lcondliffe
commented
1 year ago I think I've now worked around this by including this additional line in the pipeline
export VAULT_CLIENT_TIMEOUT=300
It seems like sometimes the Azure APIs take longer than the default 60 seconds to respond and this works around the issue.
Describe the bug We use the Azure Secrets Engine in Vault to dynamically retrieve service principals for Azure DevOps to use for Terraform pipelines.
Intermittently when the pipeline tries to use the secret engine we get a 'context deadline exceeded' error. Sometimes we have to retry a few times before it successfully returns a service principal. We think that this is to do with the Azure APIs sometimes taking some time to generate and return the service principal but we can't be sure.
Is there a way to increase timeout values applied to requests to Azure Secrets Engine? I can't see this in the available documentation.
To Reproduce Steps to reproduce the behavior:
vault read azure/$(subscription)/creds/subscription-owner -format=json |jq -c .data
Expected behavior The secret engine returns an Azure service principal credential.
Environment:
Vault Server Version (retrieve with vault status): 1.10.3 Vault CLI Version (retrieve with vault version): 1.11.2 Server Operating System/Architecture: Kubernetes (Helm chart deployment)