Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Chart prevents synchronisation with ArgoCD when using custom sync label #1013

Closed
aaaaahaaaaa opened this issue Apr 10, 2024 · 3 comments
Closed
Labels
bug Something isn't working

Comments

@aaaaahaaaaa
Copy link

Describe the bug
When using a custom sync label for ArgoCD (e.g argocd.argoproj.io/instance as per the official recommendation here), then the app stays out-of-sync in ArgoCD, without any actual diff being reported.
Looking then at the manifests being provisioned, the argocd.argoproj.io/instance label is missing entirely. So, AFAICT, there seems to be a very weird behaviour with that chart in particular that prevent ArgoCD from injecting the label.

For the record, we have over 30 apps running on our cluster in a very consistent way with the same overall config, and vault is the only one showing the weird behaviour.

To Reproduce
Steps to reproduce the behavior:

  1. Configure ArgoCD with: application.instanceLabelKey: argocd.argoproj.io/instance
  2. Install chart
  3. App stays Out-of-sync in ArgoCD

vault-0 manifest (argocd.argoproj.io/instance is missing):

apiVersion: v1                                                                                                                                                                                                      
kind: Pod                                                                                                                                                                                                           
metadata:                                                                                                                                                                                                           
  creationTimestamp: "2024-04-10T12:25:48Z"                                                                                                                                                                         
  generateName: vault-                                                                                                                                                                                              
  labels:                                                                                                                                                                                                           
    app.kubernetes.io/instance: vault                                                                                                                                                                               
    app.kubernetes.io/name: vault                                                                                                                                                                                   
    component: server                                                                                                                                                                                               
    controller-revision-hash: vault-6b6bb87557                                                                                                                                                                      
    helm.sh/chart: vault-0.28.0                                                                                                                                                                                     
    statefulset.kubernetes.io/pod-name: vault-0                                                                                                                                                                     
  name: vault-0                                                                                                                                                                                                     
  namespace: vault 

image

Other useful info to include: vault pod logs, kubectl describe statefulset vault and kubectl get statefulset vault -o yaml output

Expected behavior

  • App is fully in sync in ArgoCD

Environment

  • Kubernetes version: GKE
  • vault-helm version: 0.28.0

Chart values:

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: vault-chart
  namespace: argocd
  finalizers:
    - resources-finalizer.argocd.argoproj.io
spec:
  project: default
  source:
    chart: vault
    repoURL: https://helm.releases.hashicorp.com
    targetRevision: 0.28.0
    helm:
      releaseName: vault
      valuesObject:
        server:
          ha:
            enabled: true
        ui:
          enabled: true
          serviceNodePort: null
          externalPort: 8200
  destination:
    server: "https://kubernetes.default.svc"
    namespace: vault
  syncPolicy:
    automated:
      prune: true
    syncOptions:
      - CreateNamespace=true
  ignoreDifferences:
    - group: admissionregistration.k8s.io
      kind: MutatingWebhookConfiguration
      jqPathExpressions:
        - .webhooks[]?.clientConfig.caBundle

Additional context
Add any other context about the problem here.

@aaaaahaaaaa aaaaahaaaaa added the bug Something isn't working label Apr 10, 2024
@aaaaahaaaaa
Copy link
Author

aaaaahaaaaa commented Apr 10, 2024

Hmm, actually the vault statefulset does have the argocd.argoproj.io/instance: vault-chart annotation. Now I'm really confused.

@aaaaahaaaaa
Copy link
Author

It's actually the ArgoCD application manifest that seems to be missing the injected annotation. I'm really confused why.

image

@aaaaahaaaaa
Copy link
Author

The problem came from ArgoCD (issue). And was resolved with 2.11.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

1 participant