We are using argocd 2.10.1, and using key vault plugin using sidecar.
- name: AVP_VERSION
value: 1.17.0
It was working fine until today when we started getting error as below. Please suggest what might be issue and why this changed suddenly.
ComparisonError: Failed to load target state: failed to generate manifest for source 1 of 1: rpc error: code = Unknown desc = Manifest generation error (cached): plugin sidecar failed. error generating manifests in cmp: rpc error: code = Unknown desc = error generating manifests: sh -c "argocd-vault-plugin generate ./ -s ${ARGOCD_ENV_AVP_SECRET}" failed exit status 1: Error: Replace: could not replace all placeholders in Template: keyvault.BaseClient#GetSecret: Failure responding to request: StatusCode=401 -- Original Error: autorest/azure: Service returned an error. Status=401 Code="Unauthorized" Message="AKV10022: Invalid audience. Expected https://vault.azure.net or cfa8b339-82a2-471a-a3c9-0fc0be7a4093, found: spn:cfa8b339-82a2-471a-a3c9-0fc0be7a4093." Usage: argocd-vault-plugin generate [flags] Flags: -c, --config-path string path to a file containing Vault configuration (YAML, JSON, envfile) to use -h, --help help for generate -s, --secret-name string name of a Kubernetes Secret in the argocd namespace containing Vault configuration data in the argocd namespace of your ArgoCD host (Only available when used in ArgoCD). The namespace can be overridden by using the format : --verbose-sensitive-output enable verbose mode for detailed info to help with debugging. Includes sensitive data (credentials), logged to stderr
HI,
We are using argocd 2.10.1, and using key vault plugin using sidecar.
It was working fine until today when we started getting error as below. Please suggest what might be issue and why this changed suddenly.
ComparisonError: Failed to load target state: failed to generate manifest for source 1 of 1: rpc error: code = Unknown desc = Manifest generation error (cached): plugin sidecar failed. error generating manifests in cmp: rpc error: code = Unknown desc = error generating manifests: [flags] Flags: -c, --config-path string path to a file containing Vault configuration (YAML, JSON, envfile) to use -h, --help help for generate -s, --secret-name string name of a Kubernetes Secret in the argocd namespace containing Vault configuration data in the argocd namespace of your ArgoCD host (Only available when used in ArgoCD). The namespace can be overridden by using the format : --verbose-sensitive-output enable verbose mode for detailed info to help with debugging. Includes sensitive data (credentials), logged to stderr
sh -c "argocd-vault-plugin generate ./ -s ${ARGOCD_ENV_AVP_SECRET}"failed exit status 1: Error: Replace: could not replace all placeholders in Template: keyvault.BaseClient#GetSecret: Failure responding to request: StatusCode=401 -- Original Error: autorest/azure: Service returned an error. Status=401 Code="Unauthorized" Message="AKV10022: Invalid audience. Expected https://vault.azure.net or cfa8b339-82a2-471a-a3c9-0fc0be7a4093, found: spn:cfa8b339-82a2-471a-a3c9-0fc0be7a4093." Usage: argocd-vault-plugin generateThanks.