[Feature Req] Improve error message when certificate configuration is incorrect.

[jsquire]

When there's an incorrect configuration for a certificate in OneCert, the KeyVault ARM call to create a certificate fails with a "NoneType" error, similar to the following. It may be helpful to improve the error experience within the client.

Error trace from CLI debug log:

DEBUG: cli.azure.cli.core.azclierror: Traceback (most recent call last):

      File "/opt/az/lib/python3.10/site-packages/azure/cli/command_modules/keyvault/_command_type.py", line 112, in keyvault_command_handler
        result = op(**command_args)
      File "/opt/az/lib/python3.10/site-packages/azure/cli/command_modules/keyvault/custom.py", line 1559, in create_certificate
        poller.result()
      File "/opt/az/lib/python3.10/site-packages/azure/core/polling/_poller.py", line 255, in result
        self.wait(timeout)
      File "/opt/az/lib/python3.10/site-packages/azure/core/tracing/decorator.py", line 78, in wrapper_use_tracer
        return func(*args, **kwargs)
      File "/opt/az/lib/python3.10/site-packages/azure/core/polling/_poller.py", line 275, in wait
        raise self._exception # type: ignore
      File "/opt/az/lib/python3.10/site-packages/azure/core/polling/_poller.py", line 192, in _start
        self._polling_method.run()
      File "/opt/az/lib/python3.10/site-packages/azure/keyvault/certificates/_polling.py", line 41, in run
        self._update_status()
      File "/opt/az/lib/python3.10/site-packages/azure/keyvault/certificates/_polling.py", line 32, in _update_status
        self._pending_certificate_op = self._command() if self._command else None
      File "/opt/az/lib/python3.10/site-packages/azure/core/tracing/decorator.py", line 78, in wrapper_use_tracer
        return func(*args, **kwargs)
      File "/opt/az/lib/python3.10/site-packages/azure/keyvault/certificates/_client.py", line 764, in get_certificate_operation
        return CertificateOperation._from_certificate_operation_bundle(certificate_operation_bundle=bundle)
      File "/opt/az/lib/python3.10/site-packages/azure/keyvault/certificates/_models.py", line 492, in _from_certificate_operation_bundle
        error=(CertificateOperationError._from_error_bundle(certificate_operation_bundle.error)  # pylint: disable=protected-access
      File "/opt/az/lib/python3.10/site-packages/azure/keyvault/certificates/_models.py", line 112, in _from_error_bundle
        inner_error=cls._from_error_bundle(error_bundle.inner_error)  # type: ignore
      File "/opt/az/lib/python3.10/site-packages/azure/keyvault/certificates/_models.py", line 110, in _from_error_bundle
        code=error_bundle.code,  # type: ignore
    AttributeError: 'NoneType' object has no attribute 'code'

To reproduce

• Certificate creation fails due to a disabled domain within OneCert: *.cog.trafficmanager.net. The error message is not user-friendly.
• Certificate creation command returns a 'NoneType' object has no attribute 'code' error.
• Certificate creation is failing due to a disabled domain within OneCert.

References and related

• Incident 532906037 (Microsoft internal)

[github-actions]

Thank you for your feedback. Tagging and routing to the team member best able to assist.