search

Azure / azure-sdk-for-rust

This repository is for active development of the *unofficial* Azure SDK for Rust. This repository is *not* supported by the Azure SDK team.
MIT License
676 stars 231 forks source link

SecretClient not working on Linux #1676

Closed milen-denev closed 2 weeks ago

milen-denev commented 3 weeks ago

Key Client not working on Linux:

I Either get: non-io error occurred which will not be retried or I get: 404.

The exact same code works fine on Windows.


const KEYVAULT_URL: &str  = "https://some-vault.vault.azure.net/";

const CLIENT: Lazy<SecretClient> = Lazy::new(|| { 
    let creds = init_client();
    let arc_token_credential = Arc::new(creds);
    let client = SecretClient::new(&KEYVAULT_URL, arc_token_credential).unwrap();

    return client;
});

fn init_client() -> ClientSecretCredential {
    let client_id = "client".to_string();
    let client_secret = "secret".to_string();
    let tenant_id = "tenant".to_string();

    let http_client = azure_core::new_http_client();

    let cred = ClientSecretCredential::new(
        http_client,
        Url::from_str("https://login.microsoftonline.com").unwrap(), 
        tenant_id, 
        client_id, 
        client_secret);

    return cred;
}

pub async fn get_secret(name: &str) -> Option<String> {
    let secret = CLIENT.get(name).await;   
    if let Ok(val) = secret {
        return Some(val.value);
    }
    else {
        let error = secret.unwrap_err();
        error!("Error getting secret: {}", error.to_string());
        None
    }
}
heaths commented 2 weeks ago

I had to make a couple of small changes to actually get the code to repro, but it worked for me. Please make sure you're using the latest versions of azure_core, azure_identity, and azure_security_keyvault:

use azure_core::Url;
use azure_identity::*;
use azure_security_keyvault::*;
use once_cell::sync::Lazy;
use std::{str::FromStr, sync::Arc};
use tracing::error;

const KEYVAULT_URL: &str = "https://heathskv2.vault.azure.net/";

const CLIENT: Lazy<SecretClient> = Lazy::new(|| {
    let creds = init_client();
    let arc_token_credential = Arc::new(creds);
    let client = SecretClient::new(&KEYVAULT_URL, arc_token_credential).unwrap();

    return client;
});

fn init_client() -> AzureCliCredential {
    let http_client = azure_core::new_http_client();

    let cred = AzureCliCredential::new();
    return cred;
}

pub async fn get_secret(name: &str) -> Option<String> {
    let secret = CLIENT.get(name).await;
    if let Ok(val) = secret {
        return Some(val.value);
    } else {
        let error = secret.unwrap_err();
        error!("Error getting secret: {}", error.to_string());
        None
    }
}

#[tokio::main]
async fn main() {
    let secret = get_secret("test-secret").await.unwrap();
    println!("{secret}");
}