Skip to content

Commit a0f5f1e

Browse files
zhiyuanliang-mszhiyuanliang-ms
committed
update
1 parent 4b22c86 commit a0f5f1e

File tree

2 files changed

+22
-11
lines changed

2 files changed

+22
-11
lines changed

src/common/error.ts

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,8 @@ export function isFailoverableError(error: any): boolean {
3939
}
4040
// https://nodejs.org/api/errors.html#common-system-errors
4141
// ENOTFOUND: DNS lookup failed, ENOENT: no such file or directory, ECONNREFUSED: connection refused, ECONNRESET: connection reset by peer, ETIMEDOUT: connection timed out
42-
if (error.code === "ENOTFOUND" || error.code === "ENOENT" || error.code === "ECONNREFUSED" || error.code === "ECONNRESET" || error.code === "ETIMEDOUT") {
42+
if (error.code !== undefined &&
43+
(error.code === "ENOTFOUND" || error.code === "ENOENT" || error.code === "ECONNREFUSED" || error.code === "ECONNRESET" || error.code === "ETIMEDOUT")) {
4344
return true;
4445
}
4546
// 401 Unauthorized, 403 Forbidden, 408 Request Timeout, 429 Too Many Requests, 5xx Server Errors
@@ -55,10 +56,7 @@ export function isFailoverableError(error: any): boolean {
5556
* Check if the error is an instance of ArgumentError, TypeError, or RangeError.
5657
*/
5758
export function isInputError(error: any): boolean {
58-
if (error instanceof ArgumentError ||
59+
return error instanceof ArgumentError ||
5960
error instanceof TypeError ||
60-
error instanceof RangeError) {
61-
return true;
62-
}
63-
return false;
61+
error instanceof RangeError;
6462
}

src/keyvault/AzureKeyVaultKeyValueAdapter.ts

Lines changed: 18 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,8 @@ import { IKeyValueAdapter } from "../IKeyValueAdapter.js";
66
import { KeyVaultOptions } from "./KeyVaultOptions.js";
77
import { ArgumentError, KeyVaultReferenceError } from "../common/error.js";
88
import { SecretClient, parseKeyVaultSecretIdentifier } from "@azure/keyvault-secrets";
9+
import { isRestError } from "@azure/core-rest-pipeline";
10+
import { AuthenticationError } from "@azure/identity";
911

1012
export class AzureKeyVaultKeyValueAdapter implements IKeyValueAdapter {
1113
/**
@@ -27,12 +29,20 @@ export class AzureKeyVaultKeyValueAdapter implements IKeyValueAdapter {
2729
if (!this.#keyVaultOptions) {
2830
throw new ArgumentError("Failed to process the Key Vault reference because Key Vault options are not configured.");
2931
}
30-
let sourceId;
32+
let secretName, vaultUrl, sourceId, version;
3133
try {
32-
const { name: secretName, vaultUrl, sourceId: parsedSourceId, version } = parseKeyVaultSecretIdentifier(
34+
const { name: parsedName, vaultUrl: parsedVaultUrl, sourceId: parsedSourceId, version: parsedVersion } = parseKeyVaultSecretIdentifier(
3335
parseSecretReference(setting).value.secretId
3436
);
37+
secretName = parsedName;
38+
vaultUrl = parsedVaultUrl;
3539
sourceId = parsedSourceId;
40+
version = parsedVersion;
41+
} catch (error) {
42+
throw new KeyVaultReferenceError(buildKeyVaultReferenceErrorMessage("Invalid Key Vault reference.", setting), { cause: error });
43+
}
44+
45+
try {
3646
// precedence: secret clients > credential > secret resolver
3747
const client = this.#getSecretClient(new URL(vaultUrl));
3848
if (client) {
@@ -43,7 +53,10 @@ export class AzureKeyVaultKeyValueAdapter implements IKeyValueAdapter {
4353
return [setting.key, await this.#keyVaultOptions.secretResolver(new URL(sourceId))];
4454
}
4555
} catch (error) {
46-
throw new KeyVaultReferenceError(buildKeyVaultReferenceErrorMessage(setting, sourceId), { cause: error });
56+
if (isRestError(error) || error instanceof AuthenticationError) {
57+
throw new KeyVaultReferenceError(buildKeyVaultReferenceErrorMessage("Failed to resolve Key Vault reference.", setting, sourceId), { cause: error });
58+
}
59+
throw error;
4760
}
4861

4962
// When code reaches here, it means that the key vault reference cannot be resolved in all possible ways.
@@ -80,6 +93,6 @@ export class AzureKeyVaultKeyValueAdapter implements IKeyValueAdapter {
8093
}
8194
}
8295

83-
function buildKeyVaultReferenceErrorMessage(setting: ConfigurationSetting, secretIdentifier?: string ): string {
84-
return `Failed to resolve Key Vault reference. Key: '${setting.key}' Label: '${setting.label ?? ""}' ETag: '${setting.etag ?? ""}' ${secretIdentifier ? ` SecretIdentifier: '${secretIdentifier}'` : ""}`;
96+
function buildKeyVaultReferenceErrorMessage(message: string, setting: ConfigurationSetting, secretIdentifier?: string ): string {
97+
return `${message} Key: '${setting.key}' Label: '${setting.label ?? ""}' ETag: '${setting.etag ?? ""}' ${secretIdentifier ? ` SecretIdentifier: '${secretIdentifier}'` : ""}`;
8598
}

0 commit comments

Comments
 (0)