Comments (14)
So, this worked before Helmet 3.14.1 because the helm template expansion could work because it just didn't care about the name at that stage. It now cares about the name.
Template expansion happens before the vault substitution with lovely-vault
out of the box. It "worked" because all the places the helm name were used inside your templates got substituted after expansion, and everything was doozy.
So, you have a couple of options:
- Pass the "name" in as some other variable in values.yaml, so helm doesn't complain. A pain to implement making your charts a bit non-standard.
- Use
LOVELY_PREPROCESSORS
to do the name substitution before helm gets invoked. If you have stronger bash skills you might be able to sanely do this in place, but in the interests of getting on with other stuff I'm going to suggest you have a Chart.tpl and doLOVELY_PREPROCESSORS: "argocd-vault-replacer < Chart.tpl > Chart.yaml"
. This suggestion comes to you completely untested. You're most welcome.
from argocd-lovely-plugin.
Is this an application part of an app of apps? You're running it through lovely-vault? I wonder if lovely-vault is broken - are there any logs from the container other than this?
The changelog is only for dependencies, so I can't see a likely candidate for breaking this.
from argocd-lovely-plugin.
yes - application is part of an app of apps.
yes - app of apps is using lovely-vault for deployment (I think that was the only way to get dynamic names to work)
I have also looked at the changelog and could not see anything incriminating. Maybe its the helm version changes in the dockerfile?
I have tried rolling forward and backwards couple of times and it always behaves the same.
These are the only logs from the lovely-plugin container.
10/06/2024, 13:21:21.650
time="2024-06-10T12:21:21Z" level=info msg="Generating manifests with no request-level timeout"
10/06/2024, 13:21:21.650
time="2024-06-10T12:21:21Z" level=info msg=argocd-lovely-plugin dir=/tmp/_cmp_server/7aa0ba20-e903-4243-99fb-ebfb381f4042/kubernetes/xxx execID=dca77
10/06/2024, 13:21:23.859
time="2024-06-10T12:21:23Z" level=error msg="`argocd-lovely-plugin` failed exit status 1: 2024/06/10 12:21:23 exit status 1: Error: validation: chart.metadata.name \"xxx-<vault:xxx>-xxx\" is invalid" execID=dca77
10/06/2024, 13:21:23.865
time="2024-06-10T12:21:23Z" level=error msg="finished streaming call with code Unknown" error="error generating manifests: `argocd-lovely-plugin` failed exit status 1: 2024/06/10 12:21:23 exit status 1: Error: validation: chart.metadata.name \"xxx-<vault:xxx>-xxx\" is invalid" grpc.code=Unknown grpc.method=GenerateManifest grpc.service=plugin.ConfigManagementPluginService grpc.start_time="2024-06-10T12:21:21Z" grpc.time_ms=2419.062 span.kind=server system=grpc
from argocd-lovely-plugin.
Seeing as I don't really know what is going on, can you see if 1.0.3 does any better for you?
from argocd-lovely-plugin.
Just tried 1.0.3 - same issue
from argocd-lovely-plugin.
Thanks for trying
from argocd-lovely-plugin.
I have done some trials with custom built image and it looks like upgrading helm dependency in the dockerfile to 3.14.1+ is what breaks the functionality.
ARG HELM_VERSION=v3.14.1
Helm change log for 3.14.1 just mentions a security fix, looks like they started validating chart names:
from argocd-lovely-plugin.
But this is an application, not a Chart.yaml?
from argocd-lovely-plugin.
you are right, it is also in the chart name
Chart.yaml
apiVersion: v2
name: xxx-<vault:xxx~xxx>-xxx
version: 0.0.1
from argocd-lovely-plugin.
So, the app-of-apps is a Chart in itself. Can you elaborate on the directory structure of this application, in particular where the Chart.yaml(s) are?
from argocd-lovely-plugin.
argocd application (/applications/argocd.yaml) which deploys app of apps (/argocd/yaml/app-of-apps.yaml) definition as part of itself
app-of-apps has an xxx-vault:xxx~xxx-xxx application (/applications/yyy.yaml)
xxx-vault:xxx~xxx-xxx application defines a chart (/yyy/Chart.yaml) named xxx-vault:xxx~xxx-xxx
is that a non recommended/supported way?
from argocd-lovely-plugin.
I only care about the application structure of the one application that is causing issues.
Is that a the last of these, or the app of apps?
The structure of the failing application has a Chart.yaml in the root directory with a vault substituted name in it?
from argocd-lovely-plugin.
correct, it is the yyy application that is causing the issue (not the app of apps)
yes, the failing application is just a Chart.yaml (with a vault substituted name) that has a dependency defined (the actual chart) + values.yaml in a directory
Chart.yaml
apiVersion: v2
name: xxx-<vault:xxx~xxx>-xxx
version: 0.0.1
dependencies:
- name: zzz
version: 1.2.3
repository: zzz
from argocd-lovely-plugin.
Thanks, that seems to work even in 1.0.3.
I had to move the definitions from the root folder to ./chart folder for the pre-processor to work, but otherwise all good.
definition in the app if anyone ever encounters this:
plugin:
name: lovely-vault
env:
- name: LOVELY_PREPROCESSORS_YAML
value: |-
chart:
- "argocd-vault-replacer < Chart.tpl > Chart.yaml"
from argocd-lovely-plugin.
Related Issues (20)
- ghcr.io/crumbhole/lovely-vault-plugin has no argocd-vault-plugin binary HOT 3
- bug: Environment variables from LOVELY_HELM_MERGE are expanded HOT 9
- Question: How to use argocd-vault-plugin for multiple Vault instances HOT 5
- argocd-vault-plugin container includes invalid binary HOT 1
- v0.20.0 - all plugins have the same default name HOT 4
- Environment variables LOVELY_HELM_REPO_ADD_PARAMS throwing Error: helm repo add requires 2 arguments HOT 4
- ci: CI always fails for users who offer PRs HOT 2
- CRDs not included in helmfile template processor HOT 3
- Can't run command as part of helm template HOT 2
- 401 unauthorized - Unable to pull OCI Registry images on Lovely CMP 0.22.1 (Helm 1.13.1) HOT 2
- Ytt crashes in lovely-ytt HOT 2
- Remove argocd-cm vestiges from installation examples HOT 7
- Cant add helm repo if using helmfile processor HOT 5
- Help wanted with dynamic kustomize resource configuration. HOT 1
- Adding a possibility to ignore directories HOT 4
- Provide helmwave support HOT 2
- Helmfile - view generated helmfile HOT 1
- Issue with helmfile and capabilities HOT 3
- Is there a way to use this to reference configmap/secret values in a helm values/yaml files? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from argocd-lovely-plugin.