search

Azure / get-keyvault-secrets

Automate your GitHub workflows using Azure Action for Key Vault
MIT License
38 stars 44 forks source link

Action never fails when trying to access non-existing KV #32

Open MirzaMerdovic opened 2 years ago

MirzaMerdovic commented 2 years ago

Hi,

I noticed this by accident, but what appears to happen is when I try to fetch a secret from a non-existing KV the action never fails but hangs there for ever

I waited for 10-15 minutes, and at the end had to cancel my workflow image

Here is how the action itself is being used:

- name: Fetch Neo4j password from KV
        id: getSecrets
        uses: Azure/get-keyvault-secrets@v1
        with:
          keyvault: 'cb-${{ github.event.inputs.environment }}-kv'
          secrets: 'neo4j-password'

Here are the logs:

##[debug]Evaluating condition for step: 'Fetch Neo4j password from KV'
##[debug]Evaluating: success()
##[debug]Evaluating success:
##[debug]=> true
##[debug]Result: true
##[debug]Starting: Fetch Neo4j password from KV
##[debug]Loading inputs
##[debug]Evaluating: format('cb-***0***-kv', github.event.inputs.environment)
##[debug]Evaluating format:
##[debug]..Evaluating String:
##[debug]..=> 'cb-***0***-kv'
##[debug]..Evaluating Index:
##[debug]....Evaluating Index:
##[debug]......Evaluating Index:
##[debug]........Evaluating github:
##[debug]........=> Object
##[debug]........Evaluating String:
##[debug]........=> 'event'
##[debug]......=> Object
##[debug]......Evaluating String:
##[debug]......=> 'inputs'
##[debug]....=> Object
##[debug]....Evaluating String:
##[debug]....=> 'environment'
##[debug]..=> 'testing'
##[debug]=> 'cb-testing-kv'
##[debug]Result: 'cb-testing-kv'
##[debug]Loading env
Run Azure/get-keyvault-secrets@v1
  with:
    keyvault: cb-testing-kv
    secrets: neo4j-password
  env:
    AZURE_CREDENTIALS: ***
    AZURE_DEPLOYMENT_NAME: testing-neo4j-[2](https://github.com/***/orchestration/runs/6175537982?check_suite_focus=true#step:4:2)2266400[3](https://github.com/***/orchestration/runs/6175537982?check_suite_focus=true#step:4:3)9
    AZURE_HTTP_USER_AGENT: 
    AZUREPS_HOST_ENVIRONMENT: 
##[debug]try-get AzureCLIAuthorizer
##[debug]"/usr/bin/az" account show
##[debug]"/usr/bin/az" cloud show
##[debug]"/usr/bin/az" cloud show --query name
Running keyvault action against AzureCloud
##[debug]"/usr/bin/az" account get-access-token
::add-mask::***
##[debug][GET] https://cb-testing-kv.vault.azure.net/secrets/neo[4](https://github.com/***/orchestration/runs/6175537982?check_suite_focus=true#step:4:4)j-password?api-version=7.0
##[debug]Re-evaluate condition on job cancellation for step: 'Fetch Neo4j password from KV'.
##[debug]AZURE_HTTP_USER_AGENT='GITHUBACTIONS_GetKeyVaultSecrets_a372436c28a7c[5](https://github.com/***/orchestration/runs/6175537982?check_suite_focus=true#step:4:5)193d0b8cc222[6](https://github.com/***/orchestration/runs/6175537982?check_suite_focus=true#step:4:6)4c520bb4[7](https://github.com/***/orchestration/runs/6175537982?check_suite_focus=true#step:4:7)[8](https://github.com/***/orchestration/runs/6175537982?check_suite_focus=true#step:4:8)d4f05e7d508eac7a2[9](https://github.com/***/orchestration/runs/6175537982?check_suite_focus=true#step:4:9)a40329[10](https://github.com/***/orchestration/runs/6175537982?check_suite_focus=true#step:4:10)8'
##[debug]AZURE_HTTP_USER_AGENT=''
Error: The operation was canceled.
##[debug]System.OperationCanceledException: The operation was canceled.
##[debug]   at System.Threading.CancellationToken.ThrowOperationCanceledException()
##[debug]   at GitHub.Runner.Sdk.ProcessInvoker.ExecuteAsync(String workingDirectory, String fileName, String arguments, IDictionary`2 environment, Boolean requireExitCodeZero, Encoding outputEncoding, Boolean killProcessOnCancel, Channel`1 redirectStandardIn, Boolean inheritConsoleHandler, Boolean keepStandardInOpen, Boolean highPriorityProcess, CancellationToken cancellationToken)
##[debug]   at GitHub.Runner.Common.ProcessInvokerWrapper.ExecuteAsync(String workingDirectory, String fileName, String arguments, IDictionary`2 environment, Boolean requireExitCodeZero, Encoding outputEncoding, Boolean killProcessOnCancel, Channel`1 redirectStandardIn, Boolean inheritConsoleHandler, Boolean keepStandardInOpen, Boolean highPriorityProcess, CancellationToken cancellationToken)
##[debug]   at GitHub.Runner.Worker.Handlers.DefaultStepHost.ExecuteAsync(String workingDirectory, String fileName, String arguments, IDictionary`2 environment, Boolean requireExitCodeZero, Encoding outputEncoding, Boolean killProcessOnCancel, Boolean inheritConsoleHandler, CancellationToken cancellationToken)
##[debug]   at GitHub.Runner.Worker.Handlers.NodeScriptActionHandler.RunAsync(ActionRunStage stage)
##[debug]   at GitHub.Runner.Worker.ActionRunner.RunAsync()
##[debug]   at GitHub.Runner.Worker.StepsRunner.RunStepAsync(IStep step, CancellationToken jobCancellationToken)
##[debug]Finishing: Fetch Neo4j password from KV`

Not sure if I am doing something wrong here, and I this is of course not blocking me in any way, but felt as a strange behavior that I though its worth reporting

When I try this with CLI I get an error image

Regards, Mirza