anyhow -> snafu

Author: sbernauer

Cargo.lock

@@ -11,9 +11,9 @@ publish = false
 [dependencies]
 stackable-secret-operator-utils = { path = "../utils" }
 
-anyhow.workspace = true
 clap = { workspace = true, features = ["derive"] }
 hex.workspace = true
 openssl.workspace = true
+snafu.workspace = true
 tracing.workspace = true
 tracing-subscriber = { workspace = true, features = ["env-filter"] }

rust/cert-tools/Cargo.toml

@@ -1,26 +1,26 @@
-use anyhow::Context;
 use openssl::{
     hash::{DigestBytes, MessageDigest},
     string::OpensslString,
     x509::X509,
 };
+use snafu::ResultExt;
 
 pub trait CertExt {
-    fn serial_as_hex(&self) -> anyhow::Result<OpensslString>;
-    fn sha256_digest(&self) -> anyhow::Result<DigestBytes>;
+    fn serial_as_hex(&self) -> Result<OpensslString, snafu::Whatever>;
+    fn sha256_digest(&self) -> Result<DigestBytes, snafu::Whatever>;
 }
 
 impl CertExt for X509 {
-    fn serial_as_hex(&self) -> anyhow::Result<OpensslString> {
+    fn serial_as_hex(&self) -> Result<OpensslString, snafu::Whatever> {
         self.serial_number()
             .to_bn()
-            .context("failed to get certificate serial number as BigNumber")?
+            .whatever_context("failed to get certificate serial number as BigNumber")?
             .to_hex_str()
-            .context("failed to convert certificate serial number to hex string")
+            .whatever_context("failed to convert certificate serial number to hex string")
     }
 
-    fn sha256_digest(&self) -> anyhow::Result<DigestBytes> {
+    fn sha256_digest(&self) -> Result<DigestBytes, snafu::Whatever> {
         self.digest(MessageDigest::sha256())
-            .context("failed to get certificate digest")
+            .whatever_context("failed to get certificate digest")
     }
 }

rust/cert-tools/src/cert_ext.rs

@@ -1,8 +1,8 @@
 use std::{fs, path::PathBuf};
 
-use anyhow::{Context, ensure};
 use clap::Parser;
 use openssl::x509::X509;
+use snafu::{ResultExt, ensure_whatever};
 
 use crate::parsers::{parse_pem_contents, parse_pkcs12_file_workaround};
 
@@ -69,22 +69,22 @@ impl GeneratePkcs12 {
 }
 
 impl CertInput {
-    pub fn read(&self) -> anyhow::Result<Vec<X509>> {
-        let file_contents =
-            fs::read(self.path()).with_context(|| format!("failed to read file from {self:?}"))?;
+    pub fn read(&self) -> Result<Vec<X509>, snafu::Whatever> {
+        let file_contents = fs::read(self.path())
+            .with_whatever_context(|_| format!("failed to read file from {self:?}"))?;
 
         match self {
             CertInput::Pem(_) => {
-                let certs = parse_pem_contents(&file_contents).with_context(|| {
+                let certs = parse_pem_contents(&file_contents).with_whatever_context(|_| {
                     format!(
                         "failed to parse PEM contents from {path:?}",
                         path = self.path()
                     )
                 })?;
-                ensure!(
+                let path = self.path();
+                ensure_whatever!(
                     !certs.is_empty(),
-                    "The PEM file {path:?} contained no certificates",
-                    path = self.path()
+                    "The PEM file at {path:?} contained no certificates",
                 );
 
                 Ok(certs)

rust/cert-tools/src/cli_args.rs

@@ -1,21 +1,23 @@
 use std::{collections::HashMap, fs};
 
-use anyhow::{Context, ensure};
 use cert_ext::CertExt;
 use clap::Parser;
 use cli_args::{Cli, GeneratePkcs12};
 use openssl::x509::X509;
+use snafu::{ResultExt, ensure_whatever};
 use stackable_secret_operator_utils::pkcs12::pkcs12_truststore;
 use tracing::{info, level_filters::LevelFilter, warn};
 
 mod cert_ext;
 mod cli_args;
 mod parsers;
 
-pub fn main() -> anyhow::Result<()> {
+#[snafu::report]
+pub fn main() -> Result<(), snafu::Whatever> {
     let filter = tracing_subscriber::EnvFilter::builder()
         .with_default_directive(LevelFilter::INFO.into())
-        .from_env()?;
+        .from_env()
+        .whatever_context("failed to create tracing subscriber EnvFilter")?;
     tracing_subscriber::fmt()
         // Short running tool does not need any complex output
         .with_target(false)
@@ -32,24 +34,24 @@ pub fn main() -> anyhow::Result<()> {
     Ok(())
 }
 
-fn generate_pkcs12_truststore(cli_args: GeneratePkcs12) -> anyhow::Result<()> {
+fn generate_pkcs12_truststore(cli_args: GeneratePkcs12) -> Result<(), snafu::Whatever> {
     let certificate_sources = cli_args.certificate_sources();
-    ensure!(
+    ensure_whatever!(
         !certificate_sources.is_empty(),
         "The list of certificate sources can not be empty. Please provide at least on --pem or --pkcs12."
     );
     let certificate_sources = certificate_sources
         .iter()
         .map(|source| {
-            let certificate = source.read().with_context(|| {
+            let certificate = source.read().with_whatever_context(|_| {
                 format!(
                     "failed to read certificate source {path:?}",
                     path = source.path()
                 )
             })?;
             Ok((source, certificate))
         })
-        .collect::<anyhow::Result<Vec<_>>>()?;
+        .collect::<Result<Vec<_>, _>>()?;
 
     let mut certificates = HashMap::<Vec<u8>, X509>::new();
     for (source, certificates_list) in certificate_sources.into_iter() {
@@ -88,8 +90,8 @@ fn generate_pkcs12_truststore(cli_args: GeneratePkcs12) -> anyhow::Result<()> {
 
     let pkcs12_truststore_bytes =
         pkcs12_truststore(certificates.values().map(|c| &**c), &cli_args.out_password)
-            .context("failed to create PKCS12 truststore from certificates")?;
-    fs::write(&cli_args.out, &pkcs12_truststore_bytes).with_context(|| {
+            .whatever_context("failed to create PKCS12 truststore from certificates")?;
+    fs::write(&cli_args.out, &pkcs12_truststore_bytes).with_whatever_context(|_| {
         format!(
             "failed to write to output PKCS12 truststore at {:?}",
             cli_args.out

rust/cert-tools/src/main.rs

@@ -3,14 +3,14 @@ use std::{
     process::{Command, Stdio},
 };
 
-use anyhow::{Context, bail};
 use openssl::{pkcs12::Pkcs12, x509::X509};
+use snafu::{OptionExt, ResultExt, whatever};
 use stackable_secret_operator_utils::pem::split_pem_certificates;
 
-pub fn parse_pem_contents(pem_bytes: &[u8]) -> anyhow::Result<Vec<X509>> {
+pub fn parse_pem_contents(pem_bytes: &[u8]) -> Result<Vec<X509>, snafu::Whatever> {
     let pems = split_pem_certificates(pem_bytes);
     pems.into_iter()
-        .map(|pem| X509::from_pem(pem).context("failed to parse PEM encoded certificate"))
+        .map(|pem| X509::from_pem(pem).whatever_context("failed to parse PEM encoded certificate"))
         .collect()
 }
 
@@ -44,15 +44,18 @@ pub fn parse_pem_contents(pem_bytes: &[u8]) -> anyhow::Result<Vec<X509>> {
 /// The proper solution would be that secret-operator writes PKCS12 truststores using modern algorithms.
 /// For that we probably(?) drop the p12 crate?
 #[allow(unused)]
-pub fn parse_pkcs12_file(file_contents: &[u8], password: &str) -> anyhow::Result<Vec<X509>> {
+pub fn parse_pkcs12_file(
+    file_contents: &[u8],
+    password: &str,
+) -> Result<Vec<X509>, snafu::Whatever> {
     let parsed = Pkcs12::from_der(file_contents)
-        .context("failed to parse PKCS12 DER encoded file")?
+        .whatever_context("failed to parse PKCS12 DER encoded file")?
         .parse2(password)
-        .context("Failed to parse PKCS12 using the provided password")?;
+        .whatever_context("Failed to parse PKCS12 using the provided password")?;
 
     parsed
         .ca
-        .context("pkcs12 truststore did not contain a CA")?
+        .whatever_context("pkcs12 truststore did not contain a CA")?
         .into_iter()
         .map(Ok)
         .collect()
@@ -64,7 +67,7 @@ pub fn parse_pkcs12_file(file_contents: &[u8], password: &str) -> anyhow::Result
 pub fn parse_pkcs12_file_workaround(
     file_contents: &[u8],
     password: &str,
-) -> anyhow::Result<Vec<X509>> {
+) -> Result<Vec<X509>, snafu::Whatever> {
     let mut child = Command::new("openssl")
         .args(&[
             "pkcs12",
@@ -78,27 +81,27 @@ pub fn parse_pkcs12_file_workaround(
         .stdout(Stdio::piped())
         .stderr(Stdio::piped())
         .spawn()
-        .context("Failed to spawn openssl process")?;
+        .whatever_context("Failed to spawn openssl process")?;
 
     {
         let stdin = child
             .stdin
             .as_mut()
-            .context("Failed to open openssl process stdin")?;
+            .whatever_context("Failed to open openssl process stdin")?;
         stdin
             .write_all(file_contents)
-            .context("Failed to write PKCS12 data to openssl process stdin")?;
+            .whatever_context("Failed to write PKCS12 data to openssl process stdin")?;
     }
 
     let output = child
         .wait_with_output()
-        .context("Failed to read openssl process output")?;
+        .whatever_context("Failed to read openssl process output")?;
     if !output.status.success() {
         let stderr = String::from_utf8_lossy(&output.stderr);
-        bail!("openssl process failed with STDERR: {stderr:?}");
+        whatever!("openssl process failed with STDERR: {stderr:?}");
     }
 
-    parse_pem_contents(&output.stdout).with_context(|| {
+    parse_pem_contents(&output.stdout).with_whatever_context(|_| {
         format!(
             "failed to parse openssl process output, which should be PEM. STDOUT: {stdout}?",
             stdout = String::from_utf8_lossy(&output.stdout)