cmd/gitops-pusher: correctly handle ACL tests failing (#5016)

Apparently the API for running ACL tests returns a 200 if the ACL tests fail. This is weird, but we can handle it. Signed-off-by: Xe <xe@tailscale.com>
2 years ago · 5bb44a4a5c
parent c7993d2b88
commit 5bb44a4a5c
1 changed files with 19 additions and 7 deletions
--- a/cmd/gitops-pusher/gitops-pusher.go
+++ b/cmd/gitops-pusher/gitops-pusher.go
@ -132,7 +132,13 @@ func applyNewACL(ctx context.Context, tailnet, apiKey, policyFname, oldEtag stri
 	got := resp.StatusCode
 	want := http.StatusOK
 	if got != want {
-		return fmt.Errorf("wanted HTTP status code %d but got %d", want, got)
+		var ate ACLTestError
+		err := json.NewDecoder(resp.Body).Decode(&ate)
+		if err != nil {
+			return err
+		}
+
+		return ate
 	}

 	return nil
@ -159,13 +165,19 @@ func testNewACLs(ctx context.Context, tailnet, apiKey, policyFname string) error
 	}
 	defer resp.Body.Close()

-	if resp.StatusCode != http.StatusOK {
-		var ate ACLTestError
-		err := json.NewDecoder(resp.Body).Decode(&ate)
-		if err != nil {
-			return err
-		}
+	got := resp.StatusCode
+	want := http.StatusOK
+	if got != want {
+		return fmt.Errorf("wanted HTTP status code %d but got %d", want, got)
+	}
+
+	var ate ACLTestError
+	err = json.NewDecoder(resp.Body).Decode(&ate)
+	if err != nil {
+		return err
+	}

+	if len(ate.Data) != 0 {
 		return ate
 	}