Async

src/monitor.rs

@@ -107,10 +107,10 @@ async fn inspect<CS, VV>(
                         log::data("touched", &spec.name); //TODO: improve logging
                         if should_issue {
                             log::data("(re-)issuing", &spec.name); //TODO: improve logging
-                            let _ = tx.send(spec.to_owned()).await.map_err(|e| {
+                            tx.send(spec.to_owned()).await.map_err(|e| {
                                 log::error("failed to send certspec to issue channel", &e);
                                 metrics::new_event(&spec.name, MetricsType::Failure);
-                            });
+                            }).unwrap();
                         }
                     }
                     Err(e) => {

src/vault.rs

@@ -362,7 +362,7 @@ impl VaultData {
 }
 
 impl VaultSpec {
-    async fn write_meta_file(&self, config: &ConfigContainer) -> Result<(), VaultError> {
+    async fn write_meta_file(&self, config: &ConfigContainer) -> Result<(), TouchError> {
         let monitor_config = config.get_vault_monitor_config()?;
         let persist_spec = monitor_config.to_persist_spec(&self);
 
@@ -371,26 +371,23 @@ impl VaultSpec {
             &persist_spec.secret_id_path,
             &persist_spec.vault_addr,
         )
-        .await?;
-
-        let raw_read: Result<VaultData, ClientError> =
-            kv2::read(&*client, &persist_spec.kv_mount, &persist_spec.paths.meta).await;
-
-        match raw_read {
-            Ok(value) => {
-                let time_stamp = chrono::DateTime::parse_from_rfc3339(&value.borrow())?;
-                let diff = chrono::Utc::now().signed_duration_since(time_stamp);
-                match diff
-                    > chrono::Duration::milliseconds(
-                        config.faythe_config.issue_grace as i64,
-                    ) {
-                    true => Ok(()),
-                    false => Err(VaultError::RecentlyTouched),
-                }
-            }
-            Err(_err @ ClientError::APIError { code: 404, .. }) => Ok(()), // if the key doesn't exist, just create it
-            Err(err) => Err(err.into()), // unexpected Vault-error
-        }
+        .await.map_err(|e| {
+            log::error("vault/touch: auth failure", &e);
+            TouchError::Failed
+        })?;
+
+        kv2::set(
+            &*client,
+            &persist_spec.kv_mount,
+            &persist_spec.paths.meta,
+            &kv_data(chrono::Utc::now().to_rfc3339()),
+        )
+        .await
+        .map_err(|e| {
+            log::error("vault/touch: kv2::set failure", &e);
+            TouchError::Failed
+        })
+        .map(|_| ())
     }
 }
 
@@ -410,27 +407,6 @@ impl CertSpecable for VaultSpec {
         let monitor_config = config.get_vault_monitor_config()?;
         let persist_spec = monitor_config.to_persist_spec(&self);
 
-        let client = authenticate(
-            &persist_spec.role_id_path,
-            &persist_spec.secret_id_path,
-            &persist_spec.vault_addr,
-        )
-        .await.map_err(|e| {
-            log::error("vault/touch: auth failure", &e);
-            TouchError::Failed
-        })?;
-
-        kv2::set(
-            &*client,
-            &persist_spec.kv_mount,
-            &persist_spec.paths.meta,
-            &kv_data(chrono::Utc::now().to_rfc3339()),
-        )
-        .await.map_err(|e| {
-            log::error("vault/touch: kv2::set failure", &e);
-            TouchError::Failed
-        })?;
-
         self.write_meta_file(config).await.map_err(|e| {
             log::error("failed to write meta file", &e);
             TouchError::Failed
@@ -441,7 +417,7 @@ impl CertSpecable for VaultSpec {
     async fn should_retry(&self, config: &ConfigContainer) -> bool {
         match self.write_meta_file(config).await {
             Ok(()) => true,
-            Err(VaultError::RecentlyTouched) => false, // who cares, don't log this
+            Err(TouchError::RecentlyTouched) => false, // who cares, don't log this
             Err(err) => {
                 log::error("failed to read faythe meta-entry from vault", &err);
                 false