tower-cli
tower-cli copied to clipboard
Improve error message for unauthorized launches
Description
When a user with Launch role tries to launch a new pipeline using URL the resulting error message is confusing and non-descriptive.
A Launch user does not have permission to create a new pipeline from a URL and launch it, so the failure is expected. However, the error message should mention the cause of the failure: the insufficient role level. Instead, the error message is:
ERROR: Unknown. Check that the provided identifier is correct.
Steps to reproduce
- As an admin user: create an organization, workspace and valid compute environment marked as "primary"
- Add a new user as participant to the workspace with role
Launch - As a launch user: setup a new tower access token to use the CLI
- Try launching a new pipeline from URL in the workspace as launcher user:
$> tw launch launch https://github.com/nextflow-io/hello -w Org/Wsp
- The launch attempt should fail with:
ERROR: Unknown. Check that the provided identifier is correct.
- If there is already a pipeline created by admin user the launch user should be able to launch it by name as usual:
$> tw launch launch TestHello -w Org/Wsp
Suggested fix
Capture the ApiException thrown and check the http response code.
If the code is 403 add "role insufficient" to the resulting error msg.