELOG.md#v0241) + - **Improvement:** Fix misleading error messages in authentication setup and credentials parsing. + - [v0.24.0](core/CHANGELOG.md#v0240) + - **Bugfix:** Allow setting waiter timeouts via context, that are longer than the default timeout. ## Release (2026-03-27) - `alb`: