5 years ago · 1877a38996
--- a/pkg/controllers/externalsecret/util.go
+++ b/pkg/controllers/externalsecret/util.go
@@ -46,7 +46,8 @@ func GetExternalSecretCondition(status esv1alpha1.ExternalSecretStatus, condType
 
				 func SetExternalSecretCondition(es *esv1alpha1.ExternalSecret, condition esv1alpha1.ExternalSecretStatusCondition) {
			
 
				 	currentCond := GetExternalSecretCondition(es.Status, condition.Type)
			
 
				 
			
 
				-	if currentCond != nil && currentCond.Status == condition.Status && currentCond.Reason == condition.Reason {
			
 
				+	if currentCond != nil && currentCond.Status == condition.Status &&
			
 
				+		currentCond.Reason == condition.Reason && currentCond.Message == condition.Message {
			
 
				 		updateExternalSecretCondition(es, &condition, 1.0)
			
 
				 		return
			
 
				 	}
			
--- a/pkg/provider/aws/parameterstore/parameterstore.go
+++ b/pkg/provider/aws/parameterstore/parameterstore.go
@@ -25,6 +25,7 @@ import (
 
				 	ctrl "sigs.k8s.io/controller-runtime"
			
 
				 
			
 
				 	esv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
			
 
				+	"github.com/external-secrets/external-secrets/pkg/provider/aws/util"
			
 
				 )
			
 
				 
			
 
				 // ParameterStore is a provider for AWS ParameterStore.
			
@@ -55,7 +56,7 @@ func (pm *ParameterStore) GetSecret(ctx context.Context, ref esv1alpha1.External
 
				 		WithDecryption: aws.Bool(true),
			
 
				 	})
			
 
				 	if err != nil {
			
 
				-		return nil, fmt.Errorf("unable to get parameter: %w", err)
			
 
				+		return nil, util.SanitizeErr(err)
			
 
				 	}
			
 
				 	if ref.Property == "" {
			
 
				 		if out.Parameter.Value != nil {
			
--- a/pkg/provider/aws/secretsmanager/secretsmanager.go
+++ b/pkg/provider/aws/secretsmanager/secretsmanager.go
@@ -24,6 +24,7 @@ import (
 
				 	ctrl "sigs.k8s.io/controller-runtime"
			
 
				 
			
 
				 	esv1alpha1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1alpha1"
			
 
				+	"github.com/external-secrets/external-secrets/pkg/provider/aws/util"
			
 
				 )
			
 
				 
			
 
				 // SecretsManager is a provider for AWS SecretsManager.
			
@@ -58,7 +59,7 @@ func (sm *SecretsManager) GetSecret(ctx context.Context, ref esv1alpha1.External
 
				 		VersionStage: &ver,
			
 
				 	})
			
 
				 	if err != nil {
			
 
				-		return nil, err
			
 
				+		return nil, util.SanitizeErr(err)
			
 
				 	}
			
 
				 	if ref.Property == "" {
			
 
				 		if secretOut.SecretString != nil {
			
--- a/pkg/provider/aws/util/errors.go
+++ b/pkg/provider/aws/util/errors.go
@@ -0,0 +1,32 @@
 
				+/*
			
 
				+Licensed under the Apache License, Version 2.0 (the "License");
			
 
				+you may not use this file except in compliance with the License.
			
 
				+You may obtain a copy of the License at
			
 
				+
			
 
				+    http://www.apache.org/licenses/LICENSE-2.0
			
 
				+
			
 
				+Unless required by applicable law or agreed to in writing, software
			
 
				+distributed under the License is distributed on an "AS IS" BASIS,
			
 
				+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
			
 
				+See the License for the specific language governing permissions and
			
 
				+limitations under the License.
			
 
				+*/
			
 
				+
			
 
				+package util
			
 
				+
			
 
				+import (
			
 
				+	"errors"
			
 
				+	"fmt"
			
 
				+
			
 
				+	"github.com/aws/aws-sdk-go/aws/awserr"
			
 
				+)
			
 
				+
			
 
				+// SanitizeErr removes sanitizes the error string
			
 
				+// because the requestID must not be included in the error.
			
 
				+func SanitizeErr(err error) error {
			
 
				+	var bErr awserr.BatchedErrors
			
 
				+	if errors.As(bErr, &bErr) {
			
 
				+		return fmt.Errorf("%s: %s", bErr.Code(), bErr.Message())
			
 
				+	}
			
 
				+	return err
			
 
				+}