Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Random failures #2

Closed
amontalban opened this issue Apr 13, 2022 · 5 comments
Closed

Random failures #2

amontalban opened this issue Apr 13, 2022 · 5 comments
Labels
good first issue Good for newcomers

Comments

@amontalban
Copy link

Hi @mcmarkj !

Thank you for writing this action, it is really helpful.

We are running the 1Password connector inside the workflow by doing this in a previous step:

docker run ${{ env.MOUNT_1PASSWORD_CREDENTIALS }} --name op-connect-api --publish 8080:8080 -d 1password/connect-api:latest
docker run ${{ env.MOUNT_1PASSWORD_CREDENTIALS }} --name op-connect-sync --publish 8081:8080 -d 1password/connect-sync:latest

And then using your action with:

    - "id": "get-sentry-auth-token"
      "name": "Retrieve Token from 1Password"
      "uses": "mcmarkj/1password-actions@v2"
      "with":
        "connect-server-token": "${{ secrets.ONEPASSWORD_CONNECT_SERVER_TOKEN }}"
        "connect-server-url": "http://localhost:8080"
        "export-env-vars": "true"
        "secret-path": |
          My Vault > My Secret > username | MY_VAR

It works most of the time, however in some cases it fails with this error:

Error: socket hang up
Error: Can't find vault.

How hard would it be to have some sort of retry? Unfortunately, we cannot use this action to retry https://github.com/nick-fields/retry like we do with other commands.

Thank you in advance!

@mcmarkj
Copy link
Owner

mcmarkj commented Apr 14, 2022

Hey @amontalban

Wow that's interesting, never seen that before.

Happy to add some retry functionality to the action. If you're comfortable doing it, feel free to open a PR. Otherwise I'll most likely pick this up next week.

Cheers
Mark

@mcmarkj mcmarkj added the good first issue Good for newcomers label Apr 14, 2022
@amontalban
Copy link
Author

Hey @mcmarkj,

Thank you for your response, and sorry for my delay I was on vacation last week.

Unfortunately, my Typsecript knowledge is minimum so I don't know how to help on this, sorry.

But please let me know if I can help somehow.

Thanks!

@amontalban
Copy link
Author

Hi @mcmarkj,

I think that the root cause is that when you start the 1password/connect-api container, it will not sync the account data until you authenticate with the token for the first time.

Unfortunately, we switched to https://github.com/1Password/load-secrets-action repository (which had another issue that I fixed in 1Password/load-secrets-action#10), but I added this as a prior step to make sure the API is in sync before trying to use it.

        until [ "$(curl -H "Authorization: Bearer ${{ env.OP_CONNECT_TOKEN }}" -sLo - http://localhost:8080/health | jq -r '.dependencies[] | select(.service=="account_data") | .status')" == "AVAILABLE" ]; do sleep 1; done

So maybe you can add a check for that before trying to access it's data.

Thank you!

@mcmarkj
Copy link
Owner

mcmarkj commented Apr 22, 2022

Hey @amontalban

That's really interesting, that sounds more like an issue with the implementation of the connect API than necessarily this Github Action having a bug etc.

I guess that curl you are running could be run before you use this action and that would have resolved your issue?

Regardless, I do think a retry option sounds like a nice bit of functionality, so think it's worth keeping this issue open and implementing it when I get a chance.

Hope you have success with the other action and thanks again for your feedback 😄

@mcmarkj
Copy link
Owner

mcmarkj commented Feb 5, 2024

I'm going to close this issue as I believe it's down to how you've implemented the connect API.

@mcmarkj mcmarkj closed this as not planned Won't fix, can't repro, duplicate, stale Feb 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
good first issue Good for newcomers
Projects
None yet
Development

No branches or pull requests

2 participants