Improve error handling for HTTP 401 Unauthorized responses from Buildkite

[keithduncan]

These are logged but don’t provide much detail, ideally the error message would include a title, description, and a recovery suggestion.

The title should cover what the Lambda was attempting to do that failed e.g. "Couldn’t retrieve Buildkite metrics for the queue queue"

The description should provide more detail on what went wrong when trying to "do" the title e.g. "The Buildkite Agent token retrieved from (ENV VAR / SSM Parameter) was rejected" replacing where the token was retrieved from with the actual place the token was retrieved from based on runtime configuration.

The recovery suggestion should describe what action the user can take to fix the error e.g. "Retrieve or generate a new Buildkite Agent token from https://buildkite.com/organizations/-/agents and update the (ENV VAR / SSM Parameter) with the value".

[surajthakur]

Hi Team,

I am also receiving the same error.
I am using the buildkite agent token path using AWS secretsmanager.
This is error I get.

Scaling error: GET https://agent.buildkite.com/v3/metrics: 401 Unauthorized

in the config.json I have used the parameter

{
        "ParameterKey": "BuildkiteAgentTokenParameterStorePath",
        "ParameterValue": "/aws/reference/secretsmanager/BuildkiteAgentToken"
}

The secret is created as a key value pair in aws secretsmanager and the key name is BuildkiteAgentToken

Any ideas what could be the issue?

Thanks

[surajthakur]

My issue got resolved: https://forum.buildkite.community/t/buildkite-elastic-ci-stack-throws-401-error-when-using-aws-secretsmanager/2923/4