Azure/k8s-create-secret

Context of errors may be lost when an error occurs deleting secrets

Opened this issue · 0 comments

sax commented

The kubernetes-client library sometimes rejects its promise with an HttpError, but may also reject the promise with a generic Error object: https://github.com/kubernetes-client/javascript/blob/master/src/gen/api/coreV1Api.ts#L9168C24-L9168C39. When this happens, the error does not include a response key.

This GitHub action only warns on error data from an error where response can be destructured: https://github.com/Azure/k8s-create-secret/blob/main/src/run.ts#L171-L176.

We're running into an issue where our CI pipeline regularly fails during the deployment, because for some reason the existing secret cannot deleted, so at the point where the action attempts to recreate the secret an error is issued:

{"response":{"statusCode":409,"body":{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"secrets \"my-secret\" already exists","reason":"AlreadyExists" ...

I'm unclear on what can be gotten out of a generic Error object, but in looking at the request library (which the kubernetes-client still uses in spite of being deprecated), it looks as if there may be helpful error messages.