Closed matthijsvanderloos closed 1 year ago
This issue was introduced trough the usage as a pre-install
hook in https://github.com/acryldata/datahub-helm/blob/0361995de9581d822fcd2b93f5a710d9a1e5a401/charts/datahub/templates/datahub-upgrade/datahub-system-update-job.yml#L14
Is is even necessary to have it here as a pre-install
hook?
It is only used to upgrade existing environments. Besides that one could think about creating the secret in a pre-install
hook too.
Since creating the datahub-auth-secrets
in a hook is not an option due to the "helm.sh/hook-delete-policy".
neo4j
or the mysql
secrets.pre-install
from the upgrade job.Any updates on this?
Is there a temp fix or work around for this?
Is there a temp fix or work around for this?
As also mentioned by @HannesHil, the only viable option if you don't want to disable the update job is to (manually) generate the secrets up front and disable provisioning the secrets through the chart:
I created 2 PRs which adds ability to remove helmhooks with everything still running normally (with the upgrade jobs) but I got no feedback and I kept adding to the PR because I am using my fork. If you'd like I can update my fork again to what I use and I will provide the registry to pull from. @mingz-work @nachiket-juneja @matthijsvanderloos
This issue is stale because it has been open for 30 days with no activity. If you believe this is still an issue on the latest DataHub release please leave a comment with the version that you tested it with. If this is a question/discussion please head to https://slack.datahubproject.io. For feature requests please use https://feature-requests.datahubproject.io
This issue was closed because it has been inactive for 30 days since being marked as stale.
Describe the bug
When enabling GMS authentication (via
global.datahub.metadata_service_authentication.enabled
), thedatahub-system-update-job
job fails to start on a fresh install of Datahub because it references thedatahub-auth-secrets
secret, which has not yet been created.To Reproduce Run the following commands:
The output includes the spec for the
datahub-system-update-job
job. Note the reference todatahub-auth-secrets
for theDATAHUB_SYSTEM_CLIENT_SECRET
environment variable:Expected behavior
datahub-system-update-job
job starts and completes successfully during fresh install with GMS authentication enabled.Additional context In addition to this issue, there are also duplicated environment variables in the job spec, see #261.