Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Flux bootstrap for a project hosted on GitLab on-prem #4218

Closed
lakshman-au opened this issue Sep 6, 2023 · 15 comments
Closed

Flux bootstrap for a project hosted on GitLab on-prem #4218

lakshman-au opened this issue Sep 6, 2023 · 15 comments

Comments

@lakshman-au
Copy link

Having an AKS cluster in air-gapped environment and gitlab hosted on-prem, I am trying to bootstrap with the below command

flux bootstrap gitlab --hostname=$GITLAB_URL --owner=$GITLAB_GROUP --repository=$GITLAB_REPO --branch=flux_test --path=manifests/staging --registry=azurecr.io/$ACR_NAME/fluxcd --image-pull-secret=acr-auth --interval 10m --token-auth --reconcile

I am getting error , resource already exists. How can I bootstrap with existing repository
@stefanprodan
Copy link
Member

stefanprodan commented Sep 6, 2023
edited
Loading

What's the reason for using --reconcile? That's for GitLab teams to be given maintainer access, but I don't see any teams usage in your command.

@lakshman-au
Copy link
Author

the repository already exists,

@lakshman-au
Copy link
Author

what is the right way to bootstrap with existing gitlab repo

@stefanprodan
Copy link
Member

Run it without --reconcile

@lakshman-au
Copy link
Author

Let me try and update

@lakshman-au
Copy link
Author

az aks get-credentials --resource-group $AKS_RG --name $AKS_NAME

az aks get-credentials --resource-group ibcm_yyyyyyy_dev_uc5-aks-developb5f3-rg --name ibcm-yyyyyyy-dev-uc5-cluster-developb5f3

flux bootstrap gitlab --hostname=$GITLAB_URL --owner=$GITLAB_GROUP --repository=$GITLAB_REPO --branch=flux_test --path=manifests/staging --registry=azurecr.io/$ACR_NAME/fluxcd --image-pull-secret=acr-auth --token-auth --verbose

++ flux bootstrap gitlab --hostname=https://xxxxxxxxxx/ --owner=yyyyyyy/use-case-5-kubernetes-automation --repository=AzureIaCProject-UC5AKS --branch=flux_test --path=manifests/staging --registry=azurecr.io/[MASKED]/fluxcd --image-pull-secret=acr-auth --token-auth --verbose

► connecting to https://xxxxxxxxxx/

✗ failed to create new Git repository "https://xxxxxxxxxx//yyyyyyy/use-case-5-kubernetes-automation/AzureIaCProject-UC5AKS": multiple errors occurred:

  • POST https://xxxxxxxxxx/api/v4/projects: 400 {message: {name: [has already been taken]}, {project_namespace.name: [has already been taken]}}

  • resource already exists, cannot create object. Use Reconcile() to create it idempotently

Cleaning up project directory and file based variables.

Still Same error

@stefanprodan
Copy link
Member

What version of Flux are you using? Is it 2.1.0?

@lakshman-au
Copy link
Author

yes the version is 2.1.0

@stefanprodan
Copy link
Member

@somtochiama could you please have a look?

@somtochiama
Copy link
Member

@lakshman-au I have deployed a self-hosted version of GitLab but I have been unable to recreate this error. I tried to have the same exact command including pushing flux to an acr registry.

Can you give more details about your GitLab repository? Does the name of the repository/group) differ from the slug(the path you see in the URL in the browser?) or are there any special characters in some of the values you have omitted? Any extra info will be helpful

Also what Gitlab version are you running, I tested on 16.3.2-ee

@lakshman-au
Copy link
Author

lakshman-au commented Sep 8, 2023
edited
Loading

Gitlab Enterprise version: [15.11.9-ee]
I just added few options ( author email,author-name,commit-message)

flux bootstrap gitlab --author-email=lakshmanakumar.duraipandi@credit-suisse.com --author-name="Lakshman Duraipandi" --hostname=$GITLAB_URL
--insecure-skip-tls-verify --owner=$GITLAB_GROUP --repository=$GITLAB_REPO --branch=develop
--path=clusters/my-cluster/ --registry=cordevuc5acrdevelopb5f3.azurecr.io/fluxcd \
--image-pull-secret=acr-auth --interval 10m --token-auth
--commit-message-appendix='#1 add' --verbose
+++++++++++++++++++++++++++++++++++++++++++++
Please enter your GitLab personal access token (PAT):
⺠connecting to https://gitlab.csintra.net/
⺠cloning branch "develop" from Git repository https://gitlab.csintra.net//coreengg/use-case-5-kubernetes-automation/flux-check.git
â cloned repository
⺠generating component manifests
â generated component manifests
â component manifests are up to date
⺠installing components in "flux-system" namespace
â installed components
â reconciled components
⺠determining if source secret "flux-system/flux-system" exists
⺠generating source secret
⺠applying source secret "flux-system/flux-system"
â reconciled source secret
⺠generating sync manifests
â generated sync manifests
â sync manifests are up to date
⺠applying sync manifests
â reconciled sync configuration
â waiting for Kustomization "flux-system/flux-system" to be reconciled
â client rate limiter Wait returned an error: context deadline exceeded
⺠confirming components are healthy
â helm-controller: deployment ready
â kustomize-controller: deployment ready
â notification-controller: deployment ready
â source-controller: deployment ready
â all components are healthy
â bootstrap failed with 1 health check failure(s)
⺠connecting to https://gitlab.csintra.net/
⺠cloning branch "develop" from Git repository https://gitlab.csintra.net//coreengg/use-case-5-kubernetes-automation/flux-check.git
â cloned repository
⺠generating component manifests
â generated component manifests
â component manifests are up to date
⺠installing components in "flux-system" namespace
â installed components
â reconciled components
⺠determining if source secret "flux-system/flux-system" exists
⺠generating source secret
⺠applying source secret "flux-system/flux-system"
â reconciled source secret
⺠generating sync manifests
â generated sync manifests
â sync manifests are up to date
⺠applying sync manifests
â reconciled sync configuration
â waiting for Kustomization "flux-system/flux-system" to be reconciled
â client rate limiter Wait returned an error: context deadline exceeded
⺠confirming components are healthy
â helm-controller: deployment ready
â kustomize-controller: deployment ready
â notification-controller: deployment ready
â source-controller: deployment ready
â all components are healthy
â bootstrap failed with 1 health check failure(s)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Though I have the option --insecure-skip-tls-verify , still getting certifcate error.

@somtochiama
Copy link
Member

somtochiama commented Sep 8, 2023
edited
Loading

The error you are getting now differs from the one posted when you opened the issue.
Would you happen to have an idea of what part of the bootstrap command changed so that you could move past the error?

As for the TLS error you are getting,
--insecure-skip-tls-verify flag is for skipping TLS verification when connecting to the Kubernetes API server. (the description isn't very clear about this and we will look into changing it)
You can use the --ca-file flag to specify a certificate authority that will be used when connecting to the git server

@lakshman-au
Copy link
Author

I just added few options ( author email,author-name,commit-message), nothing else I changed

@somtochiama
Copy link
Member

Can you still reproduce the first error?

@somtochiama somtochiama mentioned this issue Sep 8, 2023
Merged
@lakshman-au
Copy link
Author

I could not reproduce the first error. The issue is resolved after adding --cafile option. Thanks a lot.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@stefanprodan @lakshman-au @somtochiama