azure-pipelines-tasks: AzureKeyVault fails with 'endpoints_resolution_error'

Question, Bug, or Feature? Type: Bug

Enter Task Name: AzureKeyVault

Environment

  • Agent - Private, running under Azure DevOps
  • OS: RHEL 8.6
  • Version: 2.214.2

Issue Description

Secrets downloading takes 30+ sec to complete with the following error:

"Could not fetch access token for Azure. Status code: endpoints_resolution_error, status message: Error: could not resolve endpoints. Please check network and try again. Detail: ClientConfigurationError: untrusted_authority: The provided authority is not a trusted authority. Please include this authority in the knownAuthorities config parameter."

Update - 18 Dec 2022

I’ve managed to mitigate the error by removing the HTTP proxy and going directly to the internet to download the secrets. So whatever change has been done to the AzureKeyVault to download secrets, it doesn’t take into consideration that the secrets download can be done from behind a proxy. And yeah, we set all the proxy environment variables; they’re just being ignored.

Update - 18 Jan 2023

We’re getting the same problem AGAIN with Version: 2.215.0. I can’t believe we pay all that money to MS for this platform…

About this issue

  • Original URL
  • State: closed
  • Created 2 years ago
  • Reactions: 2
  • Comments: 22

Most upvoted comments

Works for me as well when I tested pipeline today. New version 1.214.3 was downloaded and “download secrets” step completed successfully.

image

+1
jtterry2856 on Dec 20, 2022

@kwasiak - Seems like they have updated the task version now to 214.3 and it’s working fine now. Thank you for raising this issue in GitHub by seeing my question in community forum.it really helped all of us .

+1
RaviChandraMadipadiga on Dec 20, 2022
Read more comments on GitHub
← azure-pipelines-tasks: AzureFunctionApp@1 - unable to use zipDeploy with Linux consumption plan
azure-pipelines-tasks: AzureResourceGroupDeployment task fails validations if a HTTP 202 Accepted is encountered →