The azd environment-config api: ResolvedRaw() is used to create the initial config for a CI/CD pipeline. It resolves all the secret references into their actual value.
During the resolution, the config object was not aware of removing the vault reference, as it was expecting that when azd loads a configuration in CI/CD, if the vault reference does not exists, it would be just ignored. However, when azd tries to load a configuration which contains a vault reference, an error os.ErrNotExist is returned from trying to load the configuration if the vault does not exists (even if the configuration does exits).

This means that, an initial configuration for CI/CD like:

{
  "infra": {
    "parameters": {
      "outputcache": "value"
    }
  },
  "vault": "3b065682-234a-4354-b336-d55c68feb0ee"
}

returns an error if the vault is not found. Regardless of the fact that the vault is not going to be used because there are no secret references to the vault.

Ways to fix this:

1. Update the config load() API to ignore when a vault reference is not found and return the configuration including the vault. Then, return an error when someone tries to use the vault (lazy error)

2. Update the ResolvedRaw() api from config to remove the reference to a vault as part of the resolution. This means that the configuration is totally disconnected from the vault.