incorporated code review feedback 8/16

Author: candysmurf

README.md

@@ -335,18 +335,17 @@ Signed: false
 Loaded Time: Mon, 14 Aug 2017 22:25:16 PDT
 ```
 
-##### Error One
+Notice that only GRPC plugins are supported. There is also a requirement to use trusted CA and providing both plugin-cert and plugin-key. Below common error messages are presented that you might receive if one of those requirements are not fulfilled.
+
+##### Case 1: Missing plugin key
 
 ```sh
 ▶ snaptel plugin load --plugin-cert=snaptest-srv.crt  --plugin-ca-certs=snaptest-ca.crt ../snap-plugin-lib-go/rand-collector
 Error: Both plugin certification and key are mandatory.
 Usage: load <plugin_path> [--plugin-cert=<plugin_cert_path> --plugin-key=<plugin_key_path> --plugin-ca-certs=<ca_cert_paths>]
 ```
 
-> What happened: Both `plugin-cert` and `plugin-key` are mandatory.
-
-
-##### Error Two
+##### Case 2: Using untrusted CA
 
 ```sh
 ▶ snaptel plugin load --plugin-cert=snaptest-srv.crt --plugin-key=snaptest-srv.key --plugin-ca-certs=snaptest-ca.crt ../snap-plugin-lib-go/rand-collector
@@ -355,15 +354,11 @@ Usage: load <plugin_path> [--plugin-cert=<plugin_cert_path> --plugin-key=<plugin
 
 ```
 
-> What happened: Did you start `snapteld` with CA cert or put the trusted CA in your OS/APP trust store?
-
-##### Error Three
+##### Case 3: Trying to set TLS GRPC communication for non-GRPC plugin
 
 ```sh
 ▶ snaptel plugin load --plugin-cert snaptest-srv.crt --plugin-key snaptest-srv.key --plugin-ca-certs snaptest-ca.crt ../snap/snap-plugin-collector-mock1
 Error: secure framework can't connect to insecure plugin; plugin_name: mock
 Usage: load <plugin_path> [--plugin-cert=<plugin_cert_path> --plugin-key=<plugin_key_path> --plugin-ca-certs=<ca_cert_paths>]
 ```
 
->What happened: The TLS is only supported for GRPC plugins. Restarting `snapteld` without TLS to load non-GRPC plugins.
-

snaptel/common.go

@@ -23,7 +23,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
-	"strings"
 
 	"golang.org/x/crypto/ssh/terminal"
 
@@ -130,6 +129,8 @@ func getErrorDetail(err error, ctx *cli.Context) error {
 		return newUsageError(fmt.Sprintf("%v", err.(*plugins.GetPluginConfigItemBadRequest).Payload.ErrorMessage), ctx)
 	case *plugins.GetPluginConfigItemUnauthorized:
 		return newUsageError(fmt.Sprintf("%v", err.(*plugins.GetPluginConfigItemUnauthorized).Payload.Message), ctx)
+	case *plugins.LoadPluginDefault:
+		return newUsageError(fmt.Sprintf("%v", err.(*plugins.LoadPluginDefault).Message), ctx)
 	case *tasks.GetTaskNotFound:
 		return newUsageError(fmt.Sprintf("%v", err.(*tasks.GetTaskNotFound).Payload.ErrorMessage), ctx)
 	case *tasks.GetTaskUnauthorized:
@@ -149,10 +150,6 @@ func getErrorDetail(err error, ctx *cli.Context) error {
 	case *tasks.UpdateTaskStateUnauthorized:
 		return newUsageError(fmt.Sprintf("%v", err.(*tasks.UpdateTaskStateUnauthorized).Payload.Message), ctx)
 	default:
-		// this is a hack
-		if strings.Contains(err.Error(), "tls: oversized record") || strings.Contains(err.Error(), "malformed HTTP response") {
-			return newUsageError(extractError(err.Error()), ctx)
-		}
 		return newUsageError(fmt.Sprintf("Error: %v", err), ctx)
 	}
 }
@@ -221,19 +218,3 @@ func BasicAuth(ctx *cli.Context) runtime.ClientAuthInfoWriter {
 	}
 	return nil
 }
-
-// extractError is a hack for SSL/TLS handshake error.
-func extractError(m string) string {
-	ts := strings.Split(m, "\"")
-
-	var tss []string
-	if len(ts) > 0 {
-		tss = strings.Split(ts[0], "malformed")
-	}
-
-	errMsg := "Error connecting to API. Do you have an http/https mismatching API request?"
-	if len(tss) > 0 {
-		errMsg = tss[0] + errMsg
-	}
-	return errMsg
-}