search

argoproj / argo-cd

Declarative Continuous Deployment for Kubernetes
https://argo-cd.readthedocs.io
Apache License 2.0
16.86k stars 5.11k forks source link

[ Bug ] Argocd ssh sync to private repo ; argocd-ssh-known-hosts-cm initialized correctly and then overwritten to give handshake failed: knownhosts: key mismatch #17675

Open sreeniHari opened 3 months ago

sreeniHari commented 3 months ago

Checklist:

The argocd-ssh-known-hosts-cm config map is overwritten. I bootstrapped argocd using argo-helm. I am using app of app pattern on a private repo. The initial config for known host from values.yaml is correctly set during helm install and the private repo is successfully connected. Then almost immediately argocd-ssh-known-hosts-cm is overwritten with default known hosts values as per below hack script. 

_# This file was automatically generated by hack/update-ssh-known-hosts.sh. DO NOT EDIT_

Related public discussion/posts in the past are below. Surprised that the issue is still relevant today.

https://github.com/argoproj/argo-cd/discussions/10035

https://stackoverflow.com/questions/76261186/argocd-fails-updating-bitbucket-org-private-repos-with-ssh-handshake-failed-k ( refer comment from kuskoman ) May 18, 2023 at 13:46

To Reproduce

Expectation

Persistence of changes done to argocd-ssh-known-hosts-cm be it CLI, GUI or modifying the cm directly.

Screenshots

Version

argocd: v2.10.0+2175939
  BuildDate: 2024-02-06T14:47:59Z
  GitCommit: 2175939ed6156ddd743e60f427f7f48118c971bf
  GitTreeState: clean
  GoVersion: go1.21.6
  Compiler: gc
  Platform: darwin/arm64
argocd-server: v2.10.2+fcf5d8c
  BuildDate: 2024-03-01T21:24:51Z
  GitCommit: fcf5d8c2381b68ab1621b90be63913b12cca2eb7
  GitTreeState: clean
  GoVersion: go1.21.3
  Compiler: gc
  Platform: linux/amd64
  Kustomize Version: v5.2.1 2023-10-19T20:13:51Z
  Helm Version: v3.14.2+gc309b6f
  Kubectl Version: v0.26.11
  Jsonnet Version: v0.20.0

Logs

Paste any relevant application logs here.
jgwest commented 3 months ago

As per @crenshaw-dev's original answer, if you want to continuously apply the Argo CD install manifests while maintaining your own settings, you should maintain your own fork of the install YAML (and rebase as needed to the latest version), or you should use a tool like kustomize to apply your own customizations to the argocd-ssh-known-hosts-cm ConfigMap