Merge pull request #36 from github/prettier-errors

Make common errors easier to read.

Author: chrisgavin

internal/cachedirectory/cachedirectory.go

@@ -1,7 +1,7 @@
 package cachedirectory
 
 import (
-	"fmt"
+	usererrors "errors"
 	"io"
 	"io/ioutil"
 	"os"
@@ -15,7 +15,8 @@ import (
 const errorCacheWrongVersion = "The cache you are trying to push was created with an old version of the CodeQL Action Sync tool. Please re-pull it with this version of the tool."
 const errorNotACacheOrEmpty = "The cache directory you have selected is not empty, but was not created by the CodeQL Action Sync tool. If you are sure you want to use this directory, please delete it and run the sync tool again."
 const errorCacheParentDoesNotExist = "Cannot create cache directory because its parent, does not exist."
-const errorPushNonCache = "The directory you have provided does not appear to be valid. Please check it exists and that you have run the `pull` command to populate it."
+const errorPushNonCache = "The cache directory you have provided does not appear to be valid. Please check it exists and that you have run the `pull` command to populate it."
+const errorCacheLocked = "The cache directory is locked, likely due to a `pull` command being interrupted. Please run `pull` again to ensure all required data is downloaded."
 
 const CacheReferencePrefix = "refs/remotes/" + git.DefaultRemoteName + "/"
 
@@ -35,7 +36,7 @@ func isEmptyOrNonExistentDirectory(path string) (bool, error) {
 		if os.IsNotExist(err) {
 			return true, nil
 		}
-		return false, errors.Wrap(err, fmt.Sprintf("Could not access directory %s.", path))
+		return false, errors.Wrapf(err, "Could not access directory %s.", path)
 	}
 	defer f.Close()
 
@@ -44,7 +45,7 @@ func isEmptyOrNonExistentDirectory(path string) (bool, error) {
 		if err == io.EOF {
 			return true, nil
 		}
-		return false, errors.Wrap(err, fmt.Sprintf("Could not read contents of directory %s.", path))
+		return false, errors.Wrapf(err, "Could not read contents of directory %s.", path)
 	}
 	return false, nil
 }
@@ -67,7 +68,7 @@ func (cacheDirectory *CacheDirectory) CheckOrCreateVersionFile(pull bool, versio
 		_, err := os.Stat(cacheParentPath)
 		if err != nil {
 			if os.IsNotExist(err) {
-				return errors.New(errorCacheParentDoesNotExist)
+				return usererrors.New(errorCacheParentDoesNotExist)
 			}
 			return errors.Wrap(err, "Could not access parent path of cache directory.")
 		}
@@ -94,13 +95,13 @@ func (cacheDirectory *CacheDirectory) CheckOrCreateVersionFile(pull bool, versio
 			}
 			return nil
 		}
-		return errors.New(errorNotACacheOrEmpty)
+		return usererrors.New(errorNotACacheOrEmpty)
 	}
 
 	if cacheVersionFileExists {
-		return errors.New(errorCacheWrongVersion)
+		return usererrors.New(errorCacheWrongVersion)
 	}
-	return errors.New(errorPushNonCache)
+	return usererrors.New(errorPushNonCache)
 }
 
 func (cacheDirectory *CacheDirectory) Lock() error {
@@ -124,7 +125,7 @@ func (cacheDirectory *CacheDirectory) Unlock() error {
 func (cacheDirectory *CacheDirectory) CheckLock() error {
 	_, err := os.Stat(cacheDirectory.lockFilePath())
 	if err == nil {
-		return errors.New("The cache directory is locked, likely due to a `pull` command being interrupted. Please run `pull` again to ensure all required data is downloaded.")
+		return usererrors.New(errorCacheLocked)
 	}
 	if os.IsNotExist(err) {
 		return nil

internal/cachedirectory/cachedirectory_test.go

@@ -95,7 +95,7 @@ func TestLocking(t *testing.T) {
 	require.NoError(t, cacheDirectory.CheckOrCreateVersionFile(true, aVersion))
 	require.NoError(t, cacheDirectory.Lock())
 	require.NoError(t, cacheDirectory.Lock())
-	require.Error(t, cacheDirectory.CheckLock())
+	require.EqualError(t, cacheDirectory.CheckLock(), errorCacheLocked)
 	require.NoError(t, cacheDirectory.Unlock())
 	require.NoError(t, cacheDirectory.CheckLock())
 }

internal/githubapiutil/githubapiutil.go

@@ -0,0 +1,28 @@
+package githubapiutil
+
+import (
+	"strings"
+
+	"github.com/google/go-github/v32/github"
+)
+
+const xOAuthScopesHeader = "X-OAuth-Scopes"
+
+func MissingAllScopes(response *github.Response, requiredAnyScopes ...string) bool {
+	if response == nil {
+		return false
+	}
+	if len(response.Header.Values(xOAuthScopesHeader)) == 0 {
+		return false
+	}
+	actualScopes := strings.Split(response.Header.Get(xOAuthScopesHeader), ",")
+	for _, actualScope := range actualScopes {
+		actualScope = strings.Trim(actualScope, " ")
+		for _, requiredAnyScope := range requiredAnyScopes {
+			if actualScope == requiredAnyScope {
+				return false
+			}
+		}
+	}
+	return true
+}

internal/githubapiutil/githubapiutil_test.go

@@ -0,0 +1,25 @@
+package githubapiutil
+
+import (
+	"net/http"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+
+	"github.com/google/go-github/v32/github"
+)
+
+func TestHasAnyScopes(t *testing.T) {
+	response := github.Response{
+		Response: &http.Response{Header: http.Header{}},
+	}
+
+	response.Header.Set(xOAuthScopesHeader, "gist, notifications, admin:org, repo")
+	require.False(t, MissingAllScopes(&response, "public_repo", "repo"))
+
+	response.Header.Set(xOAuthScopesHeader, "gist, notifications, public_repo, admin:org")
+	require.False(t, MissingAllScopes(&response, "public_repo", "repo"))
+
+	response.Header.Set(xOAuthScopesHeader, "gist, notifications, admin:org")
+	require.True(t, MissingAllScopes(&response, "public_repo", "repo"))
+}

internal/push/push.go

@@ -3,6 +3,7 @@ package push
 import (
 	"context"
 	"encoding/json"
+	usererrors "errors"
 	"fmt"
 	"io"
 	"io/ioutil"
@@ -13,6 +14,8 @@ import (
 	"path/filepath"
 	"strings"
 
+	"github.com/github/codeql-action-sync/internal/githubapiutil"
+
 	log "github.com/sirupsen/logrus"
 
 	"github.com/github/codeql-action-sync/internal/cachedirectory"
@@ -30,6 +33,7 @@ const remoteName = "enterprise"
 const repositoryHomepage = "https://github.com/github/codeql-action-sync-tool/"
 
 const errorAlreadyExists = "The destination repository already exists, but it was not created with the CodeQL Action sync tool. If you are sure you want to push the CodeQL Action to it, re-run this command with the `--force` flag."
+const errorInvalidDestinationToken = "The destination token you've provided is not valid."
 
 type pushService struct {
 	ctx                        context.Context
@@ -43,8 +47,11 @@ type pushService struct {
 
 func (pushService *pushService) createRepository() (*github.Repository, error) {
 	log.Debug("Ensuring repository exists...")
-	user, _, err := pushService.githubEnterpriseClient.Users.Get(pushService.ctx, "")
+	user, response, err := pushService.githubEnterpriseClient.Users.Get(pushService.ctx, "")
 	if err != nil {
+		if response.StatusCode == http.StatusUnauthorized {
+			return nil, usererrors.New(errorInvalidDestinationToken)
+		}
 		return nil, errors.Wrap(err, "Error getting current user.")
 	}
 
@@ -66,6 +73,9 @@ func (pushService *pushService) createRepository() (*github.Repository, error) {
 				Name:  github.String(pushService.destinationRepositoryOwner),
 			}, user.GetLogin())
 			if err != nil {
+				if response.StatusCode == http.StatusNotFound && githubapiutil.MissingAllScopes(response, "site_admin") {
+					return nil, usererrors.New("The destination token you have provided does not have the `site_admin` scope, so the destination organization cannot be created.")
+				}
 				return nil, errors.Wrap(err, "Error creating organization.")
 			}
 		}
@@ -90,13 +100,19 @@ func (pushService *pushService) createRepository() (*github.Repository, error) {
 		Private:      github.Bool(false),
 	}
 	if response.StatusCode == http.StatusNotFound {
-		repository, _, err = pushService.githubEnterpriseClient.Repositories.Create(pushService.ctx, destinationOrganization, &desiredRepositoryProperties)
+		repository, response, err = pushService.githubEnterpriseClient.Repositories.Create(pushService.ctx, destinationOrganization, &desiredRepositoryProperties)
 		if err != nil {
+			if response.StatusCode == http.StatusNotFound && githubapiutil.MissingAllScopes(response, "public_repo", "repo") {
+				return nil, usererrors.New("The destination token you have provided does not have the `public_repo` scope.")
+			}
 			return nil, errors.Wrap(err, "Error creating destination repository.")
 		}
 	} else {
-		repository, _, err = pushService.githubEnterpriseClient.Repositories.Edit(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, &desiredRepositoryProperties)
+		repository, response, err = pushService.githubEnterpriseClient.Repositories.Edit(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, &desiredRepositoryProperties)
 		if err != nil {
+			if response.StatusCode == http.StatusNotFound && githubapiutil.MissingAllScopes(response, "public_repo", "repo") {
+				return nil, usererrors.New("The destination token you have provided does not have the `public_repo` scope.")
+			}
 			return nil, errors.Wrap(err, "Error updating destination repository.")
 		}
 	}