az keyvault purge --name "{name}" hangs forever, despite key vault being successfully purged #30333
Description
Describe the bug
We have a PowerShell script to create an Azure key vault in a disposable environment. In the beginning of the script, we are checking if a soft-deleted key vault exists that has the same name as the key vault we're trying to create — if it does, we purge it:
$DeletedKeyVaults = az keyvault list-deleted --query "[].name" -o json | ConvertFrom-Json
if($KeyVaultName -in $DeletedKeyVaults)
{
Write-Host "Purging key vault '$KeyVaultName'..."
az keyvault purge --name $KeyVaultName --location $ResourceGroupLocation
Write-Host "Key vault '$KeyVaultName' was purged."
}While every Azure CLI command in the script runs and successfully returns after a while, the az keyvault purge command hangs seemingly forever ("Running" is displayed on the console). The command does what it's supposed to be doing since, when checking the Azure portal, the key vault that was supposed to be purged is indeed purged as a result of running the command. It's just that the command never returns, thus allowing the script to continue.
Running the command with --debug reveals the fact that a certain request is being made in a loop, always resulting in a response with status code 202 Accepted (see debug output below).
Related command
az keyvault purge --name '{name}'
az keyvault purge --name '{name}' --location '{location}'
Errors
There are no errors.
Issue script & Debug output
While the command hangs indefinitely, the following sections are printed to the output at short intervals:
- Request
cli.azure.cli.core.sdk.policies: Request method: 'GET'
cli.azure.cli.core.sdk.policies: Request headers:
cli.azure.cli.core.sdk.policies: 'x-ms-client-request-id': '<REDACTED>'
cli.azure.cli.core.sdk.policies: 'CommandName': 'keyvault purge'
cli.azure.cli.core.sdk.policies: 'ParameterSetName': '--name --location --debug'
cli.azure.cli.core.sdk.policies: 'User-Agent': 'AZURECLI/2.58.0 (MSI) azsdk-python-core/1.28.0 Python/3.11.7 (Windows-10-10.0.22631-SP0)'
cli.azure.cli.core.sdk.policies: 'Authorization': '*****'
cli.azure.cli.core.sdk.policies: Request body:
cli.azure.cli.core.sdk.policies: This request has no body
- Response
cli.azure.cli.core.sdk.policies: Response status: 202
cli.azure.cli.core.sdk.policies: Response headers:
cli.azure.cli.core.sdk.policies: 'Cache-Control': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Pragma': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Content-Length': '64'
cli.azure.cli.core.sdk.policies: 'Content-Type': 'application/json; charset=utf-8'
cli.azure.cli.core.sdk.policies: 'Expires': '-1'
Expected behavior
The command purges the key vault it needs to purge and resumes the script execution.
Environment Summary
azure-cli 2.58.0
core 2.58.0
telemetry 1.1.0
Dependencies:
msal 1.26.0
azure-mgmt-resource 23.1.0b2
Python location 'C:\Program Files\Microsoft SDKs\Azure\CLI2\python.exe'
Extensions directory 'C:\Users<REDACTED>.azure\cliextensions'
Python (Windows) 3.11.7 (tags/v3.11.7:fa7a6f2, Dec 4 2023, 19:24:49) [MSC v.1937 64 bit (AMD64)]
Legal docs and information: aka.ms/AzureCliLegal
Additional context
This runs on a self-hosted build agent as part of a deployment pipeline and exhibits the same behavior.