search

argoproj / argo-cd

Declarative Continuous Deployment for Kubernetes
https://argo-cd.readthedocs.io
Apache License 2.0
17.72k stars 5.4k forks source link

Repo server fails to start - GPG error #11647

Open ralphotowo opened 1 year ago

ralphotowo commented 1 year ago

Checklist:

Describe the bug

I followed the instructions from the official documentation to setup an installation of ArgoCD and the argocd-repo-server attempts to start multiple times and ends up in a CrashLoopBackOff state. I found a similar report here.

To Reproduce

Expected behavior All the pods associated with ArgoCD should become healthy.

Screenshots Screenshot from 2022-12-10 19-26-41

Version

argocd: v2.5.4+86b2dde

Logs

ralph@sei-8279:~$ kubectl -n argocd logs -f argocd-repo-server-5b7cc7d8c8-wnngr
Defaulted container "argocd-repo-server" out of: argocd-repo-server, copyutil (init)
time="2022-12-10T18:22:34Z" level=info msg="ArgoCD Repository Server is starting" built="2022-12-06T19:46:25Z" commit=86b2dde8e4bf1187acd2b4294e94451cd104dad8 port=8081 version=v2.5.4+86b2dde
time="2022-12-10T18:22:34Z" level=info msg="Generating self-signed TLS certificate for this session"
time="2022-12-10T18:22:35Z" level=info msg="Initializing GnuPG keyring at /app/config/gpg/keys"
time="2022-12-10T18:22:35Z" level=info msg="gpg --no-permission-warning --logger-fd 1 --batch --gen-key /tmp/gpg-key-recipe3098385539" dir= execID=71abc
time="2022-12-10T18:22:41Z" level=error msg="`gpg --no-permission-warning --logger-fd 1 --batch --gen-key /tmp/gpg-key-recipe3098385539` failed exit status 2" execID=71abc
time="2022-12-10T18:22:41Z" level=info msg=Trace args="[gpg --no-permission-warning --logger-fd 1 --batch --gen-key /tmp/gpg-key-recipe3098385539]" dir= operation_name="exec gpg" time_ms=6009.092806
time="2022-12-10T18:22:41Z" level=fatal msg="`gpg --no-permission-warning --logger-fd 1 --batch --gen-key /tmp/gpg-key-recipe3098385539` failed exit status 2"
ralphotowo commented 1 year ago

I installed an older version of ArgoCD (2.5.0) in the same environment using helm and everything started up correctly: helm install -n argocd argocd --create-namespace bitnami/argo-cd --version 4.3.0

BartoszZawadzki commented 1 year ago

I was able to solve this by removing:

seccompProfile:
  type: RuntimeDefault

from repo-server containerSecurityContext

thatsankur commented 1 year ago

I was able to solve this by removing:

seccompProfile:
  type: RuntimeDefault

from repo-server containerSecurityContext

I can't find containerSecurityContext in https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/core-install.yaml. Where exactly you are referring this ?

BartoszZawadzki commented 1 year ago

In values.yaml of the helm chart, If you're using different deployment method look under the Deployment of repo-server

thatsankur commented 1 year ago

In values.yaml of the helm chart, If you're using different deployment method look under the Deployment of repo-server

This works thanks!

nevotheless commented 1 year ago

I've just encountered the same issue.

Deployed argo just via 

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

and encountering the same issue as above. I've tried removing seccompProfile from the deployment resource but it always defaults back to RuntimeDefault.

I've also tried setting it to Unconfined with no success. I would appreciate any help and pointers to get rid of this issue.

einnse commented 1 year ago

@nevotheless hi,you can try edit install.yaml seccompProfile: type: Unconfined

cloudxu commented 1 year ago

I got the same issue when applying install.yaml to tencent cloud's k8s as a service. Is there any RBAC roles missing for the repo-server?

niravparikh05 commented 12 months ago

Hello all, even I am running into the same issue with v2.8.4 when installed argocd using the quickstart yaml on kind cluster.

imranismail commented 11 months ago

Running into this issue as well

mayur2281 commented 9 months ago

time="2023-12-29T11:57:37Z" level=info msg="ArgoCD Repository Server is starting" built="2023-12-01T23:05:50Z" commit=6eba5be864b7e031871ed7698f5233336dfe75c7 port=8081 version=v2.9.3+6eba5be time="2023-12-29T11:57:37Z" level=info msg="Generating self-signed TLS certificate for this session" time="2023-12-29T11:57:37Z" level=info msg="Initializing GnuPG keyring at /app/config/gpg/keys" time="2023-12-29T11:57:37Z" level=fatal msg="listen unix /tmp/reposerver-ask-pass.sock: socket: permission denied"

STill getting this error

vahidkhorasani commented 9 months ago

I've just encountered the same issue.

Deployed argo just via

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

and encountering the same issue as above. I've tried removing seccompProfile from the deployment resource but it always defaults back to RuntimeDefault.

I've also tried setting it to Unconfined with no success. I would appreciate any help and pointers to get rid of this issue.

Perfect ! this solution solved my issue and it's working properly , Thnaks

mohahmed13 commented 8 months ago

I wrote up a fix that worked for us here: https://github.com/argoproj/argo-cd/issues/9809#issuecomment-1910899888