Merge pull request #611 from JupiterOne/INT-10054-2

Int 10054: add error handling
JupiterOne-Archives · Dec 4, 2023 · 6512307 · 6512307
2 parents adb5293 + 1aee2cf
commit 6512307
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 13 deletions.
diff --git a/src/azure/resource-manager/client.ts b/src/azure/resource-manager/client.ts
@@ -61,7 +61,7 @@ export abstract class Client {
       this.config.clientId,
       this.config.clientSecret,
       {
-        additionallyAllowedTenants: [],
+        additionallyAllowedTenants: ['*'],
       },
     );
   }
@@ -94,7 +94,11 @@ export abstract class Client {
     },
   ): Promise<T> {
     if (!this.auth) {
-      this.auth = await authenticate(this.config);
+      this.auth = await retryResourceRequest(
+        async () => await authenticate(this.config),
+        FIVE_MINUTES,
+        this.logger,
+      );
     }
     const client = createClient(ctor, {
       auth: this.auth,
@@ -178,7 +182,19 @@ function retryResourceRequest<ResponseType>(
       //
       // Non Azure `RestError`s, such as ECONNRESET, should be retried.
       handleError: async (err, context, _options) => {
-        if (err instanceof AzureRestError && err.statusCode !== 429) {
+        if (
+          err?.message &&
+          typeof err?.message == 'string' &&
+          err.message.includes('Get Token request returned http error: 4')
+        ) {
+          logger.info(
+            {
+              err,
+            },
+            'Encountered non-retryable error in Get Token request client.',
+          );
+          context.abort();
+        } else if (err instanceof AzureRestError && err.statusCode !== 429) {
           logger.info(
             {
               err,

diff --git a/src/getStepStartStates.test.ts b/src/getStepStartStates.test.ts
@@ -632,7 +632,7 @@ describe('getStepStartStates', () => {
       [FrontDoorStepIds.FETCH_BACKEND_POOLS]: { disabled: false },
       [FrontDoorStepIds.FETCH_FRONTEND_ENDPOINTS]: { disabled: false },
     });
-  });
+  }, 100_000);
 
   test('configureSubscriptionInstances: true', async () => {
     const context = createMockExecutionContext({

diff --git a/src/steps/resource-manager/key-vault/client.ts b/src/steps/resource-manager/key-vault/client.ts
@@ -54,15 +54,6 @@ export class KeyVaultClient extends Client {
           name: IntegrationWarnEventName.MissingPermission,
           description: `Missing a Key Vault access policy. A Key Vault access policy determines whether a given security principal can perform different operations on Key Vault secrets, keys and certificates. Please follow the steps outlined here https://go.microsoft.com/fwlink/?linkid=2125287 and assign a "list" key permission in order to fetch these keys for your Key Vault ${vaultUri}.`,
         });
-      } else if (
-        err.statusCode === 401 &&
-        err.message.toString().includes('AKV10032')
-      ) {
-        // TEMP: INT-10054 find all vault uri that are failing.
-        this.logger.warn(
-          { err: err, vaultUri: vaultUri },
-          'Failed to retrieve a VaultKey',
-        );
       } else {
         throw err;
       }