Empty configuration attempts connection and logs severe level stacktrace

[faandg]

Jenkins and plugins versions report

Environment

``` Jenkins: 2.319.1 OS: Linux - 4.18.0-348.12.2.el8_5.x86_64 --- Office-365-Connector:4.16.1 ace-editor:1.1 active-directory:2.25.1 acunetix:1.2.14 analysis-model-api:10.9.4 ant:1.13 antisamy-markup-formatter:2.7 apache-httpcomponents-client-4-api:4.5.13-1.0 authentication-tokens:1.4 authorize-project:1.4.0 azure-credentials:216.ve0b_4a_485ffc2 azure-keyvault:131.v867845ef6ae9 azure-sdk:106.v552de1e64d56 azure-vm-agents:810.v0a97a847315a badge:1.9.1 bitbucket:223.vd12f2bca5430 blueocean:1.25.3 blueocean-autofavorite:1.2.5 blueocean-bitbucket-pipeline:1.25.3 blueocean-commons:1.25.3 blueocean-config:1.25.3 blueocean-core-js:1.25.3 blueocean-dashboard:1.25.3 blueocean-display-url:2.4.1 blueocean-events:1.25.3 blueocean-git-pipeline:1.25.3 blueocean-github-pipeline:1.25.3 blueocean-i18n:1.25.3 blueocean-jira:1.25.3 blueocean-jwt:1.25.3 blueocean-personalization:1.25.3 blueocean-pipeline-api-impl:1.25.3 blueocean-pipeline-editor:1.25.3 blueocean-pipeline-scm-api:1.25.3 blueocean-rest:1.25.3 blueocean-rest-impl:1.25.3 blueocean-web:1.25.3 bootstrap4-api:4.6.0-3 bootstrap5-api:5.1.3-6 bouncycastle-api:2.25 branch-api:2.1044.v2c007e51b_87f build-name-setter:2.2.0 build-timestamp:1.0.3 build-user-vars-plugin:1.8 caffeine-api:2.9.2-29.v717aac953ff3 checks-api:1.7.2 cloud-stats:0.27 cloudbees-bitbucket-branch-source:762.v969cfe087fc0 cloudbees-folder:6.714.v79e858ef76a_2 command-launcher:1.6 conditional-buildstep:1.4.2 config-file-provider:3.9.0 copyartifact:1.46.3 credentials:1087.v16065d268466 credentials-binding:1.27.1 cucumber-perf:2.0.9 cucumber-reports:5.7.0 dark-theme:156.v6cf16af6f9ef data-tables-api:1.11.4-4 display-url-api:2.3.5 docker-commons:1.19 docker-java-api:3.1.5.2 docker-workflow:1.28 durable-task:495.v29cd95ec10f2 echarts-api:5.3.0-2 elastic-axis:1.4.6 email-ext:2.87 extended-read-permission:3.2 external-monitor-job:191.v363d0d1efdf8 favorite:2.3.3 font-awesome-api:6.0.0-1 forensics-api:1.12.0 generic-webhook-trigger:1.83 git:4.11.0 git-client:3.11.0 git-parameter:0.9.15 git-server:1.10 github:1.34.3 github-api:1.301-378.v9807bd746da5 github-branch-source:2.11.4 google-oauth-plugin:1.0.6 greenballs:1.15.1 h2-api:1.4.199 handlebars:3.0.8 handy-uri-templates-2-api:2.1.8-1.0 htmlpublisher:1.29 http_request:1.14 jackson2-api:2.13.2-260.v43d711474c77 jacoco:3.3.1 javadoc:217.v905b_86277a_2a_ javax-activation-api:1.2.0-2 javax-mail-api:1.6.2-5 jaxb:2.3.0.1 jdk-tool:1.5 jenkins-design-language:1.25.3 jira:3.7 jjwt-api:0.11.2-9.c8b45b8bb173 jnr-posix-api:3.1.7-3 jquery:1.12.4-1 jquery-detached:1.2.1 jquery3-api:3.6.0-2 jsch:0.1.55.2 junit:1.54 junit-attachments:92.v46b_185115f82 kubernetes:3580.v78271e5631dc kubernetes-cli:1.10.3 kubernetes-client-api:5.12.1-187.v577c3e368fb_6 kubernetes-credentials:0.9.0 last-changes:2.7.11 ldap:2.8 leastload:3.0.0 lighthouse-report:1.3.0 lockable-resources:2.14 mailer:408.vd726a_1130320 mapdb-api:1.0.9.0 matrix-auth:2.6.9 matrix-project:758.v7a_ea_491852f3 maven-plugin:3.16 maven-snapshot-check:1.5 mercurial:2.16 metrics:4.1.6.1 momentjs:1.1.1 multibranch-scan-webhook-trigger:1.0.9 nexus-jenkins-plugin:3.14.405.v74e19a_0b_1a_1a_ nodejs:1.5.1 nodelabelparameter:1.10.3 oauth-credentials:0.5 okhttp-api:4.9.3-105.vb96869f8ac3a openshift-client:1.0.37 pam-auth:1.7 parameterized-trigger:2.44 performance:3.20 pipeline-build-step:2.16 pipeline-graph-analysis:188.v3a01e7973f2c pipeline-input-step:446.vf27b_0b_83500e pipeline-maven:3.10.0 pipeline-milestone-step:100.v60a_03cd446e1 pipeline-model-api:1.9.3 pipeline-model-definition:1.9.3 pipeline-model-extensions:1.9.3 pipeline-rest-api:2.23 pipeline-stage-step:291.vf0a8a7aeeb50 pipeline-stage-tags-metadata:1.9.3 pipeline-stage-view:2.23 pipeline-utility-steps:2.12.0 plain-credentials:1.8 platformlabeler:1317.v822cd19db_d49 plugin-usage-plugin:2.2 plugin-util-api:2.16.0 popper-api:1.16.1-2 popper2-api:2.11.4-1 postbuild-task:1.9 prism-api:1.26.0-2 promoted-builds:3.11 pubsub-light:1.16 rapid7-insightvm-container-assessment:1.0.21 role-strategy:3.2.0 run-condition:1.5 saml:2.296.v0016349946db_ scm-api:595.vd5a_df5eb_0e39 script-security:1131.v8b_b_5eda_c328e slack:608.v19e3b_44b_b_9ff snakeyaml-api:1.29.1 soapui-pro-functional-testing:1.7 sonar:2.14 sonar-quality-gates:1.3.1 sse-gateway:1.25 ssh-agent:1.24.1 ssh-credentials:1.19 ssh-slaves:1.806.v2253cedd3295 sshd:3.226.vb_1769a_7fb_b_a_6 strict-crumb-issuer:2.1.0 structs:308.v852b473a2b8c subversion:2.15.3 theme-manager:0.6 timestamper:1.17 token-macro:285.vff7645a_56ff0 trilead-api:1.57.v6e90e07157e1 variant:1.4 warnings-ng:9.11.1 windows-azure-storage:373.v582b31a65906 windows-slaves:1.8 workflow-api:1143.v2d42f1e9dea_5 workflow-basic-steps:2.24 workflow-cps:2648.va9433432b33c workflow-cps-global-lib:564.ve62a_4eb_b_e039 workflow-durable-task-step:1121.va_65b_d2701486 workflow-job:1145.v7f2433caa07f workflow-multibranch:711.vdfef37cda_816 workflow-scm-step:2.13 workflow-step-api:622.vb_8e7c15b_c95a_ workflow-support:813.vb_d7c3d2984a_0 ```

What Operating System are you using (both controller, and any agents involved in the problem)?

RHEL8

Reproduction steps

1. install this plugin but do not configure any URL
2. browse to credentials in jenkins
3. wait a couple of minutes
4. severe error + stack trace logged in /var/log/jenkins/jenkins.log
5. seems to happen periodically (or retry) every 10 minutes

Expected Results

• empty key vault URL should not attempt anything when browsing to credentials
• empty key vault URL should not be cause of severe level error in logs

Could benefit from improved validation check and/or improved logging

Actual Results

Attempt is made to retrieve secrets from Azure Key vault and a stack trace is logged in /var/log/jenkins/jenkins.log

2022-04-12 03:50:01.505+0000 [id=3965]  SEVERE  c.a.c.util.logging.ClientLogger#performLogging: The Azure Key Vault url is malformed.
2022-04-12 03:50:01.506+0000 [id=3965]  WARNING o.j.p.a.AzureCredentialsProvider#fetchCredentials: Error retrieving secrets from Azure KeyVault: The Azure Key Vault url is malformed.
java.net.MalformedURLException: no protocol:
        at java.base/java.net.URL.<init>(URL.java:645)
        at java.base/java.net.URL.<init>(URL.java:541)
        at java.base/java.net.URL.<init>(URL.java:488)
        at com.azure.security.keyvault.secrets.SecretClientBuilder.vaultUrl(SecretClientBuilder.java:248)
Caused: java.lang.IllegalArgumentException: The Azure Key Vault url is malformed.
        at com.azure.security.keyvault.secrets.SecretClientBuilder.vaultUrl(SecretClientBuilder.java:250)
        at com.microsoft.azure.util.AzureCredentials.createKeyVaultClient(AzureCredentials.java:511)
        at com.microsoft.jenkins.keyvault.SecretClientCache.createClient(SecretClientCache.java:46)
        at com.github.benmanes.caffeine.cache.LocalLoadingCache.lambda$newMappingFunction$2(LocalLoadingCache.java:141)
        at com.github.benmanes.caffeine.cache.BoundedLocalCache.lambda$doComputeIfAbsent$14(BoundedLocalCache.java:2413)
        at java.base/java.util.concurrent.ConcurrentHashMap.compute(ConcurrentHashMap.java:1908)
        at com.github.benmanes.caffeine.cache.BoundedLocalCache.doComputeIfAbsent(BoundedLocalCache.java:2411)
        at com.github.benmanes.caffeine.cache.BoundedLocalCache.computeIfAbsent(BoundedLocalCache.java:2394)
        at com.github.benmanes.caffeine.cache.LocalCache.computeIfAbsent(LocalCache.java:108)
        at com.github.benmanes.caffeine.cache.LocalLoadingCache.get(LocalLoadingCache.java:54)
        at com.microsoft.jenkins.keyvault.SecretClientCache.get(SecretClientCache.java:27)
        at org.jenkinsci.plugins.azurekeyvaultplugin.AzureCredentialsProvider.fetchCredentials(AzureCredentialsProvider.java:109)
        at org.jenkinsci.plugins.azurekeyvaultplugin.AzureCredentialsProvider.lambda$new$0(AzureCredentialsProvider.java:53)
        at com.github.benmanes.caffeine.cache.CacheLoader.reload(CacheLoader.java:166)
        at com.github.benmanes.caffeine.cache.CacheLoader.lambda$asyncReload$2(CacheLoader.java:190)
        at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1700)
        at java.base/java.lang.Thread.run(Thread.java:829)

Anything else?

No response

[timja]

Thanks for the report!

[timja]

Fixed by https://github.com/jenkinsci/azure-keyvault-plugin/pull/118#issuecomment-1275775196