error 412 while calling withVault

[skultetymichal]

Jenkins and plugins versions report

Jenkins: 2.426.3
OS: Linux - 5.15.133+
Java: 17.0.9 - Eclipse Adoptium (OpenJDK 64-Bit Server VM)

Parameterized-Remote-Trigger:3.2.0
ace-editor:1.1
active-directory:2.34
analysis-model-api:11.15.0
ansible:253.v4fe719ffdd8a_
ansicolor:1.0.4
antisamy-markup-formatter:162.v0e6ec0fcfcf6
apache-httpcomponents-client-4-api:4.5.14-208.v438351942757
apache-httpcomponents-client-5-api:5.2.1-1.1
authentication-tokens:1.53.v1c90fd9191a_b_
badge:1.9.1
basic-branch-build-strategies:81.v05e333931c7d
blackduck-detect:9.0.0
blueocean:1.27.10
blueocean-autofavorite:1.2.5
blueocean-bitbucket-pipeline:1.27.10
blueocean-commons:1.27.10
blueocean-config:1.27.10
blueocean-core-js:1.27.10
blueocean-dashboard:1.27.10
blueocean-display-url:2.4.2
blueocean-events:1.27.10
blueocean-git-pipeline:1.27.10
blueocean-github-pipeline:1.27.10
blueocean-i18n:1.27.10
blueocean-jwt:1.27.10
blueocean-personalization:1.27.10
blueocean-pipeline-api-impl:1.27.10
blueocean-pipeline-editor:1.27.10
blueocean-pipeline-scm-api:1.27.10
blueocean-rest:1.27.10
blueocean-rest-impl:1.27.10
blueocean-web:1.27.10
bootstrap4-api:4.6.0-6
bootstrap5-api:5.3.2-3
bouncycastle-api:2.30.1.77-225.v26ea_c9455fd9
branch-api:2.1144.v1425d1c3d5a_7
build-history-manager:1.7.1
build-pipeline-plugin:1.5.8
caffeine-api:3.1.8-133.v17b_1ff2e0599
checkmarx:2023.4.3
checks-api:2.0.2
cloud-stats:320.v96b_65297a_4b_b_
cloudbees-bitbucket-branch-source:866.vdea_7dcd3008e
cloudbees-folder:6.858.v898218f3609d
cobertura:1.17
code-coverage-api:4.99.0
command-launcher:107.v773860566e2e
commons-lang3-api:3.13.0-62.v7d18e55f51e2
commons-text-api:1.11.0-95.v22a_d30ee5d36
config-file-provider:968.ve1ca_eb_913f8c
configuration-as-code:1775.v810dc950b_514
copyartifact:722.v0662a_9b_e22a_c
coverage:1.10.0
credentials:1319.v7eb_51b_3a_c97b_
credentials-binding:657.v2b_19db_7d6e6d
dashboard-view:2.495.v07e81500c3f2
data-tables-api:1.13.8-2
dependency-check-jenkins-plugin:5.4.3
disk-usage:1.2
display-url-api:2.200.vb_9327d658781
docker-build-step:2.10
docker-commons:439.va_3cb_0a_6a_fb_29
docker-java-api:3.3.1-79.v20b_53427e041
docker-plugin:1.5
docker-workflow:572.v950f58993843
durable-task:543.v262f6a_803410
echarts-api:5.4.3-2
email-ext:2.104
embeddable-build-status:467.v4a_954796e45d
envinject:2.908.v66a_774b_31d93
envinject-api:1.199.v3ce31253ed13
extended-read-permission:53.v6499940139e5
favorite:2.208.v91d65b_7792a_c
font-awesome-api:6.5.1-2
forensics-api:2.3.0
getpassvaultsecret:1.0-SNAPSHOT (private-acb5bbe2-I355863)
git:5.2.1
git-client:4.6.0
git-server:99.va_0826a_b_cdfa_d
github:1.37.3.1
github-api:1.318-461.v7a_c09c9fa_d63
github-autostatus:3.6.2
github-branch-source:1772.va_69eda_d018d4
github-oauth:597.ve0c3480fcb_d0
groovy:457.v99900cb_85593
groovy-postbuild:228.vcdb_cf7265066
gson-api:2.10.1-15.v0d99f670e0a_7
h2-api:11.1.4.199-12.v9f4244395f7a_
handlebars:3.0.8
handy-uri-templates-2-api:2.1.8-30.v7e777411b_148
hashicorp-vault-pipeline:1.4
hashicorp-vault-plugin:363.va_f8c1627db_b_a
htmlpublisher:1.32
http_request:1.18
influxdb:3.6
instance-identity:185.v303dc7c645f9
ionicons-api:56.v1b_1c8c49374e
jackson2-api:2.16.1-373.ve709c6871598
jacoco:3.3.5
jakarta-activation-api:2.0.1-3
jakarta-mail-api:2.0.1-3
javadoc:243.vb_b_503b_b_45537
javax-activation-api:1.2.0-6
javax-mail-api:1.6.2-9
jaxb:2.3.9-1
jdk-tool:73.vddf737284550
jenkins-design-language:1.27.10
jersey2-api:2.41-133.va_03323b_a_1396
jira:3.11
jjwt-api:0.11.5-77.v646c772fddb_0
job-dsl:1.87
joda-time-api:2.12.6-21.vca_fd74418fb_7
jquery:1.12.4-1
jquery-detached:1.2.1
jquery3-api:3.7.1-1
jsch:0.2.8-65.v052c39de79b_2
json-api:20231013-17.v1c97069404b_e
json-path-api:2.9.0-33.v2527142f2e1d
junit:1256.v002534a_5f33e
kubernetes:4179.v3b_88431df708
kubernetes-client-api:6.10.0-240.v57880ce8b_0b_2
kubernetes-credentials:0.11
lockable-resources:1232.v512d6c434eb_d
mailer:463.vedf8358e006b_
mask-passwords:173.v6a_077a_291eb_5
matrix-auth:3.2.1
matrix-project:822.v01b_8c85d16d2
maven-plugin:3.23
mercurial:1260.vdfb_723cdcc81
metrics:4.2.21-449.v6960d7c54c69
mina-sshd-api-common:2.12.0-90.v9f7fb_9fa_3d3b_
mina-sshd-api-core:2.12.0-90.v9f7fb_9fa_3d3b_
momentjs:1.1.1
okhttp-api:4.11.0-157.v6852a_a_fa_ec11
parameterized-trigger:2.46
performance:951.v5600a_c6422ed
pipeline-build-step:540.vb_e8849e1a_b_d8
pipeline-github:2.8-159.09e4403bc62f
pipeline-githubnotify-step:49.vf37bf92d2bc8
pipeline-graph-analysis:202.va_d268e64deb_3
pipeline-groovy-lib:704.vc58b_8890a_384
pipeline-input-step:477.v339683a_8d55e
pipeline-maven:1376.v18876d10ce9c
pipeline-maven-api:1376.v18876d10ce9c
pipeline-milestone-step:111.v449306f708b_7
pipeline-model-api:2.2175.v76a_fff0a_2618
pipeline-model-definition:2.2175.v76a_fff0a_2618
pipeline-model-extensions:2.2175.v76a_fff0a_2618
pipeline-multibranch-defaults:2.1
pipeline-rest-api:2.34
pipeline-stage-step:305.ve96d0205c1c6
pipeline-stage-tags-metadata:2.2175.v76a_fff0a_2618
pipeline-stage-view:2.34
pipeline-utility-steps:2.16.1
plain-credentials:143.v1b_df8b_d3b_e48
plugin-usage-plugin:4.2
plugin-util-api:3.8.0
popper-api:1.16.1-3
popper2-api:2.11.6-4
postbuildscript:3.2.0-460.va_fda_0fa_26720
prism-api:1.29.0-10
pubsub-light:1.18
rebuild:330.v645b_7df10e2a_
remote-file:1.24
resource-disposer:0.23
robot:3.5.0
saferestart:0.7
saml:4.464.vea_cb_75d7f5e0
scm-api:683.vb_16722fb_b_80b_
script-security:1313.v7a_6067dc7087
sidebar-link:2.4.1
slack:684.v833089650554
snakeyaml-api:2.2-111.vc6598e30cc65
sonar:2.17.1
sse-gateway:1.26
ssh-agent:346.vda_a_c4f2c8e50
ssh-credentials:308.ve4497b_ccd8f4
ssh-slaves:2.948.vb_8050d697fec
sshd:3.312.v1c601b_c83b_0e
structs:337.v1b_04ea_4df7c8
timestamper:1.26
token-macro:400.v35420b_922dcb_
trilead-api:2.133.vfb_8a_7b_9c5dd1
variant:60.v7290fc0eb_b_cd
warnings-ng:10.7.0
webhook-step:342.v620877effe14
windows-slaves:1.8.1
workflow-aggregator:596.v8c21c963d92d
workflow-api:1289.va_cf779f32df0
workflow-basic-steps:1042.ve7b_140c4a_e0c
workflow-cps:3853.vb_a_490d892963
workflow-durable-task-step:1317.v5337e0c1fe28
workflow-job:1385.vb_58b_86ea_fff1
workflow-multibranch:773.vc4fe1378f1d5
workflow-scm-step:415.v434365564324
workflow-step-api:657.v03b_e8115821b_
workflow-support:865.v43e78cc44e0d
ws-cleanup:0.45

What Operating System are you using (both controller, and any agents involved in the problem)?

OS: Linux - 5.15.133+

Reproduction steps

1. I have a jenkins server connected to HashiCorpVault Enterprise via approle authentication, I have constructed a function that retrieves the desired secret from Vault. Sometimes I encounter connection problem between jenkins and Vault
   https://developer.hashicorp.com/vault/docs/enterprise/consistency

Error message
"Vault responded with 412 error code"

I tried to wrap the retrieving function in try/catch block but error 412 doesnt result in exception, whereas wrongly connected vault address, wrong path for the sectrets, wrong credentials for approle do result in exception.

try {
                            fetchedSecrets = fetchVaultSecrets(env.VAULT_URL, env.VAULT_NAMESPACE, env.VAULT_CREDENTIAL_ID, 2, [SMTP_AUTH_PASS: 'password', SMTP_AUTH_USER: 'username'], 'path')

                            echo "SMTP_AUTH_USER: ${fetchedSecrets.SMTP_AUTH_USER}"
                            success = true
                        } catch (Exception e) {
                            sendEmailUnsuccessfulPipeline()
                            echo "${e.message}"

Expected Results

It would be nice if the error could result in exception so I could retry connecting to Vault and try to fetch secrets once again.

Actual Results

following error is printed to log:
Vault responded with 412 error code.
Vault responded with errors: required index state not present

Anything else?

No response

Are you interested in contributing a fix?

No response