Skip to content

Commit

Permalink
[CI] Handle failures during attempt to delete key vault (#4010)
Browse files Browse the repository at this point in the history 
* Handle failures during attempt to delete key vault

* Better handling errors
  • Loading branch information
@fhibf
fhibf authored Aug 9, 2024
1 parent ac8b3ab commit 6028ea2
Showing 1 changed file with 25 additions and 4 deletions.
29 changes: 25 additions & 4 deletions build/jobs/add-aad-test-environment.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,22 +39,43 @@ steps:
# If a deleted keyvault exists, remove it first
$environmentName = "$(DeploymentEnvironmentName)".ToLower() -replace "\.", ""
Write-Host "Installed module and set variables"
if (Get-AzKeyVault -VaultName "${environmentName}-ts" -Location "westus" -InRemovedState)
$vaultName = "${environmentName}-ts"
if (Get-AzKeyVault -VaultName $vaultName -Location "westus" -InRemovedState)
{
Remove-AzKeyVault -VaultName "${environmentName}-ts" -InRemovedState -Location "westus" -Force
}
Write-Host "Attempting to delete vault ${vaultName}"
try
{
Remove-AzKeyVault -VaultName $vaultName -InRemovedState -Location "westus" -Force
}
catch
{
if ($_.ErrorDetails -eq "Operation 'DeletedVaultPurge' is not allowed.")
{
# With purge protection enabled, it's impossible to delete a Key Vault before its expiration.
Write-Error "Unable to delete vault ${vaultName}."
Write-Error $_.ErrorDetails
}
else
{
throw $_
}
}
}
Write-Host "Cleaned up keyvaults"
try
{
Write-Host "Getting access token"
$response = Invoke-RestMethod -Method 'Post' -Uri $adTokenUrl -ContentType "application/x-www-form-urlencoded" -Body $body
}
catch
{
Write-Error $_.ErrorDetails
}
Write-Host "Got access token"
Connect-AzureAD -TenantId $tenantId -AadAccessToken $response.access_token -AccountId $clientId
Write-Host "Connected to Azure AD"
Expand Down

0 comments on commit 6028ea2

Please sign in to comment.