Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Retry core.getIDToken for JWT Auth Method #574

Merged
merged 2 commits into from
Mar 3, 2025
Merged

Retry core.getIDToken for JWT Auth Method #574

merged 2 commits into from
Mar 3, 2025
+79 −2

Conversation

aefuente
Copy link
Contributor

Description

core.getIDToken intermittently fails for both cloud hosted and on prem runners. This causes entire workflows to fail.

Adds a generic async retry function. Adds 5 retries with 3 seconds of delay between core.getIDToken calls.

Closes #525

fairclothjm
fairclothjm approved these changes Mar 3, 2025
View reviewed changes
Copy link
Contributor

@fairclothjm fairclothjm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @aefuente !

@fairclothjm fairclothjm merged commit 5d06ce8 into hashicorp:main Mar 3, 2025
2 checks passed
fairclothjm
fairclothjm reviewed Mar 3, 2025
View reviewed changes
src/auth.js
@@ -35,7 +37,10 @@ async function retrieveToken(method, client) {
const githubAudience = core.getInput('jwtGithubAudience', { required: false });

if (!privateKey) {
jwt = await core.getIDToken(githubAudience)
jwt = await retryAsyncFunction(retries, retries_delay, core.getIDToken, githubAudience)
.then((result) => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@aefuente Should we catch any errors here?

Copy link
Contributor Author

@aefuente aefuente Mar 3, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@fairclothjm The error that gets thrown would be core.getIDToken Error. Its possible we could return a more explicit/generic message "failed to get ID Token from Github" or something like that, but the error should still be thrown at this step. This error isn't caught by action.js and should terminate the run in error status.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, that was my assumption as well but wanted to confirm.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fairclothjm fairclothjm

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[BUG] Intermittant: "Error message: Failed to get ID Token."
2 participants
@aefuente @fairclothjm