search

1Password / connect-helm-charts

Official 1Password Helm Charts
https://developer.1password.com
MIT License
93 stars 74 forks source link

Secrets Injector failing to create with error 'serviceaccount "secrets-injector" not found' #186

Open romosa opened 8 months ago

romosa commented 8 months ago

Your environment

Chart Version: 1.0.1

Helm Version: v3.13.1

Kubernetes Version: 1.28

What happened?

What did you expect to happen?

Secrets-injector is failing to deploy with the error

 pods "secrets-injector-59b74b5b5-" is forbidden: error looking up service account onepassword/secrets-injector: serviceaccount "secrets-injector" not found

Deployment is being created first before the serviceaccount. deployment.yaml is annotated with pre-install while the permissions.yaml is not.

  annotations:
    helm.sh/hook: pre-install
    helm.sh/hook-weight: "1"

Steps to reproduce

  1. helm install --set injector.applicationName=injector injector 1password/secrets-injector

Notes & Logs

Tipsmark commented 7 months ago

And if you have auto sync enable in argocd for example this leads to eternal loops - I can't believe how bad this chart is, I even raised it with 1password and hear nothing. Not to mention we now have to do some workarounds for deployments via code to work on initial deploy... another band aid on this chart.