I think this is a bug.
I’m running Drone server and the Docker runner on-prem and using the Vault extension with Vault running behind a reverse proxy over HTTPS. My attempts to read secrets were failing and despite having
DRONE_DEBUG=true I was simply seeing
level=debug msg=“secrets: cannot find secret : secret key not found”
in the logs.
The issue was the drone-vault docker image was lacking the root-ca for the Vault server running behind the load balancer.
What I would have expected to see in the logs is an error that explained why the drone-vault extension was unable to establish a proper connection to the Vault server.
I’m happy to provide more information if needed.