2

When I try to fetch non-existent key from keyvault I get:

msrest.exceptions : (KeyNotFound) A key with (name/id) keyname was not found in this key vault. If you recently deleted this key you may be able to recover it using the correct recovery command. For help resolving this issue, please see https://go.microsoft.com/fwlink/?linkid=2125182 cli.azure.cli.core.azclierror : ResourceNotFoundError: (KeyNotFound) A key with (name/id) keyname was not found in this key vault. If you recently deleted this key you may be able to recover it using the correct recovery command. For help resolving this issue, please see https://go.microsoft.com/fwlink/?linkid=2125182

I expect this error, but only this error, so I don't want to create try-catch catching everything. However I cannot find full identifier of ResourceNotFound in the docs, by this I mean with a the namespace. Where I can find to to be able to catch this exception:

try {} catch [ResourceNotFoundError]{}

Yoda
  • 17,363
  • 67
  • 204
  • 344

2 Answers2

3

Az is not a PowerShell command, so I'm not sure try/catch would work at all.

What you could do is catch the output in a variable and then check that for the error before continuing.

Perhaps something like:

$GetKeyResult = az keyvault key show --name NoSuchKey --vault-name MyVault 2>&1
if ($GetKeyResult -like '*ResourceNotFoundError: (KeyNotFound)*') {
    "Key wasn't found"
    # Do stuff
}

The 2>&1 part is to redirect errors to standard output.

Another option is to skip the az commands and use a PowerShell CmdLet like Get-AzKeyVaultKey, unfortunately that doesn't error at all on invalid keynames, so you'd still need a check for it:

$GetKeyResult = Get-AzKeyVaultKey -VaultName MyVault -Name NoSuchKey
if ($null -eq $GetKeyResult) {
    "Key wasn't found"
    # Do stuff
}
PMental
  • 1,091
  • 6
  • 12
  • I tried that approach, but I am getting on pipeline agent: Get-AzKeyVaultKey : The term 'Get-AzKeyVaultKey' is not recognized as the name of a cmdlet, function, script file, or 2020-11-30T10:29:01.0844075Z operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try 2020-11-30T10:29:01.0844449Z again. how can I make it avialable ? – Yoda Nov 30 '20 at 10:31
  • You need to install the Azure PowerShell module: https://learn.microsoft.com/en-us/powershell/azure Even without it the first solution should work though. – PMental Nov 30 '20 at 18:51
0

In my case, I kept getting an error when running az sql db show when db did not exist. It appears that the syntax for the script varies between local Windows PC and pipeline. Perhaps I have a version mismatch. Anyhow, something so simple should not take this long nor be so difficult to figure out. This is not well documented online according to the references below.

Looks like the trick is on the local to add " 2>nul" and on the Azure CLI Pipeline " | ConvertFrom-Json". Note: using 2>nul on local actually created a file in the same directory where .sh script is, called nul.

Local machine code:

dbStatus=$(az sql db show -g myRGname -s myServerName -n myDBName --query "status" 2>nul)

if [[ $dbStatus == '"Online"' ]]; then
    echo "It is online"
fi

Azure pipeline code:

$dbStatus1=$(az sql db show -g myRGname -s myServerName -n myDBName --query "status" | ConvertFrom-Json)

if($LastExitCode = "0")
{
    $dbStatus2=$(az sql db show -g myRGname -s myServerName -n myDBName --query "status")
    if ($dbStatus2 = "Online")
    {
        echo "It is online"
    }
}

References:

  1. https://devopsjournal.io/blog/2019/07/12/Azure-CLI-PowerShell
  2. What does > nul 2>&1 mean in a batch statement
  3. https://towardsdev.com/how-to-suppress-warnings-and-errors-messages-in-azure-cli-34cece53591c
Dmitri K
  • 634
  • 6
  • 13