You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It all works for this command and shows the initial secret
$ kustomize build --enable-alpha-plugins .
Also it works with argoCD if I create an app without --directory-recurse:
$ argocd app create k8s-cluster-app --repo --path . --dest-server
However, I need --directory-recurse, but with this option ksops-secret-decoder appears inside k8s-cluster-app instead of being used for kustomize-ksops-decoding, and it all doesn't work.
So I have tried some ways in achieving the usage of --directory-recurse.
WAY # 1.
Try to exclude directory where ksops-secret-decoder is located.
This results in having a strange undecoded secret in my k8s-cluster-app, with the name, exactly:
ENC[AES256_GCM,data:yUKYP6s2HxLiXg==,iv:j7BtRHCM1KNG5+tgGXRS/6yzdHtcNK5lv/DldeZQsVQ=,tag:HAF9Z0s4v4B6Cpu5cC789g==,type:str]
Seems like kustomize doesn't have an access to my excluded file with its instructions too. That's sad.
WAY # 2.
Try to integrate ksops-secret-decoder inside kustomization.yaml in hope that argoCD wouldn't create ksops-secret-decoder object and would let kustomize use it to decode the secret.
Locally, "kustomize build --enable-alpha-plugins ." still works fine.
But I recieve an error trying to create an app:
$ argocd app create k8s-cluster-app --repo --path . --dest-server --directory-recurse
FATA[0001] rpc error: code = InvalidArgument desc = application spec for k8s-cluster-app is invalid: InvalidSpecError: Unable to generate manifests in .: rpc error: code = FailedPrecondition desc = Failed to unmarshal "kustomization.yaml":
Why does it have an error? Is it a bug in argoCD?
I thought that argo use "kustomize build" command, but it seems I was wrong about it.
Which utility does it use for unmarshalling yaml files?
What else can I do?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hello. I have problems in integration argoCD with kustomize ksop generator.
Workaround:
Initially, I had this file:
It was encrypted with sops:
$ sops --encrypt --in-place -p <gpg_key_id> secret.yaml
So now it looks rather creepy:
I also added some instructions for kustomize to deal with this secret
It all works for this command and shows the initial secret
$ kustomize build --enable-alpha-plugins .
Also it works with argoCD if I create an app without --directory-recurse:
$ argocd app create k8s-cluster-app --repo --path . --dest-server
However, I need --directory-recurse, but with this option ksops-secret-decoder appears inside k8s-cluster-app instead of being used for kustomize-ksops-decoding, and it all doesn't work.
So I have tried some ways in achieving the usage of --directory-recurse.
WAY # 1.
Try to exclude directory where ksops-secret-decoder is located.
$ argocd app create k8s-cluster-app --repo --path . --dest-server --directory-recurse --directory-exclude 'gen/*'
This results in having a strange undecoded secret in my k8s-cluster-app, with the name, exactly:
ENC[AES256_GCM,data:yUKYP6s2HxLiXg==,iv:j7BtRHCM1KNG5+tgGXRS/6yzdHtcNK5lv/DldeZQsVQ=,tag:HAF9Z0s4v4B6Cpu5cC789g==,type:str]
Seems like kustomize doesn't have an access to my excluded file with its instructions too. That's sad.
WAY # 2.
Try to integrate ksops-secret-decoder inside kustomization.yaml in hope that argoCD wouldn't create ksops-secret-decoder object and would let kustomize use it to decode the secret.
Locally, "kustomize build --enable-alpha-plugins ." still works fine.
But I recieve an error trying to create an app:
$ argocd app create k8s-cluster-app --repo --path . --dest-server --directory-recurse
FATA[0001] rpc error: code = InvalidArgument desc = application spec for k8s-cluster-app is invalid: InvalidSpecError: Unable to generate manifests in .: rpc error: code = FailedPrecondition desc = Failed to unmarshal "kustomization.yaml":
Why does it have an error? Is it a bug in argoCD?
I thought that argo use "kustomize build" command, but it seems I was wrong about it.
Which utility does it use for unmarshalling yaml files?
What else can I do?
Thanks in advance.
Beta Was this translation helpful? Give feedback.
All reactions