search

argoproj / argo-cd

Declarative Continuous Deployment for Kubernetes
https://argo-cd.readthedocs.io
Apache License 2.0
18.02k stars 5.5k forks source link

`ARGOCD_APP_NAMESPACE` isn't always set in `discover.find.command` #19832

Open NiklasRosenstein opened 2 months ago

NiklasRosenstein commented 2 months ago

Checklist:

Describe the bug

Sometimes the ARGOCD_APP_NAMESPACE environment variable isn't set when a CMP's discover.find.command is executed.

To Reproduce

Create a CMP that tells you the the environment variables. Mine looks like this:

# To be put in /home/argocd/cmp-server/config/plugin.yaml
# Read also https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/#sidecar-plugin

apiVersion: argoproj.io/v1alpha1
kind: ConfigManagementPlugin
metadata:
  name: nyl
spec:
  # note: Plugin name in ArgoCD will be `nyl-v1`.
  version: v1

  discover:
    find:
      command:
        - sh
        - -c
        - 'nyl --log-file=/var/log/nyl/${ARGOCD_APP_NAMESPACE}-${ARGOCD_APP_NAME}.log argocd discovery'

  # init:
  #   command:
  #     - sh
  #     - -c
  #     - |
  #       nyl version >&2
  #       argocd version --client >&2

  generate:
    command:
      - sh
      - -c
      - 'nyl --log-file=/var/log/nyl/${ARGOCD_APP_NAMESPACE}-${ARGOCD_APP_NAME}.log template --in-cluster .'

  parameters: {}

  # If set to `true` then the plugin receives repository files with original file mode. Dangerous since the repository
  # might have executable files. Set to true only if you trust the CMP plugin authors.
  preserveFileMode: false

What I find is that for every application, there is a variant without the namespace:

image

Looking through these files, it seems they are only from invoking the discover.find.command. However, I can also find logs about discover.find.command where the namespace is set. From the behaviour I've observed so far, this appears to maybe be an issue only immediately after the argocd-repo-server restarted.

The debug logs of my CMP also log all environment variables beginning with ARGOCD where you can also confirm that ARGOCD_APP_NAMESPACE is not set:

2024-09-08 00:30:46.473 | DEBUG    | Nyl v0.0.0 run from /tmp/_cmp_server/12c12924-ff20-431a-8f87-42c7a0fbed61/clusters/fracture.
2024-09-08 00:30:46.473 | DEBUG    | Used command-line arguments: /usr/local/bin/nyl --log-file=/var/log/nyl/-wallos.log argocd discovery
2024-09-08 00:30:46.474 | DEBUG    | Current working directory: /tmp/_cmp_server/12c12924-ff20-431a-8f87-42c7a0fbed61/clusters/fracture
2024-09-08 00:30:46.475 | DEBUG    | Nyl-relevant environment variables: {
  "ARGOCD_SERVER_SERVICE_PORT": "80",
  "ARGOCD_SERVER_PORT": "tcp://10.43.34.213:80",
  "ARGOCD_LOG_LEVEL": "info",
  "ARGOCD_APPLICATIONSET_CONTROLLER_SERVICE_HOST": "10.43.101.162",
  "ARGOCD_LOG_FORMAT": "text",
  "ARGOCD_APPLICATIONSET_CONTROLLER_PORT_7000_TCP": "tcp://10.43.101.162:7000",
  "ARGOCD_SERVER_PORT_80_TCP_ADDR": "10.43.34.213",
  "ARGOCD_REPO_SERVER_SERVICE_HOST": "10.43.85.74",
  "ARGOCD_REPO_SERVER_PORT_8081_TCP_ADDR": "10.43.85.74",
  "ARGOCD_SERVER_PORT_80_TCP_PORT": "80",
  "ARGOCD_APPLICATIONSET_CONTROLLER_SERVICE_PORT": "7000",
  "ARGOCD_APPLICATIONSET_CONTROLLER_PORT": "tcp://10.43.101.162:7000",
  "ARGOCD_SERVER_PORT_80_TCP_PROTO": "tcp",
  "ARGOCD_REPO_SERVER_PORT_8081_TCP_PORT": "8081",
  "ARGOCD_REPO_SERVER_PORT_8081_TCP_PROTO": "tcp",
  "ARGOCD_APP_SOURCE_REPO_URL": "git@git.rosenstein.app:niklas/infrastructure.git",
  "ARGOCD_REDIS_SERVICE_HOST": "10.43.58.230",
  "ARGOCD_REPO_SERVER_SERVICE_PORT": "8081",
  "ARGOCD_REPO_SERVER_PORT": "tcp://10.43.85.74:8081",
  "ARGOCD_APP_SOURCE_PATH": "clusters/fracture",
  "ARGOCD_SERVER_PORT_80_TCP": "tcp://10.43.34.213:80",
  "ARGOCD_SERVER_PORT_443_TCP_ADDR": "10.43.34.213",
  "NYL_CACHE_DIR": "/tmp/nyl-cache",
  "NYL_LOG_LEVEL": "debug",
  "ARGOCD_SERVER_PORT_443_TCP_PORT": "443",
  "ARGOCD_REDIS_PORT": "tcp://10.43.58.230:6379",
  "ARGOCD_REPO_SERVER_PORT_8081_TCP": "tcp://10.43.85.74:8081",
  "ARGOCD_REDIS_SERVICE_PORT": "6379",
  "ARGOCD_SERVER_PORT_443_TCP_PROTO": "tcp",
  "ARGOCD_REDIS_SERVICE_PORT_REDIS": "6379",
  "ARGOCD_REDIS_PORT_6379_TCP_ADDR": "10.43.58.230",
  "ARGOCD_ENV_NYL_CMP_TEMPLATE_INPUT": "wallos.yaml",
  "ARGOCD_REPO_SERVER_SERVICE_PORT_TCP_REPO_SERVER": "8081",
  "ARGOCD_SERVER_SERVICE_PORT_HTTP": "80",
  "ARGOCD_REDIS_PORT_6379_TCP_PORT": "6379",
  "ARGOCD_REDIS_PORT_6379_TCP_PROTO": "tcp",
  "ARGOCD_APP_PARAMETERS": "null",
  "ARGOCD_SERVER_PORT_443_TCP": "tcp://10.43.34.213:443",
  "ARGOCD_SERVER_SERVICE_PORT_HTTPS": "443",
  "ARGOCD_APP_NAME": "wallos",
  "ARGOCD_APP_SOURCE_TARGET_REVISION": "HEAD",
  "ARGOCD_SERVER_SERVICE_HOST": "10.43.34.213",
  "ARGOCD_APPLICATIONSET_CONTROLLER_SERVICE_PORT_HTTP_WEBHOOK": "7000",
  "ARGOCD_APPLICATIONSET_CONTROLLER_PORT_7000_TCP_ADDR": "10.43.101.162",
  "ARGOCD_REDIS_PORT_6379_TCP": "tcp://10.43.58.230:6379",
  "ARGOCD_APPLICATIONSET_CONTROLLER_PORT_7000_TCP_PORT": "7000",
  "ARGOCD_APPLICATIONSET_CONTROLLER_PORT_7000_TCP_PROTO": "tcp"
}
2024-09-08 00:30:46.486 | DEBUG    | Loading secrets configuration from '/tmp/_cmp_server/12c12924-ff20-431a-8f87-42c7a0fbed61/clusters/nyl-secrets.yaml'.
2024-09-08 00:30:46.489 | INFO     | Found Nyl project and/or secrets configuration.
2024-09-08 00:30:46.490 | DEBUG    | Finished (nyl /usr/local/bin/nyl --log-file=/var/log/nyl/-wallos.log argocd discovery) in 0.04s

Expected behavior

In /var/log/nyl I can only find files formatted as {namespace}-{name}.log because the ARGOCD_APP_NAMESPACE is always set.

Version

❯ argocd version
argocd: v2.12.0+ec30a48
  BuildDate: 2024-08-05T13:46:43Z
  GitCommit: ec30a48bce7a60046836e481cd2160e28c59231d
  GitTreeState: clean
  GoVersion: go1.22.5
  Compiler: gc
  Platform: linux/amd64
WARN[0000] Failed to invoke grpc call. Use flag --grpc-web in grpc calls. To avoid this warning message, use flag --grpc-web. 
argocd-server: v2.12.3+6b9cd82
  BuildDate: 2024-08-27T11:57:48Z
  GitCommit: 6b9cd828c6e9807398869ad5ac44efd2c28422d6
  GitTreeState: clean
  GoVersion: go1.22.4
  Compiler: gc
  Platform: linux/amd64
  Kustomize Version: v5.4.2 2024-05-22T15:19:38Z
  Helm Version: v3.15.2+g1a500d5
  Kubectl Version: v0.29.6
  Jsonnet Version: v0.20.0
andrii-korotkov-verkada commented 2 weeks ago

Can you share more relevant context about what this nyl is and what it's doing and what are its use cases, please?