Wrap Infisical auth HTTPStatusError as ProviderError#23
Merged
Conversation
The error-handling cleanup in #7 wrapped lookup-path httpx errors but missed psi/providers/infisical/auth.py:_parse_token_response. When Infisical returned 502 during its own boot, the raw HTTPStatusError escaped through psi setup's retry loop and surfaced as the CLI bug-report panel instead of a clean error message. Wrap the auth response in ProviderError with the status code and a body snippet, preserving __cause__ so setup._is_retryable still unwraps and retries 502/503/404. Add httpx.HTTPError as a last-resort catch in cli.main() so any future stray httpx exception lands as "Network error" instead of the bug panel. Tests: unit coverage for _parse_token_response wrapping; setup retry tests covering a 502 wrapped as ProviderError retrying through all attempts and a 401 wrapped as ProviderError failing immediately; CLI tests for the httpx fallback branch.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
psi/providers/infisical/auth.py:_parse_token_responsenow wrapshttpx.HTTPStatusErrorasProviderErrorwith the status code and a body snippet. Previously, a 502 from Infisical's auth endpoint (e.g. during its own boot) escaped throughpsi setup's retry loop and surfaced as the CLI bug-report panel. The wrap preserves__cause__sosetup._is_retryablestill unwraps and retries 502/503/404.psi/cli.py:main()gains anhttpx.HTTPErrorcatch as a last-resort fallback, so any stray httpx exception from future code paths lands asError: Network error: …instead of "Internal error — this is a bug."Test plan
pytest tests/test_infisical_auth.py— new:_parse_token_responsehappy path, 502 →ProviderErrorwith cause, 401 with body snippet.pytest tests/test_setup.py— new: 502 wrapped asProviderErrorretries through all 6 attempts via__cause__unwrap; 401 wrapped asProviderErrorfails immediately (non-retryable).pytest tests/test_cli_error_handling.py— new:httpx.ConnectErrorandhttpx.HTTPStatusErrorescapingapp()exit 1 with "Network error", not the bug panel.ruff check/ruff format --check/ty check— all clean.