search

argoproj / argo-cd

Declarative Continuous Deployment for Kubernetes
https://argo-cd.readthedocs.io
Apache License 2.0
18.01k stars 5.49k forks source link

server.secretkey is missing when installing from core-install #12903

Open crenshaw-dev opened 1 year ago

crenshaw-dev commented 1 year ago

Discussed in https://github.com/argoproj/argo-cd/discussions/12835

Originally posted by **rafalkrupinski** March 13, 2023 Hi, It's my first installation of Argo CD. I'm installing from core (https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#core) on k3s but I can't install any apps. logs from application controller show: > time="2023-03-13T10:15:38Z" level=warning msg="Failed to save clusters info: server.secretkey is missing" > time="2023-03-13T10:15:38Z" level=error msg="Partial success when performing preferred resource discovery" error="unable to retrieve the complete list of server APIs: metrics.k8s.io/v1beta1: the server is currently unable to handle the request, traefik.containo.us/v1alpha1: the server could not find the requested resource" server="https://kubernetes.default.svc" > time="2023-03-13T10:15:38Z" level=warning msg="failed to set app resource tree: dial tcp 10.43.145.167:6379: connect: connection refused" I've searched the missing secretkey, but solutions assume the argocd server is running but that's not the case with core-install. My logs are flooded with that missing secretkey message. I'll try the normal installation but it would be great if I could use core.
crenshaw-dev commented 1 year ago

The error comes from here:

// updateSettingsFromSecret transfers settings from a Kubernetes secret into an ArgoCDSettings struct.
func (mgr *SettingsManager) updateSettingsFromSecret(settings *ArgoCDSettings, argoCDSecret *apiv1.Secret, secrets []*apiv1.Secret) error {
    var errs []error
    secretKey, ok := argoCDSecret.Data[settingServerSignatureKey]
    if ok {
        settings.ServerSignature = secretKey
    } else {
        errs = append(errs, &incompleteSettingsError{message: "server.secretkey is missing"})
    }

I suspect that we need to just ignore that "error" when running in core mode.

paul-yolabs commented 2 months ago

This likely doesn't help at this point (I'm quite surprised this bug is still a thing), but a "fix" for this is to run anything with the argocd CLI when in core mode.

I've already done an argocd login --core here, but:

$  k get secret argocd-secret 
NAME            TYPE     DATA   AGE
argocd-secret   Opaque   0      69s
$  argocd app list
NAME  CLUSTER  NAMESPACE  PROJECT  STATUS  HEALTH  SYNCPOLICY  CONDITIONS  REPO  PATH  TARGET
$ k get secret argocd-secret
NAME            TYPE     DATA   AGE
argocd-secret   Opaque   3      96s

So the CLI is able to update this secret, but the pods don't, and it's installed in a non-functional state.

I thought I was losing my mind when I tried to automate core installs, because in all of my working examples I'd run the CLI at some point to see what was happening.

It would be great to get this fixed, the entire reason we want to use ArgoCD Core is for automated hands-off clusters.