You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
So, we have a certificate that is stored in the Azure Key Vault. For the certificate we have the following part of CertificateArgs
LifetimeActions = new[]
{
new CertificateCertificatePolicyLifetimeActionArgs
{
Action = new CertificateCertificatePolicyLifetimeActionActionArgs
{
ActionType = "AutoRenew",
},
Trigger = new CertificateCertificatePolicyLifetimeActionTriggerArgs
{
DaysBeforeExpiry = 10
},
},
}
Now is the time to triger that renewal logic. When we run Pulumi we see the following error
keyvault.BaseClient#ImportCertificate: Failure responding to request: StatusCode=409 -- Original Error: autorest/azure: Service returned an error. Status=409 Code="Conflict" Message="Certificate certmanager-***6110abac26 is currently in a deleted but recoverable state, and its name cannot be reused; in this state, the certificate can only be recovered or purged." InnerError={"code":"ObjectIsDeletedButRecoverable"}
Note: the name of the certificate was edited to hide sensitive data behind ***
The reason for the problem is clear, but doesn't it mean that the Certificate Lifetime Policy doesn't work at all when it collaborates with the Azure Key Vault?
Example
Everything is described in section "what happened"
Output of pulumi about
CLI
Version 3.79.0
Go Version go1.21.0
Go Compiler gc
Plugins
NAME VERSION
azure 5.16.0
azure-native 1.71.0
azuread 5.28.0
azuredevops 2.5.0
dotnet unknown
kubernetes 3.21.0
random 4.8.2
tls 4.6.0
Host
OS Microsoft Windows 10 Pro
Version 10.0.19045 Build 19045
Arch x86_64
This project is written in dotnet: executable='C:\Program Files\dotnet\dotnet.exe' version='6.0.123'
Backend
Name pulumi.com
No dependencies found
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
The text was updated successfully, but these errors were encountered:
What are you changing in your program at this point?
We added the piece of code that I mentioned in the first message. The part with LifetimeActions . So now, when we run our pipeline, the logic tries to replace the certificate with a new one. But it fails because of the error I mentioned above.
I'm not sure if I understand what the definition of the resource means. Is it the properties of the resource that I can see on the pulumi portal in Resources section? Or is it something different?
What happened?
So, we have a certificate that is stored in the Azure Key Vault. For the certificate we have the following part of
CertificateArgs
Now is the time to triger that renewal logic. When we run Pulumi we see the following error
keyvault.BaseClient#ImportCertificate: Failure responding to request: StatusCode=409 -- Original Error: autorest/azure: Service returned an error. Status=409 Code="Conflict" Message="Certificate certmanager-***6110abac26 is currently in a deleted but recoverable state, and its name cannot be reused; in this state, the certificate can only be recovered or purged." InnerError={"code":"ObjectIsDeletedButRecoverable"}
Note: the name of the certificate was edited to hide sensitive data behind ***
The reason for the problem is clear, but doesn't it mean that the Certificate Lifetime Policy doesn't work at all when it collaborates with the Azure Key Vault?
Example
Everything is described in section "what happened"
Output of
pulumi about
CLI
Version 3.79.0
Go Version go1.21.0
Go Compiler gc
Plugins
NAME VERSION
azure 5.16.0
azure-native 1.71.0
azuread 5.28.0
azuredevops 2.5.0
dotnet unknown
kubernetes 3.21.0
random 4.8.2
tls 4.6.0
Host
OS Microsoft Windows 10 Pro
Version 10.0.19045 Build 19045
Arch x86_64
This project is written in dotnet: executable='C:\Program Files\dotnet\dotnet.exe' version='6.0.123'
Backend
Name pulumi.com
No dependencies found
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
The text was updated successfully, but these errors were encountered: