search

awslabs / aws-servicebroker

AWS Service Broker
Apache License 2.0
468 stars 132 forks source link

Unable to install service broker via helm 3 #179

Closed ritwik-gopi closed 4 years ago

ritwik-gopi commented 4 years ago

Hi I tried installing the service broker via helm 3. But it is throwing some validation error. I am trying to use role based auth for broker. Please find the error below CMD

helm install aws-servicebroker aws-sb/aws-servicebroker --wait --namespace aws-sb --version 1.0.1 --set aws.region=us-east-1 --set aws.targetrolename=aws_service_broker

Error: unable to build kubernetes objects from release manifest: error validating "": error validating data: [unknown object type "nil" in Secret.data.accesskeyid, unknown object type "nil" in Secret.data.secretkey]

ritwik-gopi commented 4 years ago

@jaymccon I was able to run it with slight modification in the helm chart. In the chart aws-servicebroker/templates/broker-credentials.yaml I added quotes around accesskeyid and secretkey as below.

kind: Secret
metadata:
  name: {{ template "fullname" . }}-credentials
  labels:
    app: {{ template "fullname" . }}
    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
    release: "{{ .Release.Name }}"
    heritage: "{{ .Release.Service }}"
type: Opaque
data:
  accesskeyid: "{{ b64enc .Values.aws.accesskeyid }}"
  secretkey: "{{ b64enc .Values.aws.secretkey }}"

This is working with both helm 2 and helm 3. I believe the reason for the error is that helm3 is running a validation on generated yamls in which it is not allowing any nil variables which is resulting in error. If this is correct it would be great if we can update the chart accordingly.

jayaprakash369 commented 2 years ago

hello i also tried to install deis workflow using hem chart. helm install deis hephy/workflow --create-namespace --namespace deis --set global.use_cni=true -f deis-install.yml and code is,

# This is the global configuration file for Workflow
global:
  # Change to s3
  storage: s3
  database_location: "on-cluster"
  logger_redis_location: "on-cluster"
  influxdb_location: "on-cluster"
  grafana_location: "on-cluster"

  # Change to ecr
  registry_location: "ecr"
  host_port: 5555
  secret_prefix: "private-registry"
  experimental_native_ingress: false
  use_rbac: true

  s3:
    # Add access key and secret to user with read/write access to buckets
    accesskey: "*******"
    secretkey: "********"
    region: "eu-west-1"
    # Buckets you already created
    database_bucket: "*********"
    builder_bucket: "***********"

  controller:
    app_pull_policy: "IfNotPresent"
    registration_mode: "admin_only"
    platform_domain: "********"

  database:
    username: "deis"
    password: "*******"
    postgres:
      name: "********"
      username: "deis"
      password: "*************"
      host: "*************"
      port: "5432"

  #redis:
  #  db: "0"
    # host: "redis host"
    # port: "redis port"
    # password: "redis password" # "" == no password

  # fluentd:
  #   syslog:
  #     host: ""
  #     port: ""

  monitor:
    grafana:
    user: "admin"
    password: "************"
    persistence:
      enabled: false # Set to true to enable persistence
      size: 5Gi # PVC size
    influxdb:
      url: "**************"
      database: "admin"
      user: "deis"
      password: "***********"
      persistence:
        enabled: true # Set to true to enable persistence
        size: 200Gi # PVC size

  registry-token-refresher:
    token_refresh_time: ""
    # off_cluster_registry:
    #   hostname: ""
    #   organization: ""
    #   username: ""
    #   password: ""
    ecr:
      # Access key and secret for user with access to ECR registry
     accesskey: "*******"
     secretkey: "**********"
      # Hostname of ECR registry
     hostname: "**********"
      # Region where registry is located
     region: eu-north-1
      # Registry id (same as start in hostname)
     registryid: "**********"

    # gcr:
    #   key_json: <base64-encoded JSON data>
    #   hostname: ""

  router:
    dhparam: ""
    deployment_annotations:
      # Max body of requests for router
      router.deis.io/nginx.bodySize: "50m"

  #   service_annotations:
  #   #<example-key>: <example-value>

    host_port:
      enabled: false

    workflow-manager:
      versions_api_url: https://versions.teamhephy.info
      doctor_api_url: https://doctor.teamhephy.info

but I am getting error like,

Error: unable to build kubernetes objects from release manifest: error validating "": error validating data: [unknown object type "nil" in Secret.data.accesskey, unknown object type "nil" in Secret.data.hostname, unknown object type "nil" in Secret.data.registryid, unknown object type "nil" in Secret.data.secretkey]

I tried with empty string, and attached I am policy to user full access for ECR and changed kubeconfig file. but none of them helped me source link: https://github.com/deis/workflow/blob/master/charts/workflow/values.yaml can anyone tell me what could be wrong here?