From 9a58bcf90065a3e522fbd2cc0d10defd8964e234 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Thu, 4 Jul 2019 10:31:47 +0100 Subject: [PATCH] feat: retry in case vault is not reachable (#107) --- src/test/groovy/GetVaultSecretStepTests.groovy | 5 +++++ vars/getVaultSecret.groovy | 7 +++++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/src/test/groovy/GetVaultSecretStepTests.groovy b/src/test/groovy/GetVaultSecretStepTests.groovy index 6ad866614..7bd8e0d31 100644 --- a/src/test/groovy/GetVaultSecretStepTests.groovy +++ b/src/test/groovy/GetVaultSecretStepTests.groovy @@ -80,6 +80,11 @@ class GetVaultSecretStepTests extends BasePipelineTest { def script = loadScript("vars/toJSON.groovy") return script.call(s) }) + helper.registerAllowedMethod("retry", [Integer.class, Closure.class], { i, c -> + c.call() + }) + helper.registerAllowedMethod("randomNumber", [Map.class], { m -> return m.min }) + helper.registerAllowedMethod("sleep", [Integer.class], { 'OK' }) } @Test diff --git a/vars/getVaultSecret.groovy b/vars/getVaultSecret.groovy index a2667f036..83089ebbc 100644 --- a/vars/getVaultSecret.groovy +++ b/vars/getVaultSecret.groovy @@ -49,8 +49,11 @@ def readSecret(secret){ string(credentialsId: 'vault-addr', variable: 'VAULT_ADDR'), string(credentialsId: 'vault-role-id', variable: 'VAULT_ROLE_ID'), string(credentialsId: 'vault-secret-id', variable: 'VAULT_SECRET_ID')]) { - def token = getVaultToken(env.VAULT_ADDR, env.VAULT_ROLE_ID, env.VAULT_SECRET_ID) - props = getVaultSecretObject(env.VAULT_ADDR, secret, token) + retry(2) { + sleep randomNumber(min: 5, max: 10) + def token = getVaultToken(env.VAULT_ADDR, env.VAULT_ROLE_ID, env.VAULT_SECRET_ID) + props = getVaultSecretObject(env.VAULT_ADDR, secret, token) + } //we do not have permissions to revoke a token. //revokeToken(env.VAULT_ADDR, token) }