fix(az key vault): Raise an error instead of panic if authentication …

…not provided (#4017) Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es>
kedacore · Dec 15, 2022 · eddae01 · eddae01
1 parent 06f6f7d
commit eddae01
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -60,6 +60,7 @@ Here is an overview of all new **experimental** features:
 ### Fixes
 
 - **General**: Properly retrieve and close scalers cache ([#4011](https://github.com/kedacore/keda/issues/4011))
+- **Azure Key Vault:** Raise an error if authentication mechanism not provided ([#4010](https://github.com/kedacore/keda/issues/4010))
 
 ### Deprecations
 

diff --git a/pkg/scaling/resolver/azure_keyvault_handler.go b/pkg/scaling/resolver/azure_keyvault_handler.go
@@ -109,6 +109,11 @@ func (vh *AzureKeyVaultHandler) getAuthConfig(ctx context.Context, client client
 	}
 	switch podIdentity.Provider {
 	case "", kedav1alpha1.PodIdentityProviderNone:
+		missingErr := fmt.Errorf("clientID, tenantID and clientSecret are expected when not using a pod identity provider")
+		if vh.vault.Credentials == nil {
+			return nil, missingErr
+		}
+
 		clientID := vh.vault.Credentials.ClientID
 		tenantID := vh.vault.Credentials.TenantID
 
@@ -117,7 +122,7 @@ func (vh *AzureKeyVaultHandler) getAuthConfig(ctx context.Context, client client
 		clientSecret := resolveAuthSecret(ctx, client, logger, clientSecretName, triggerNamespace, clientSecretKey, secretsLister)
 
 		if clientID == "" || tenantID == "" || clientSecret == "" {
-			return nil, fmt.Errorf("clientID, tenantID and clientSecret are expected when not using a pod identity provider")
+			return nil, missingErr
 		}
 
 		config := auth.NewClientCredentialsConfig(clientID, clientSecret, tenantID)