Occasionally seeing HMAC errors in github webhooks

[pdeva]

Checklist:

• [x ] I've searched in the docs and FAQ for my answer: https://bit.ly/argocd-faq.
• [x ] I've included steps to reproduce the bug.
• [ x] I've pasted the output of argocd version.

Describe the bug

I have enabled the github webhook feature. For some reason occasionally the webhooks fail with HMAC error.

To Reproduce

Enable github webhooks in argocd server with a secret for authentication.

Expected behavior Webhooks should either always fail or always succed.

Screenshots

Version

Argocd 2.5.5

Logs

[sjwoodr]

I'm seeing the same behavior here.

[15kubernetes]

I have the same issue. This is very inconvenient. Please fix this.

[sjwoodr]

I have the same issue. This is very inconvenient. Please fix this.

I used to get these errors frequently but now I don't think I've had a single error in a month or more. The solution was to re-base64 encode the token that's saved in the argocd-secret secret. The trick is to make sure there is no trailing newline in the encoded value.

echo 111111111111111 | base64 = random HMAC errors. Sometimes it works, sometimes not.
echo -n 111111111111111 | base64 = zero errors

That's what fixed it for me.

[davidqhr]

Remember to restart your argocd-server after change the secret. In a previous version, this step is not required. However in the latest stable version, it works for me.

[purduemike]

Remember to restart your argocd-server after change the secret. In a previous version, this step is not required. However in the latest stable version, it works for me.

So, this worked for me. I would expect my argo-cd server to update automatically, if a secret is updated and it's not dynamically pulling it. I'm using the argo-cd helm chart to deploy.