Updated error messages to be cleaner

Author: russell-stern

core/capabilities/vault/capability_test.go

@@ -847,7 +847,7 @@ func TestCapability_CRUD(t *testing.T) {
 		{
 			name:     "CreateSecrets_Missing_Key",
 			response: nil,
-			error:    "invalid secret identifier: key cannot be empty",
+			error:    "key cannot be empty",
 			call: func(t *testing.T, capability *Capability) (*vaulttypes.Response, error) {
 				req := &vault.CreateSecretsRequest{
 					RequestId: requestID,
@@ -868,7 +868,7 @@ func TestCapability_CRUD(t *testing.T) {
 		{
 			name:     "CreateSecrets_Missing_Namespace",
 			response: nil,
-			error:    "invalid secret identifier: namespace cannot be empty",
+			error:    "namespace cannot be empty",
 			call: func(t *testing.T, capability *Capability) (*vaulttypes.Response, error) {
 				req := &vault.CreateSecretsRequest{
 					RequestId: requestID,
@@ -889,7 +889,7 @@ func TestCapability_CRUD(t *testing.T) {
 		{
 			name:     "CreateSecrets_Missing_Owner",
 			response: nil,
-			error:    "invalid secret identifier: owner cannot be empty",
+			error:    "owner cannot be empty",
 			call: func(t *testing.T, capability *Capability) (*vaulttypes.Response, error) {
 				req := &vault.CreateSecretsRequest{
 					RequestId: requestID,
@@ -1037,7 +1037,7 @@ func TestCapability_CRUD(t *testing.T) {
 				Payload: []byte("hello world"),
 				Format:  "protobuf",
 			},
-			error: "invalid secret identifier: key cannot be empty",
+			error: "key cannot be empty",
 			call: func(t *testing.T, capability *Capability) (*vaulttypes.Response, error) {
 				req := &vault.UpdateSecretsRequest{
 					RequestId: requestID,
@@ -1062,7 +1062,7 @@ func TestCapability_CRUD(t *testing.T) {
 				Payload: []byte("hello world"),
 				Format:  "protobuf",
 			},
-			error: "invalid secret identifier: namespace cannot be empty",
+			error: "namespace cannot be empty",
 			call: func(t *testing.T, capability *Capability) (*vaulttypes.Response, error) {
 				req := &vault.UpdateSecretsRequest{
 					RequestId: requestID,
@@ -1087,7 +1087,7 @@ func TestCapability_CRUD(t *testing.T) {
 				Payload: []byte("hello world"),
 				Format:  "protobuf",
 			},
-			error: "invalid secret identifier: owner cannot be empty",
+			error: "owner cannot be empty",
 			call: func(t *testing.T, capability *Capability) (*vaulttypes.Response, error) {
 				req := &vault.UpdateSecretsRequest{
 					RequestId: requestID,

core/capabilities/vault/validator.go

@@ -108,40 +108,40 @@ func (r *RequestValidator) ValidateCiphertextSize(ctx context.Context, owner str
 
 func (r *RequestValidator) ValidateSecretIdentifier(ctx context.Context, idKey string, idOwner string, idNamespace string) error {
 	if idKey == "" {
-		return fmt.Errorf("invalid secret identifier: key cannot be empty")
+		return fmt.Errorf("key cannot be empty")
 	}
 	if idOwner == "" {
-		return fmt.Errorf("invalid secret identifier: owner cannot be empty")
+		return fmt.Errorf("owner cannot be empty")
 	}
 	if idNamespace == "" {
-		return fmt.Errorf("invalid secret identifier: namespace cannot be empty")
+		return fmt.Errorf("namespace cannot be empty")
 	}
 
 	if !isValidIDComponent(idKey) || !isValidIDComponent(idOwner) || !isValidIDComponent(idNamespace) {
-		return fmt.Errorf("invalid secret identifier: key, owner and namespace must only contain alphanumeric characters")
+		return fmt.Errorf("key, owner and namespace must only contain alphanumeric characters")
 	}
 
 	ctx = contexts.WithCRE(ctx, contexts.CRE{Owner: idOwner})
 	if err := r.MaxIdentifierOwnerLengthLimiter.Check(ctx, pkgconfig.Size(len(idOwner))); err != nil {
 		var errBoundLimited limits.ErrorBoundLimited[pkgconfig.Size]
 		if errors.As(err, &errBoundLimited) {
-			return fmt.Errorf("invalid secret identifier: owner exceeds maximum length of %s", errBoundLimited.Limit)
+			return fmt.Errorf("owner exceeds maximum length of %s", errBoundLimited.Limit)
 		}
 		return fmt.Errorf("failed to check owner length limit: %w", err)
 	}
 
 	if err := r.MaxIdentifierNamespaceLengthLimiter.Check(ctx, pkgconfig.Size(len(idNamespace))); err != nil {
 		var errBoundLimited limits.ErrorBoundLimited[pkgconfig.Size]
 		if errors.As(err, &errBoundLimited) {
-			return fmt.Errorf("invalid secret identifier: namespace exceeds maximum length of %s", errBoundLimited.Limit)
+			return fmt.Errorf("namespace exceeds maximum length of %s", errBoundLimited.Limit)
 		}
 		return fmt.Errorf("failed to check namespace length limit: %w", err)
 	}
 
 	if err := r.MaxIdentifierKeyLengthLimiter.Check(ctx, pkgconfig.Size(len(idKey))); err != nil {
 		var errBoundLimited limits.ErrorBoundLimited[pkgconfig.Size]
 		if errors.As(err, &errBoundLimited) {
-			return fmt.Errorf("invalid secret identifier: key exceeds maximum length of %s", errBoundLimited.Limit)
+			return fmt.Errorf("key exceeds maximum length of %s", errBoundLimited.Limit)
 		}
 		return fmt.Errorf("failed to check key length limit: %w", err)
 	}

core/services/ocr2/plugins/vault/plugin.go

@@ -334,11 +334,11 @@ func (r *ReportingPluginFactory) NewReportingPlugin(ctx context.Context, config
 	}
 
 	validator := vaultcap.NewRequestValidator(
-		r.cfg.MaxRequestBatchSize,
-		r.cfg.MaxCiphertextLengthBytes,
-		r.cfg.MaxIdentifierKeyLengthBytes,
-		r.cfg.MaxIdentifierOwnerLengthBytes,
-		r.cfg.MaxIdentifierNamespaceLengthBytes,
+		cfg.MaxRequestBatchSize,
+		cfg.MaxCiphertextLengthBytes,
+		cfg.MaxIdentifierKeyLengthBytes,
+		cfg.MaxIdentifierOwnerLengthBytes,
+		cfg.MaxIdentifierNamespaceLengthBytes,
 	)
 
 	return &ReportingPlugin{