search

argoproj / argo-cd

Declarative Continuous Deployment for Kubernetes
https://argo-cd.readthedocs.io
Apache License 2.0
17.76k stars 5.42k forks source link

argocd exec is enabled without entering the prompt terminal, only the cursor is blinking #14819

Open ChinaNanSen opened 1 year ago

ChinaNanSen commented 1 year ago

argocd exec is enabled without entering the prompt terminal, only the cursor is blinking

The version used is: image: quay.io/argoproj/argocd:v2.7.6

argocd-cm.yaml

Please edit the object below. Lines beginning with a '#' will be ignored,

and an empty file will abort the edit. If an error occurs while saving this file will be

reopened with the relevant failures.

# apiVersion: v1 data: exec.enabled: "true" exec.shells: bash,sh kind: ConfigMap metadata: annotations:

argocd-rbac-cm.yaml

reopened with the relevant failures.

# apiVersion: v1 data: policy.csv: p, role:admin, exec, create, /, allow kind: ConfigMap metadata: annotations:

Log in with admin, stuck here

image

morey-tech commented 1 year ago

@ChinaNanSen, can you confirm that you have exec.shells and not exec.sehlls (as shown in the issue description) in your argocd-cm and if your container has bash or sh available?

ChinaNanSen commented 1 year ago

@ChinaNanSen, can you confirm that you have exec.shells and not exec.sehlls (as shown in the issue description) in your argocd-cm and if your container has bash or sh available?

Thank you for catching my typo. The container does have bash available. Even after correcting the spelling error, the issue still persists. I appreciate you taking the time to verify the details and provide suggestions. Your attention to detail is helpful as I continue troubleshooting this problem.

ChinaNanSen commented 1 year ago

image

morey-tech commented 1 year ago

Can you provide any relevant logs from the argocd-server Deployment?

ChinaNanSen commented 1 year ago

These logs are the logs from when I opened exec to when I closed exec:

time="2023-08-03T02:28:26Z" level=info msg="received unary call /application.ApplicationService/List" grpc.method=List grpc.request.content="selector:\"\" appNamespace:\"\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:26Z" span.kind=server system=grpc time="2023-08-03T02:28:26Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=List grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:26Z" grpc.time_ms=8.414 span.kind=server system=grpc time="2023-08-03T02:28:27Z" level=info msg="received streaming call /application.ApplicationService/Watch" grpc.method=Watch grpc.request.content="resourceVersion:\"8488730\" selector:\"\" appNamespace:\"\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:27Z" span.kind=server system=grpc time="2023-08-03T02:28:47Z" level=info msg="received streaming call /application.ApplicationService/Watch" grpc.method=Watch grpc.request.content="name:\"2048p\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:47Z" span.kind=server system=grpc time="2023-08-03T02:28:47Z" level=info msg="received unary call /cluster.SettingsService/Get" grpc.method=Get grpc.request.content= grpc.service=cluster.SettingsService grpc.start_time="2023-08-03T02:28:47Z" span.kind=server system=grpc time="2023-08-03T02:28:47Z" level=info msg="received unary call /application.ApplicationService/ListResourceActions" grpc.method=ListResourceActions grpc.request.content="name:\"2048p\" namespace:\"test-java\" resourceName:\"2048p-75c7654648-4cvzg\" version:\"v1\" kind:\"Pod\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:47Z" span.kind=server system=grpc time="2023-08-03T02:28:47Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=Get grpc.service=cluster.SettingsService grpc.start_time="2023-08-03T02:28:47Z" grpc.time_ms=12.441 span.kind=server system=grpc time="2023-08-03T02:28:47Z" level=info msg="received streaming call /application.ApplicationService/WatchResourceTree" grpc.method=WatchResourceTree grpc.request.content="applicationName:\"2048p\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:47Z" span.kind=server system=grpc time="2023-08-03T02:28:47Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=ListResourceActions grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:47Z" grpc.time_ms=22.709 span.kind=server system=grpc time="2023-08-03T02:28:48Z" level=info msg="received unary call /application.ApplicationService/ListResourceLinks" grpc.method=ListResourceLinks grpc.request.content="name:\"2048p\" namespace:\"test-java\" resourceName:\"2048p-75c7654648-4cvzg\" version:\"v1\" group:\"\" kind:\"Pod\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:48Z" span.kind=server system=grpc time="2023-08-03T02:28:48Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=ListResourceLinks grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:48Z" grpc.time_ms=19.733 span.kind=server system=grpc time="2023-08-03T02:28:48Z" level=info msg="received unary call /application.ApplicationService/GetApplicationSyncWindows" grpc.method=GetApplicationSyncWindows grpc.request.content="name:\"2048p\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:48Z" span.kind=server system=grpc time="2023-08-03T02:28:48Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=GetApplicationSyncWindows grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:48Z" grpc.time_ms=15.204 span.kind=server system=grpc time="2023-08-03T02:28:48Z" level=info msg="received unary call /cluster.SettingsService/Get" grpc.method=Get grpc.request.content= grpc.service=cluster.SettingsService grpc.start_time="2023-08-03T02:28:48Z" span.kind=server system=grpc time="2023-08-03T02:28:48Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=Get grpc.service=cluster.SettingsService grpc.start_time="2023-08-03T02:28:48Z" grpc.time_ms=12.422 span.kind=server system=grpc time="2023-08-03T02:28:48Z" level=info msg="received unary call /account.AccountService/CanI" grpc.method=CanI grpc.request.content="resource:\"exec\" action:\"create\" subresource:\"default/2048p\" " grpc.service=account.AccountService grpc.start_time="2023-08-03T02:28:48Z" span.kind=server system=grpc time="2023-08-03T02:28:48Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=CanI grpc.service=account.AccountService grpc.start_time="2023-08-03T02:28:48Z" grpc.time_ms=8.622 span.kind=server system=grpc time="2023-08-03T02:28:48Z" level=info msg="received unary call /application.ApplicationService/ListResourceActions" grpc.method=ListResourceActions grpc.request.content="name:\"2048p\" namespace:\"test-java\" resourceName:\"2048p-75c7654648-gx6gf\" version:\"v1\" kind:\"Pod\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:48Z" span.kind=server system=grpc time="2023-08-03T02:28:48Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=ListResourceActions grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:48Z" grpc.time_ms=24.829 span.kind=server system=grpc time="2023-08-03T02:28:48Z" level=info msg="received unary call /application.ApplicationService/ListResourceLinks" grpc.method=ListResourceLinks grpc.request.content="name:\"2048p\" namespace:\"test-java\" resourceName:\"2048p-75c7654648-gx6gf\" version:\"v1\" group:\"\" kind:\"Pod\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:48Z" span.kind=server system=grpc time="2023-08-03T02:28:48Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=ListResourceLinks grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:48Z" grpc.time_ms=21.064 span.kind=server system=grpc time="2023-08-03T02:28:49Z" level=info msg="received unary call /application.ApplicationService/ListResourceActions" grpc.method=ListResourceActions grpc.request.content="name:\"2048p\" namespace:\"test-java\" resourceName:\"2048p-75c7654648-4cvzg\" version:\"v1\" kind:\"Pod\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:49Z" span.kind=server system=grpc time="2023-08-03T02:28:49Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=ListResourceActions grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:49Z" grpc.time_ms=20.865 span.kind=server system=grpc time="2023-08-03T02:28:49Z" level=info msg="received unary call /application.ApplicationService/ListResourceLinks" grpc.method=ListResourceLinks grpc.request.content="name:\"2048p\" namespace:\"test-java\" resourceName:\"2048p-75c7654648-4cvzg\" version:\"v1\" group:\"\" kind:\"Pod\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:49Z" span.kind=server system=grpc time="2023-08-03T02:28:49Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=ListResourceLinks grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:49Z" grpc.time_ms=18.083 span.kind=server system=grpc time="2023-08-03T02:28:49Z" level=info msg="received unary call /cluster.SettingsService/Get" grpc.method=Get grpc.request.content= grpc.service=cluster.SettingsService grpc.start_time="2023-08-03T02:28:49Z" span.kind=server system=grpc time="2023-08-03T02:28:49Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=Get grpc.service=cluster.SettingsService grpc.start_time="2023-08-03T02:28:49Z" grpc.time_ms=11.814 span.kind=server system=grpc time="2023-08-03T02:28:49Z" level=info msg="received unary call /account.AccountService/CanI" grpc.method=CanI grpc.request.content="resource:\"exec\" action:\"create\" subresource:\"default/2048p\" " grpc.service=account.AccountService grpc.start_time="2023-08-03T02:28:49Z" span.kind=server system=grpc time="2023-08-03T02:28:49Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=CanI grpc.service=account.AccountService grpc.start_time="2023-08-03T02:28:49Z" grpc.time_ms=6.15 span.kind=server system=grpc time="2023-08-03T02:28:49Z" level=info msg="received unary call /application.ApplicationService/ListResourceActions" grpc.method=ListResourceActions grpc.request.content="name:\"2048p\" namespace:\"test-java\" resourceName:\"2048p-75c7654648-4cvzg\" version:\"v1\" kind:\"Pod\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:49Z" span.kind=server system=grpc time="2023-08-03T02:28:49Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=ListResourceActions grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:49Z" grpc.time_ms=15.419 span.kind=server system=grpc time="2023-08-03T02:28:49Z" level=info msg="received unary call /application.ApplicationService/ListResourceLinks" grpc.method=ListResourceLinks grpc.request.content="name:\"2048p\" namespace:\"test-java\" resourceName:\"2048p-75c7654648-4cvzg\" version:\"v1\" group:\"\" kind:\"Pod\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:49Z" span.kind=server system=grpc time="2023-08-03T02:28:49Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=ListResourceLinks grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:49Z" grpc.time_ms=20.524 span.kind=server system=grpc time="2023-08-03T02:28:49Z" level=info msg="received unary call /cluster.SettingsService/Get" grpc.method=Get grpc.request.content= grpc.service=cluster.SettingsService grpc.start_time="2023-08-03T02:28:49Z" span.kind=server system=grpc time="2023-08-03T02:28:49Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=Get grpc.service=cluster.SettingsService grpc.start_time="2023-08-03T02:28:49Z" grpc.time_ms=11.037 span.kind=server system=grpc time="2023-08-03T02:28:50Z" level=info msg="received unary call /account.AccountService/CanI" grpc.method=CanI grpc.request.content="resource:\"exec\" action:\"create\" subresource:\"default/2048p\" " grpc.service=account.AccountService grpc.start_time="2023-08-03T02:28:50Z" span.kind=server system=grpc time="2023-08-03T02:28:50Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=CanI grpc.service=account.AccountService grpc.start_time="2023-08-03T02:28:50Z" grpc.time_ms=7.342 span.kind=server system=grpc time="2023-08-03T02:28:50Z" level=info msg="received unary call /account.AccountService/CanI" grpc.method=CanI grpc.request.content="resource:\"exec\" action:\"create\" subresource:\"default/2048p\" " grpc.service=account.AccountService grpc.start_time="2023-08-03T02:28:50Z" span.kind=server system=grpc time="2023-08-03T02:28:50Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=CanI grpc.service=account.AccountService grpc.start_time="2023-08-03T02:28:50Z" grpc.time_ms=6.642 span.kind=server system=grpc time="2023-08-03T02:28:52Z" level=info msg="received unary call /application.ApplicationService/ManagedResources" grpc.method=ManagedResources grpc.request.content="applicationName:\"2048p\" namespace:\"test-java\" name:\"2048p-75c7654648-gx6gf\" kind:\"Pod\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:52Z" span.kind=server system=grpc time="2023-08-03T02:28:52Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=ManagedResources grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:52Z" grpc.time_ms=7.365 span.kind=server system=grpc time="2023-08-03T02:28:52Z" level=info msg="received unary call /application.ApplicationService/GetResource" grpc.method=GetResource grpc.request.content="name:\"2048p\" namespace:\"test-java\" resourceName:\"2048p-75c7654648-gx6gf\" version:\"v1\" group:\"\" kind:\"Pod\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:52Z" span.kind=server system=grpc time="2023-08-03T02:28:52Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=GetResource grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:52Z" grpc.time_ms=23.711 span.kind=server system=grpc time="2023-08-03T02:28:53Z" level=info msg="received unary call /application.ApplicationService/ListResourceEvents" grpc.method=ListResourceEvents grpc.request.content="name:\"2048p\" resourceNamespace:\"test-java\" resourceName:\"2048p-75c7654648-gx6gf\" resourceUID:\"33cbb45d-9a6d-4370-9009-7ca188ca5a4c\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:53Z" span.kind=server system=grpc time="2023-08-03T02:28:53Z" level=info msg="Querying for resource events with field selector: involvedObject.name=2048p-75c7654648-gx6gf,involvedObject.uid=33cbb45d-9a6d-4370-9009-7ca188ca5a4c,involvedObject.namespace=test-java" time="2023-08-03T02:28:53Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=ListResourceEvents grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:53Z" grpc.time_ms=18.382 span.kind=server system=grpc time="2023-08-03T02:28:53Z" level=info msg="received unary call /cluster.SettingsService/Get" grpc.method=Get grpc.request.content= grpc.service=cluster.SettingsService grpc.start_time="2023-08-03T02:28:53Z" span.kind=server system=grpc time="2023-08-03T02:28:53Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=Get grpc.service=cluster.SettingsService grpc.start_time="2023-08-03T02:28:53Z" grpc.time_ms=14.384 span.kind=server system=grpc time="2023-08-03T02:28:53Z" level=info msg="received unary call /account.AccountService/CanI" grpc.method=CanI grpc.request.content="resource:\"logs\" action:\"get\" subresource:\"default/2048p\" " grpc.service=account.AccountService grpc.start_time="2023-08-03T02:28:53Z" span.kind=server system=grpc time="2023-08-03T02:28:53Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=CanI grpc.service=account.AccountService grpc.start_time="2023-08-03T02:28:53Z" grpc.time_ms=8.182 span.kind=server system=grpc time="2023-08-03T02:28:54Z" level=info msg="received unary call /account.AccountService/CanI" grpc.method=CanI grpc.request.content="resource:\"exec\" action:\"create\" subresource:\"default/2048p\" " grpc.service=account.AccountService grpc.start_time="2023-08-03T02:28:54Z" span.kind=server system=grpc time="2023-08-03T02:28:54Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=CanI grpc.service=account.AccountService grpc.start_time="2023-08-03T02:28:54Z" grpc.time_ms=7.948 span.kind=server system=grpc time="2023-08-03T02:28:54Z" level=info msg="received unary call /application.ApplicationService/ListResourceLinks" grpc.method=ListResourceLinks grpc.request.content="name:\"2048p\" namespace:\"test-java\" resourceName:\"2048p-75c7654648-gx6gf\" version:\"v1\" group:\"\" kind:\"Pod\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:54Z" span.kind=server system=grpc time="2023-08-03T02:28:54Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=ListResourceLinks grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:54Z" grpc.time_ms=19.958 span.kind=server system=grpc time="2023-08-03T02:28:57Z" level=info msg="terminal session starting" appNamespace=argocd application=2048p container=2048p namespace=test-java podName=2048p-75c7654648-gx6gf project=default userName=admin 2023/08/03 02:28:57 http: response.WriteHeader on hijacked connection from github.com/argoproj/argo-cd/v2/server/application.(*terminalHandler).ServeHTTP (terminal.go:245) 2023/08/03 02:28:57 http: response.Write on hijacked connection from fmt.Fprintln (print.go:285) time="2023-08-03T02:29:00Z" level=info msg="finished streaming call with code OK" grpc.code=OK grpc.method=Watch grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:47Z" grpc.time_ms=13562.369 span.kind=server system=grpc time="2023-08-03T02:29:00Z" level=info msg="finished streaming call with code OK" grpc.code=OK grpc.method=WatchResourceTree grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:47Z" grpc.time_ms=12968.824 span.kind=server system=grpc time="2023-08-03T02:29:10Z" level=info msg="received streaming call /application.ApplicationService/Watch" grpc.method=Watch grpc.request.content="name:\"2048p\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:29:10Z" span.kind=server system=grpc time="2023-08-03T02:29:10Z" level=info msg="received streaming call /application.ApplicationService/WatchResourceTree" grpc.method=WatchResourceTree grpc.request.content="applicationName:\"2048p\" appNamespace:\"argocd\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:29:10Z" span.kind=server system=grpc time="2023-08-03T02:29:26Z" level=info msg="finished streaming call with code OK" grpc.code=OK grpc.method=Watch grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:28:27Z" grpc.time_ms=59550.12 span.kind=server system=grpc time="2023-08-03T02:29:27Z" level=info msg="received streaming call /application.ApplicationService/Watch" grpc.method=Watch grpc.request.content="resourceVersion:\"8488730\" selector:\"\" appNamespace:\"\" " grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:29:27Z" span.kind=server system=grpc time="2023-08-03T02:29:48Z" level=info msg="finished streaming call with code OK" grpc.code=OK grpc.method=WatchResourceTree grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:29:10Z" grpc.time_ms=38197.355 span.kind=server system=grpc time="2023-08-03T02:29:48Z" level=info msg="finished streaming call with code OK" grpc.code=OK grpc.method=Watch grpc.service=application.ApplicationService grpc.start_time="2023-08-03T02:29:10Z" grpc.time_ms=38201.37 span.kind=server system=grpc

ChinaNanSen commented 1 year ago

I would like to ask, did you successfully enter exec with version 2.7.6, and whether the configuration was configured according to the official document?

ChinaNanSen commented 1 year ago

I have tried versions 2.7.10 and 2.5.1 and followed the official documentation for configuration, but I'm facing an issue where the cursor keeps blinking, and I am unable to enter exec mode. There are no apparent error messages in the logs.

bianchi2 commented 1 year ago

Facing the same issue. wss connection returns 101, no errors in server logs, there's sh and bash in the container.

major-sam commented 1 year ago

same issue. Argocd v2.8.2+dbdfc71 behind traefik ingressroute Using default admin user

major-sam commented 1 year ago

Fixed by clusterRole update: k edit -A clusterrole argocd-server -o yaml added configuration:

- apiGroups:
  - ""
  resources:
  - pods/exec
  verbs:
  - create
morey-tech commented 1 year ago

@ChinaNanSen can you confirm if you have updated the argocd-server cluster role with the pods/exec permissions? https://argo-cd.readthedocs.io/en/stable/operator-manual/web_based_terminal/#enabling-the-terminal

c-buisson commented 1 year ago

Also facing this issue (Terminal Connection Error: Internal error). Both role and clusterrole have 

- apiGroups:
  - ""
  resources:
  - pods/exec
  verbs:
  - create

Running on EKS with the AWS LoadBalancer ingress controller (ALB).

morey-tech commented 1 year ago

@c-buisson, can you confirm you also have the appropriate RBAC configured for your Argo CD user/role?

p, role:myrole, exec, create, */*, allow
c-buisson commented 1 year ago

I can confirm it. For context, I am running ArgoCD 2.8.3 in AWS, the ArgoCD server is fronted via an ALB (AWS Load Balancer Ingress controller). Is it possible to use exec with an ALB or is a NLB required? Thanks