Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Retry in conjur_variable lookup not working for errors out of urllib_error.HTTPError or socket.timeout #202

Open
1 task done
stiplo opened this issue Mar 8, 2024 · 0 comments
Labels

Comments

@stiplo
Copy link

stiplo commented Mar 8, 2024

Summary

Error 111 - Connection refused is raised immediatly without retry during secret retrieval due to no handling for this exception in

def retry(retries, retry_interval):

Same issues occur for other kind of errors out of urllib_error.HTTPError or socket.timeout already handled.

Could you add a default base Exception to let the retry perform the secret retrieval when the retry_count is not reached ?

Thanks for your support.

Steps to Reproduce

  • Having Conjur serving server returning Error 111 - Connection refused frequently.
  • Running several times the lookup conjur_variable to retrieve a host password on this Conjur server until the error is encountered.

Expected Results

Keep retrying to get the host password until the retry_count is reached even when Error 111 - Connection refused is encountered.

Actual Results

Lookup fails immediatly with message:

"msg": "An unhandled exception occurred while running the lookup plugin 'cyberark.conjur.conjur_variable'. Error was a <class 'urllib.error.URLError'>, original message: <urlopen error [Errno 111] Connection refused>. <urlopen error [Errno 111] Connection refused>"

Reproducible

  • Sometimes

Version/Tag number

v1.2.0

Environment setup

Ansible Automation Platform v2.4 On Premise
Ansible [core 2.15.0]

Conjur Pods On Premise with 2 active nodes seems to increase the number of connection refused versus 1 active - 1 passive node.

Additional Information

In same parameters_wrapper method: missing alias 'e' in

except socket.timeout:
if retry_count >= retries:
raise e

@stiplo stiplo added the kind/bug label Mar 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant