Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AVP fails or conflicts in helm grafana operator install #669

Open
funes79 opened this issue Oct 15, 2024 · 1 comment
Open

AVP fails or conflicts in helm grafana operator install #669

funes79 opened this issue Oct 15, 2024 · 1 comment

Comments

@funes79
Copy link

funes79 commented Oct 15, 2024

Describe the bug

Tried to install app grafana-operator from helm chart and ArgoCD fails to load target state.

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: grafana-operator
  namespace: argocd
spec:
  project: default
  source:
    chart: grafana-operator
    repoURL: 'https://charts.bitnami.com/bitnami'
    targetRevision: 4.7.3
  destination:
    server: 'https://kubernetes.default.svc'
    namespace: grafana
  syncPolicy:
    syncOptions:
      - CreateNamespace=true

The config of the AVP:

apiVersion: v1
kind: ConfigMap
metadata:
  name: cmp-plugin
data:
  avp.yaml: |
    apiVersion: argoproj.io/v1alpha1
    kind: ConfigManagementPlugin
    metadata:
      name: argocd-vault-plugin
    spec:
      allowConcurrency: true
      discover:
        find:
          command:
            - sh
            - "-c"
            - "find . -name '*.yaml' | xargs -I {} grep \"<path\\|avp\\.kubernetes\\.io\" {} | grep ."
      generate:
        command:
          - argocd-vault-plugin
          - generate
          - "."
      lockRepo: false
---

and the patch of Deployment:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: argo-argocd-repo-server
spec:
  template:
    spec:
      automountServiceAccountToken: true
      volumes:
        - configMap:
            name: cmp-plugin
          name: cmp-plugin
        - name: custom-tools
          emptyDir: {}
      initContainers:
      - name: download-tools
        image: registry.access.redhat.com/ubi8
        env:
          - name: AVP_VERSION
            value: 1.16.1
        command: [sh, -c]
        args:
          - >-
            curl -L https://github.com/argoproj-labs/argocd-vault-plugin/releases/download/v$(AVP_VERSION)/argocd-vault-plugin_$(AVP_VERSION)_linux_amd64 -o argocd-vault-plugin &&
            chmod +x argocd-vault-plugin &&
            mv argocd-vault-plugin /custom-tools/
        volumeMounts:
          - mountPath: /custom-tools
            name: custom-tools
      containers:
      - name: avp
        env:
          - name: AWS_REGION
            value: eu-west-1
          - name: AVP_TYPE
            value: awssecretsmanager
        command: [/var/run/argocd/argocd-cmp-server]
        image: registry.access.redhat.com/ubi8
        securityContext:
          runAsNonRoot: true
          runAsUser: 999
        volumeMounts:
          - mountPath: /var/run/argocd
            name: var-files
          - mountPath: /home/argocd/cmp-server/plugins
            name: plugins
          - mountPath: /tmp
            name: tmp

          # Register plugins into sidecar
          - mountPath: /home/argocd/cmp-server/config/plugin.yaml
            subPath: avp.yaml
            name: cmp-plugin

          # Important: Mount tools into $PATH
          - name: custom-tools
            subPath: argocd-vault-plugin
            mountPath: /usr/local/bin/argocd-vault-plugin

Throws:

Failed to load target state: failed to generate manifest for source 1 of 1: rpc error: code = Unknown desc = 
Manifest generation error (cached): plugin sidecar failed. error generating manifests in cmp: rpc error: code = 
Unknown desc = error generating manifests: `argocd-vault-plugin generate .` failed exit status 1: Error: could not read 
YAML/JSON files: could not read file: Chart.yaml from disk: error unmarshaling JSON: while decoding JSON: 
Object 'Kind' is missing in '{"annotations":{"category":"Analytics","images":"- name: grafana\n image: docker.io/bitnami/grafana:11.2.2-debian-12-r0\n- name: grafana-operator\n image: docker.io/bitnami/grafana-operator:5.14.0-debian-12-r0\n","licenses":"Apache-

Agro version:

v2.12.3+6b9cd82

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots/Verbose output
If applicable, add screenshots to help explain your problem.

If you've tried running argocd-vault-plugin generate with --verbose-sensitive-output to help debug, please include that output here after redacting any secrets.

Additional context
Add any other context about the problem here.
@tidusete
Copy link

If I remember correctly, whenever you want to try to use AVP on a helmchart you have to use/configure an additional plugin.
With you current config you are trying to apply the avp on all the files that contain *.yaml so thats why the Chart.yaml it gives you problems.
source: https://argocd-vault-plugin.readthedocs.io/en/stable/usage/#with-helm

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tidusete @funes79