fix: Security services' bootstrap handler return true/false properly (#…

…4107)

* fix: File Token Provider handler return true/false properly

Also updated to latest go mods which exposed this issue.

fixe #4106

Signed-off-by: Leonard Goodell <leonard.goodell@intel.com>

* fix: Proper retun value from bootstrap handlers

Signed-off-by: Leonard Goodell <leonard.goodell@intel.com>

* fix: config and spiffy token provider

Signed-off-by: Leonard Goodell <leonard.goodell@intel.com>

* fix: Switch one shot services to use RunAndReturnWaitGroup

Signed-off-by: Leonard Goodell <leonard.goodell@intel.com>

* fix: Removed unneed explist ignore of return parameters

Signed-off-by: Leonard Goodell <leonard.goodell@intel.com>

go.mod

@@ -2,19 +2,19 @@ module github.com/edgexfoundry/edgex-go
 
 require (
 	bitbucket.org/bertimus9/systemstat v0.0.0-20180207000608-0eeff89b0690
-	github.com/edgexfoundry/go-mod-bootstrap/v2 v2.2.0
-	github.com/edgexfoundry/go-mod-core-contracts/v2 v2.2.0
+	github.com/edgexfoundry/go-mod-bootstrap/v2 v2.3.0-dev.10
+	github.com/edgexfoundry/go-mod-core-contracts/v2 v2.3.0-dev.13
 	github.com/edgexfoundry/go-mod-messaging/v2 v2.3.0-dev.12
 	github.com/edgexfoundry/go-mod-registry/v2 v2.2.0
-	github.com/edgexfoundry/go-mod-secrets/v2 v2.2.0
+	github.com/edgexfoundry/go-mod-secrets/v2 v2.2.1-dev.5
 	github.com/fxamacker/cbor/v2 v2.4.0
 	github.com/golang-jwt/jwt/v4 v4.4.2
 	github.com/gomodule/redigo v1.8.9
 	github.com/google/uuid v1.3.0
 	github.com/gorilla/mux v1.8.0
 	github.com/lib/pq v1.10.6
 	github.com/pelletier/go-toml v1.9.5
-	github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a
+	github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475
 	github.com/spiffe/go-spiffe/v2 v2.1.1
 	github.com/stretchr/testify v1.8.0
 	golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e
@@ -30,11 +30,11 @@ require (
 	github.com/eclipse/paho.mqtt.golang v1.4.1 // indirect
 	github.com/edgexfoundry/go-mod-configuration/v2 v2.2.0 // indirect
 	github.com/fatih/color v1.9.0 // indirect
-	github.com/go-kit/log v0.2.0 // indirect
+	github.com/go-kit/log v0.2.1 // indirect
 	github.com/go-logfmt/logfmt v0.5.1 // indirect
 	github.com/go-playground/locales v0.14.0 // indirect
 	github.com/go-playground/universal-translator v0.18.0 // indirect
-	github.com/go-playground/validator/v10 v10.10.1 // indirect
+	github.com/go-playground/validator/v10 v10.11.0 // indirect
 	github.com/go-redis/redis/v7 v7.3.0 // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/gorilla/websocket v1.4.2 // indirect

go.sum

@@ -32,18 +32,18 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/eclipse/paho.mqtt.golang v1.4.1 h1:tUSpviiL5G3P9SZZJPC4ZULZJsxQKXxfENpMvdbAXAI=
 github.com/eclipse/paho.mqtt.golang v1.4.1/go.mod h1:JGt0RsEwEX+Xa/agj90YJ9d9DH2b7upDZMK9HRbFvCA=
-github.com/edgexfoundry/go-mod-bootstrap/v2 v2.2.0 h1:4UVNGRaKbkH5aEhQrto26Q65ydmhZYReRw/6ZNQ5J5E=
-github.com/edgexfoundry/go-mod-bootstrap/v2 v2.2.0/go.mod h1:JKRxVTC5g1IRoQuT6T7pW6O6XnfjQTZgFjEazPHAHng=
+github.com/edgexfoundry/go-mod-bootstrap/v2 v2.3.0-dev.10 h1:6gvrvqpXWS68wDkRAzmnkblUBZIadGpjlGZXuahfgyQ=
+github.com/edgexfoundry/go-mod-bootstrap/v2 v2.3.0-dev.10/go.mod h1:HTrESzn1iz6C3Sg+3ZDBtklpkCxHX0Cf8sGFAFlwM8s=
 github.com/edgexfoundry/go-mod-configuration/v2 v2.2.0 h1:AZeaAPJM5X93ITFgwbwluYDtYEJ7tkCMSlj35GwfLLU=
 github.com/edgexfoundry/go-mod-configuration/v2 v2.2.0/go.mod h1:YP17JhMnXTitowXE13QJwFaKo0oc03iyoKLjWAYl4FE=
-github.com/edgexfoundry/go-mod-core-contracts/v2 v2.2.0 h1:Sfi9jAIgRXZaJQw8Ji6+8//47D+iOyGiXQSNZXhy3HE=
-github.com/edgexfoundry/go-mod-core-contracts/v2 v2.2.0/go.mod h1:jyfVSx7mI3u/o/oo10COxBRBvJ8O/9I3z2xAwPmNt/Q=
+github.com/edgexfoundry/go-mod-core-contracts/v2 v2.3.0-dev.13 h1:lPjtuVk2QXoUxs6sAsb0qflxmREB5kgHIjFrkNNnx6A=
+github.com/edgexfoundry/go-mod-core-contracts/v2 v2.3.0-dev.13/go.mod h1:YdJ0iBWad86sgOs6am01mE3IAX6d22H08f/enVho4TU=
 github.com/edgexfoundry/go-mod-messaging/v2 v2.3.0-dev.12 h1:YdO9V8pSFK3L2FSpPru3OulK0kFCt96+tsdxTtkfeqk=
 github.com/edgexfoundry/go-mod-messaging/v2 v2.3.0-dev.12/go.mod h1:yLJ9EK4Feg409FDr0oP87LbaRLyOSGJk/ikaIfEDKcI=
 github.com/edgexfoundry/go-mod-registry/v2 v2.2.0 h1:dk9ul1t7INAiyZXeu/GrpinFE3qOekdy8uZOqEGgIiE=
 github.com/edgexfoundry/go-mod-registry/v2 v2.2.0/go.mod h1:DUQRnAd5fVzoROc5SI+PTFUD/vCNeZmZHBMrLElbmwI=
-github.com/edgexfoundry/go-mod-secrets/v2 v2.2.0 h1:Rqr1CgBXppAeehCkPAHQ6hjyLlm2KTR4IKiKpExm7gg=
-github.com/edgexfoundry/go-mod-secrets/v2 v2.2.0/go.mod h1:dQiOiga0KMGHXqFs4nI+Rp19hQR3gZ+3lDRgI9x5Q7M=
+github.com/edgexfoundry/go-mod-secrets/v2 v2.2.1-dev.5 h1:B6LCod0L4qh/+zZdzoMucL7lArZrT1NIpT5naya+CXU=
+github.com/edgexfoundry/go-mod-secrets/v2 v2.2.1-dev.5/go.mod h1:h/FohFNY8xHalioLg1bhjAuEj0z+danSDtixirvaXmQ=
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
@@ -58,8 +58,8 @@ github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMo
 github.com/fxamacker/cbor/v2 v2.4.0 h1:ri0ArlOR+5XunOP8CRUowT0pSJOwhW098ZCUyskZD88=
 github.com/fxamacker/cbor/v2 v2.4.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo=
 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
-github.com/go-kit/log v0.2.0 h1:7i2K3eKTos3Vc0enKCfnVcgHh2olr/MyfboYq7cAcFw=
-github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0=
+github.com/go-kit/log v0.2.1 h1:MRVx0/zhvdseW+Gza6N9rVzU/IVzaeE1SFI4raAhmBU=
+github.com/go-kit/log v0.2.1/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0=
 github.com/go-logfmt/logfmt v0.5.1 h1:otpy5pqBCBZ1ng9RQ0dPu4PN7ba75Y/aA+UpowDyNVA=
 github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs=
 github.com/go-playground/assert/v2 v2.0.1 h1:MsBgLAaY856+nPRTKrp3/OZK38U/wa0CcBYNjji3q3A=
@@ -68,8 +68,8 @@ github.com/go-playground/locales v0.14.0 h1:u50s323jtVGugKlcYeyzC0etD1HifMjqmJqb
 github.com/go-playground/locales v0.14.0/go.mod h1:sawfccIbzZTqEDETgFXqTho0QybSa7l++s0DH+LDiLs=
 github.com/go-playground/universal-translator v0.18.0 h1:82dyy6p4OuJq4/CByFNOn/jYrnRPArHwAcmLoJZxyho=
 github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA=
-github.com/go-playground/validator/v10 v10.10.1 h1:uA0+amWMiglNZKZ9FJRKUAe9U3RX91eVn1JYXMWt7ig=
-github.com/go-playground/validator/v10 v10.10.1/go.mod h1:i+3WkQ1FvaUjjxh1kSvIA4dMGDBiPU55YFDl0WbKdWU=
+github.com/go-playground/validator/v10 v10.11.0 h1:0W+xRM511GY47Yy3bZUbJVitCNg2BOGlCyvTqsp/xIw=
+github.com/go-playground/validator/v10 v10.11.0/go.mod h1:i+3WkQ1FvaUjjxh1kSvIA4dMGDBiPU55YFDl0WbKdWU=
 github.com/go-redis/redis/v7 v7.3.0 h1:3oHqd0W7f/VLKBxeYTEpqdMUsmMectngjM9OtoRoIgg=
 github.com/go-redis/redis/v7 v7.3.0/go.mod h1:JDNMw23GTyLNC4GZu9njt15ctBQVn7xjRfnwdHj/Dcg=
 github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs=
@@ -218,8 +218,8 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
 github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
 github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a h1:9ZKAASQSHhDYGoxY8uLVpewe1GDZ2vu2Tr/vTdVAkFQ=
-github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
+github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 h1:N/ElC8H3+5XpJzTSTfLsJV/mx9Q9g7kxmchpfZyxgzM=
+github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
 github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
 github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8=

internal/security/config/bootstraphandler.go

@@ -45,6 +45,7 @@ func (b *Bootstrap) BootstrapHandler(_ context.Context, _ *sync.WaitGroup, _ sta
 	err = flagSet.Parse(os.Args[1:])
 	if err != nil {
 		lc.Error(err.Error())
+		return false
 	}
 
 	subcommandArgs := []string{}
@@ -74,9 +75,10 @@ func (b *Bootstrap) BootstrapHandler(_ context.Context, _ *sync.WaitGroup, _ sta
 	exitStatusCode, err := command.Execute()
 	if err != nil {
 		lc.Error(err.Error())
+		return false
 	}
 	b.exitStatusCode = exitStatusCode
-	return false
+	return true
 }
 
 func (b *Bootstrap) ExitStatusCode() int {

internal/security/config/main.go

@@ -51,19 +51,21 @@ func Main(ctx context.Context, cancel context.CancelFunc) int {
 
 	serviceHandler := NewBootstrap()
 
-	bootstrap.Run(
+	bootstrap.RunAndReturnWaitGroup(
 		ctx,
 		cancel,
 		f,
 		securitySecretsConfigServiceKey,
 		internal.ConfigStemSecurity,
 		configuration,
+		nil,
 		startupTimer,
 		dic,
 		false,
 		[]interfaces.BootstrapHandler{
 			serviceHandler.BootstrapHandler,
 		},
 	)
+
 	return serviceHandler.ExitStatusCode()
 }

internal/security/fileprovider/init.go

@@ -36,18 +36,10 @@ import (
 )
 
 type Bootstrap struct {
-	exitCode int
 }
 
 func NewBootstrap() *Bootstrap {
-	return &Bootstrap{
-		exitCode: 0,
-	}
-}
-
-// ExitCode returns desired exit code of program
-func (b *Bootstrap) ExitCode() int {
-	return b.exitCode
+	return &Bootstrap{}
 }
 
 // BootstrapHandler fulfills the BootstrapHandler contract and performs initialization needed by the data service.
@@ -81,7 +73,6 @@ func (b *Bootstrap) BootstrapHandler(_ context.Context, _ *sync.WaitGroup, _ sta
 	client, err := secrets.NewSecretStoreClient(clientConfig, lc, requester)
 	if err != nil {
 		lc.Errorf("error occurred creating SecretStoreClient: %s", err.Error())
-		b.exitCode = 1
 		return false
 	}
 
@@ -92,8 +83,8 @@ func (b *Bootstrap) BootstrapHandler(_ context.Context, _ *sync.WaitGroup, _ sta
 
 	if err != nil {
 		lc.Errorf("error occurred generating tokens: %s", err.Error())
-		b.exitCode = 1
+		return false
 	}
 
-	return false // Tell bootstrap.Run() to exit wait loop and terminate
+	return true
 }

internal/security/fileprovider/main.go

@@ -55,13 +55,14 @@ func Main(ctx context.Context, cancel context.CancelFunc) {
 
 	bootStrapper := NewBootstrap()
 
-	bootstrap.Run(
+	_, _, success := bootstrap.RunAndReturnWaitGroup(
 		ctx,
 		cancel,
 		f,
 		common.SecurityFileTokenProviderServiceKey,
 		internal.ConfigStemSecurity,
 		configuration,
+		nil,
 		startupTimer,
 		dic,
 		false,
@@ -70,5 +71,7 @@ func Main(ctx context.Context, cancel context.CancelFunc) {
 		},
 	)
 
-	os.Exit(bootStrapper.ExitCode())
+	if !success {
+		os.Exit(1)
+	}
 }

internal/security/proxy/init.go

@@ -98,5 +98,5 @@ func (b *Bootstrap) BootstrapHandler(_ context.Context, _ *sync.WaitGroup, _ sta
 		b.haltIfError(lc, s.ResetProxy())
 	}
 
-	return false
+	return true
 }

internal/security/proxy/main.go

@@ -62,13 +62,14 @@ func Main(ctx context.Context, cancel context.CancelFunc) {
 		},
 	})
 
-	bootstrap.Run(
+	_, _, success := bootstrap.RunAndReturnWaitGroup(
 		ctx,
 		cancel,
 		f,
 		common.SecurityProxySetupServiceKey,
 		internal.ConfigStemSecurity,
 		configuration,
+		nil,
 		startupTimer,
 		dic,
 		true,
@@ -79,4 +80,8 @@ func Main(ctx context.Context, cancel context.CancelFunc) {
 				resetNeeded).BootstrapHandler,
 		},
 	)
+
+	if !success {
+		os.Exit(1)
+	}
 }

internal/security/secretstore/init.go

@@ -267,7 +267,7 @@ func (b *Bootstrap) BootstrapHandler(ctx context.Context, _ *sync.WaitGroup, _ s
 	rootToken, err = client.RegenRootToken(initResponse.Keys)
 	if err != nil {
 		lc.Errorf("could not regenerate root token %s", err.Error())
-		os.Exit(1)
+		return false
 	}
 	defer func() {
 		// Revoke transient root token at the end of this function
@@ -285,7 +285,7 @@ func (b *Bootstrap) BootstrapHandler(ctx context.Context, _ *sync.WaitGroup, _ s
 			initResponse.RootToken = ""
 			if err := saveInitResponse(lc, fileOpener, secretStoreConfig, &initResponse); err != nil {
 				lc.Errorf("unable to save init response: %s", err.Error())
-				os.Exit(1)
+				return false
 			}
 			lc.Info("Root token stripped from init response (on disk) for security reasons")
 		}
@@ -309,7 +309,7 @@ func (b *Bootstrap) BootstrapHandler(ctx context.Context, _ *sync.WaitGroup, _ s
 			CreateAndWrite(rootToken, secretStoreConfig.TokenProviderAdminTokenPath, tokenMaintenance.CreateTokenIssuingToken)
 		if err != nil {
 			lc.Errorf("failed to create token issuing token: %s", err.Error())
-			os.Exit(1)
+			return false
 		}
 		if secretStoreConfig.TokenProviderType == OneShotProvider {
 			// Revoke the admin token at the end of the current function if running a one-shot provider
@@ -323,11 +323,11 @@ func (b *Bootstrap) BootstrapHandler(ctx context.Context, _ *sync.WaitGroup, _ s
 	if secretStoreConfig.TokenProvider != "" {
 		if err := tokenProvider.SetConfiguration(secretStoreConfig); err != nil {
 			lc.Errorf("failed to configure token provider: %s", err.Error())
-			os.Exit(1)
+			return false
 		}
 		if err := tokenProvider.Launch(); err != nil {
 			lc.Errorf("token provider failed: %s", err.Error())
-			os.Exit(1)
+			return false
 		}
 	} else {
 		lc.Info("no token provider configured")
@@ -337,13 +337,13 @@ func (b *Bootstrap) BootstrapHandler(ctx context.Context, _ *sync.WaitGroup, _ s
 	if err := secretsengine.New(secretsengine.KVSecretsEngineMountPoint, secretsengine.KeyValue).
 		Enable(&rootToken, lc, client); err != nil {
 		lc.Errorf("failed to enable KV secrets engine: %s", err.Error())
-		os.Exit(1)
+		return false
 	}
 
 	knownSecretsToAdd, err := b.getKnownSecretsToAdd()
 	if err != nil {
 		lc.Error(err.Error())
-		os.Exit(1)
+		return false
 	}
 
 	// credential creation
@@ -367,14 +367,14 @@ func (b *Bootstrap) BootstrapHandler(ctx context.Context, _ *sync.WaitGroup, _ s
 	if err != nil {
 		if err != errNotFound {
 			lc.Error("failed to determine if Redis credentials already exist or not: %w", err)
-			os.Exit(1)
+			return false
 		}
 
 		lc.Info("Generating new password for Redis DB")
 		defaultPassword, err := cred.GeneratePassword(ctx)
 		if err != nil {
 			lc.Error("failed to generate default password")
-			os.Exit(1)
+			return false
 		}
 
 		redisCredentials = UserPasswordPair{
@@ -403,7 +403,7 @@ func (b *Bootstrap) BootstrapHandler(ctx context.Context, _ *sync.WaitGroup, _ s
 			err = addServiceCredential(lc, "redisdb", cred, service, redisCredentials)
 			if err != nil {
 				lc.Error(err.Error())
-				os.Exit(1)
+				return false
 			}
 		}
 	}
@@ -413,13 +413,13 @@ func (b *Bootstrap) BootstrapHandler(ctx context.Context, _ *sync.WaitGroup, _ s
 	err = addDBCredential(lc, "security-bootstrapper-redis", cred, "redisdb", redisCredentials)
 	if err != nil {
 		lc.Error(err.Error())
-		os.Exit(1)
+		return false
 	}
 
 	err = ConfigureSecureMessageBus(configuration.SecureMessageBus, redisCredentials, lc)
 	if err != nil {
 		lc.Errorf("failed to configure for Secure Message Bus: %s", err.Error())
-		os.Exit(1)
+		return false
 	}
 
 	// Concat all cert path secretStore values together to check for empty values
@@ -435,7 +435,7 @@ func (b *Bootstrap) BootstrapHandler(ctx context.Context, _ *sync.WaitGroup, _ s
 		existing, err := cert.AlreadyInStore()
 		if err != nil {
 			lc.Error(err.Error())
-			os.Exit(1)
+			return false
 		}
 
 		if existing {
@@ -447,7 +447,7 @@ func (b *Bootstrap) BootstrapHandler(ctx context.Context, _ *sync.WaitGroup, _ s
 		cp, err := cert.ReadFrom(secretStoreConfig.CertFilePath, secretStoreConfig.KeyFilePath)
 		if err != nil {
 			lc.Error("failed to get certificate pair from volume")
-			os.Exit(1)
+			return false
 		}
 
 		lc.Info("proxy certificate pair are loaded from volume successfully, will upload to secret store")
@@ -456,7 +456,7 @@ func (b *Bootstrap) BootstrapHandler(ctx context.Context, _ *sync.WaitGroup, _ s
 		if err != nil {
 			lc.Error("failed to upload the proxy cert pair into the secret store")
 			lc.Error(err.Error())
-			os.Exit(1)
+			return false
 		}
 
 		lc.Info("proxy certificate pair are uploaded to secret store successfully")
@@ -471,15 +471,15 @@ func (b *Bootstrap) BootstrapHandler(ctx context.Context, _ *sync.WaitGroup, _ s
 	if err := secretsengine.New(secretsengine.ConsulSecretEngineMountPoint, secretsengine.Consul).
 		Enable(&rootToken, lc, client); err != nil {
 		lc.Errorf("failed to enable Consul secrets engine: %s", err.Error())
-		os.Exit(1)
+		return false
 	}
 
 	// generate a management token for Consul secrets engine operations:
 	tokenFileWriter := tokenfilewriter.NewWriter(lc, client, fileOpener)
 	if _, err := tokenFileWriter.CreateAndWrite(rootToken, configuration.SecretStore.ConsulSecretsAdminTokenPath,
 		tokenFileWriter.CreateMgmtTokenForConsulSecretsEngine); err != nil {
 		lc.Errorf("failed to create and write the token for Consul secret management: %s", err.Error())
-		os.Exit(1)
+		return false
 	}
 
 	// Configure Kong Admin API
@@ -510,10 +510,11 @@ func (b *Bootstrap) BootstrapHandler(ctx context.Context, _ *sync.WaitGroup, _ s
 	err = ka.Setup()
 	if err != nil {
 		lc.Errorf("failed to configure the Kong Admin API: %s", err.Error())
+		return false
 	}
 
 	lc.Info("Vault init done successfully")
-	return false
+	return true
 
 }