search

cnuland / aro-hello-chris-tekton-chains

A fork of my tekton chains project that includes ArgoCD Applications around setting up an ARO environment. Including a cluster-primer folder that deploys this example into a fresh ARO cluster.
3 stars 2 forks source link

tekton-chains-controller crashing #2

Open kevchu3 opened 1 year ago

kevchu3 commented 1 year ago

I followed the README.md instructions but at the end of the instructions, it looks like the tekton-chains-controller pod is crashing. Here's the relevant logs, think it's not expecting a value of 'cosign'.

$ oc logs tekton-chains-controller-7b9fb58668-glk74
2023/07/14 20:11:16 Registering 3 clients
2023/07/14 20:11:16 Registering 2 informer factories
2023/07/14 20:11:16 Registering 1 informers
2023/07/14 20:11:16 Registering 1 controllers
{"level":"info","ts":"2023-07-14T20:11:16.977Z","caller":"logging/config.go:116","msg":"Successfully created the logger."}
{"level":"info","ts":"2023-07-14T20:11:16.977Z","caller":"logging/config.go:117","msg":"Logging level set to: info"}
{"level":"info","ts":"2023-07-14T20:11:16.978Z","logger":"watcher","caller":"profiling/server.go:64","msg":"Profiling enabled: false","commit":"ba26e6c"}
{"level":"info","ts":"2023-07-14T20:11:16.983Z","logger":"watcher","caller":"leaderelection/context.go:47","msg":"Running with Standard leader election","commit":"ba26e6c"}
{"level":"info","ts":"2023-07-14T20:11:16.993Z","logger":"watcher","caller":"sharedmain/main.go:240","msg":"Starting configuration manager...","commit":"ba26e6c"}
{"level":"fatal","ts":"2023-07-14T20:11:17.010Z","logger":"watcher","caller":"configmap/store.go:150","msg":"Error initializing chains config \"chains-config\": \"failed to parse data: invalid value \\\"cosign\\\" wanted one of [kms x509]\"","commit":"ba26e6c","stacktrace":"knative.dev/pkg/configmap.(*UntypedStore).OnConfigChanged\n\t/go/src/github.com/tektoncd/chains/vendor/knative.dev/pkg/configmap/store.go:150\nknative.dev/pkg/configmap.(*ManualWatcher).OnChange\n\t/go/src/github.com/tektoncd/chains/vendor/knative.dev/pkg/configmap/manual_watcher.go:72\nknative.dev/pkg/configmap/informer.(*InformedWatcher).addConfigMapEvent\n\t/go/src/github.com/tektoncd/chains/vendor/knative.dev/pkg/configmap/informer/informed_watcher.go:220\nknative.dev/pkg/configmap/informer.(*syncedCallback).Call\n\t/go/src/github.com/tektoncd/chains/vendor/knative.dev/pkg/configmap/informer/synced_callback.go:94\nknative.dev/pkg/configmap/informer.(*InformedWatcher).Start.func1\n\t/go/src/github.com/tektoncd/chains/vendor/knative.dev/pkg/configmap/informer/informed_watcher.go:158\nk8s.io/client-go/tools/cache.ResourceEventHandlerFuncs.OnAdd\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/client-go/tools/cache/controller.go:231\nk8s.io/client-go/tools/cache.(*processorListener).run.func1\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/client-go/tools/cache/shared_informer.go:787\nk8s.io/apimachinery/pkg/util/wait.BackoffUntil.func1\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:155\nk8s.io/apimachinery/pkg/util/wait.BackoffUntil\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:156\nk8s.io/apimachinery/pkg/util/wait.JitterUntil\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:133\nk8s.io/apimachinery/pkg/util/wait.Until\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:90\nk8s.io/client-go/tools/cache.(*processorListener).run\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/client-go/tools/cache/shared_informer.go:781\nk8s.io/apimachinery/pkg/util/wait.(*Group).Start.func1\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:73"}
cnuland commented 1 year ago

Alright I ran through this again as I bet the recent GA version changed something. Which version of Tekton are you running? Also I made a mistake and forgot to remove this from the readme,

data: artifacts.oci.signer: cosign artifacts.taskrun.format: in-toto artifacts.taskrun.storage: oci transparency.enabled: "true"

You need to remove signer type cosign and only have this in the latest version of Tekton.

$ oc patch configmap chains-config -n openshift-pipelines -p='{"data":{"artifacts.taskrun.format": "in-toto"}}'

$ oc patch configmap chains-config -n openshift-pipelines -p='{"data":{"artifacts.taskrun.storage": "oci"}}'

$ oc patch configmap chains-config -n openshift-pipelines -p='{"data":{"transparency.enabled": "true"}}'

You do still need the encryption type COSIGN in the key.

This is needed since Tekton 1.8.2 when they dropped the signer type and instead uses the key type. I’ll clean up the README and run through it again this weekend just to make sure, but you should be good now after that change. Mine successfully signed last night when I tested it out again.

Fri, Jul 14, 2023 at 4:12 PM Kevin Chung @.***> wrote:

I followed the README.md instructions but at the end of the instructions, it looks like the tekton-chains-controller pod is crashing. Here's the relevant logs, think it's not expecting a value of 'cosign'.

$ oc logs tekton-chains-controller-7b9fb58668-glk74 2023/07/14 20:11:16 Registering 3 clients 2023/07/14 20:11:16 Registering 2 informer factories 2023/07/14 20:11:16 Registering 1 informers 2023/07/14 20:11:16 Registering 1 controllers {"level":"info","ts":"2023-07-14T20:11:16.977Z","caller":"logging/config.go:116","msg":"Successfully created the logger."} {"level":"info","ts":"2023-07-14T20:11:16.977Z","caller":"logging/config.go:117","msg":"Logging level set to: info"} {"level":"info","ts":"2023-07-14T20:11:16.978Z","logger":"watcher","caller":"profiling/server.go:64","msg":"Profiling enabled: false","commit":"ba26e6c"} {"level":"info","ts":"2023-07-14T20:11:16.983Z","logger":"watcher","caller":"leaderelection/context.go:47","msg":"Running with Standard leader election","commit":"ba26e6c"} {"level":"info","ts":"2023-07-14T20:11:16.993Z","logger":"watcher","caller":"sharedmain/main.go:240","msg":"Starting configuration manager...","commit":"ba26e6c"} {"level":"fatal","ts":"2023-07-14T20:11:17.010Z","logger":"watcher","caller":"configmap/store.go:150","msg":"Error initializing chains config \"chains-config\": \"failed to parse data: invalid value \\"cosign\\" wanted one of [kms x509]\"","commit":"ba26e6c","stacktrace":"knative.dev/pkg/configmap.(UntypedStore).OnConfigChanged\n\t/go/src/github.com/tektoncd/chains/vendor/knative.dev/pkg/configmap/store.go:150\nknative.dev/pkg/configmap.(ManualWatcher).OnChange\n\t/go/src/github.com/tektoncd/chains/vendor/knative.dev/pkg/configmap/manual_watcher.go:72\nknative.dev/pkg/configmap/informer.(InformedWatcher).addConfigMapEvent\n\t/go/src/github.com/tektoncd/chains/vendor/knative.dev/pkg/configmap/informer/informed_watcher.go:220\nknative.dev/pkg/configmap/informer.(syncedCallback).Call\n\t/go/src/github.com/tektoncd/chains/vendor/knative.dev/pkg/configmap/informer/synced_callback.go:94\nknative.dev/pkg/configmap/informer.(InformedWatcher).Start.func1\n\t/go/src/github.com/tektoncd/chains/vendor/knative.dev/pkg/configmap/informer/informed_watcher.go:158\nk8s.io/client-go/tools/cache.ResourceEventHandlerFuncs.OnAdd\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/client-go/tools/cache/controller.go:231\nk8s.io/client-go/tools/cache.(processorListener).run.func1\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/client-go/tools/cache/shared_informer.go:787\nk8s.io/apimachinery/pkg/util/wait.BackoffUntil.func1\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:155\nk8s.io/apimachinery/pkg/util/wait.BackoffUntil\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:156\nk8s.io/apimachinery/pkg/util/wait.JitterUntil\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:133\nk8s.io/apimachinery/pkg/util/wait.Until\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:90\nk8s.io/client-go/tools/cache.(processorListener).run\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/client-go/tools/cache/shared_informer.go:781\nk8s.io/apimachinery/pkg/util/wait.(Group).Start.func1\n\t/go/src/github.com/tektoncd/chains/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:73 http://knative.dev/pkg/configmap.(*UntypedStore).OnConfigChanged%5Cn%5Ct/go/src/github.com/tektoncd/chains/vendor/knative.dev/pkg/configmap/store.go:150%5Cnknative.dev/pkg/configmap.(*ManualWatcher).OnChange%5Cn%5Ct/go/src/github.com/tektoncd/chains/vendor/knative.dev/pkg/configmap/manual_watcher.go:72%5Cnknative.dev/pkg/configmap/informer.(*InformedWatcher).addConfigMapEvent%5Cn%5Ct/go/src/github.com/tektoncd/chains/vendor/knative.dev/pkg/configmap/informer/informed_watcher.go:220%5Cnknative.dev/pkg/configmap/informer.(*syncedCallback).Call%5Cn%5Ct/go/src/github.com/tektoncd/chains/vendor/knative.dev/pkg/configmap/informer/synced_callback.go:94%5Cnknative.dev/pkg/configmap/informer.(*InformedWatcher).Start.func1%5Cn%5Ct/go/src/github.com/tektoncd/chains/vendor/knative.dev/pkg/configmap/informer/informed_watcher.go:158%5Cnk8s.io/client-go/tools/cache.ResourceEventHandlerFuncs.OnAdd%5Cn%5Ct/go/src/github.com/tektoncd/chains/vendor/k8s.io/client-go/tools/cache/controller.go:231%5Cnk8s.io/client-go/tools/cache.(*processorListener).run.func1%5Cn%5Ct/go/src/github.com/tektoncd/chains/vendor/k8s.io/client-go/tools/cache/shared_informer.go:787%5Cnk8s.io/apimachinery/pkg/util/wait.BackoffUntil.func1%5Cn%5Ct/go/src/github.com/tektoncd/chains/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:155%5Cnk8s.io/apimachinery/pkg/util/wait.BackoffUntil%5Cn%5Ct/go/src/github.com/tektoncd/chains/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:156%5Cnk8s.io/apimachinery/pkg/util/wait.JitterUntil%5Cn%5Ct/go/src/github.com/tektoncd/chains/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:133%5Cnk8s.io/apimachinery/pkg/util/wait.Until%5Cn%5Ct/go/src/github.com/tektoncd/chains/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:90%5Cnk8s.io/client-go/tools/cache.(*processorListener).run%5Cn%5Ct/go/src/github.com/tektoncd/chains/vendor/k8s.io/client-go/tools/cache/shared_informer.go:781%5Cnk8s.io/apimachinery/pkg/util/wait.(*Group).Start.func1%5Cn%5Ct/go/src/github.com/tektoncd/chains/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:73"}

— Reply to this email directly, view it on GitHub https://github.com/cnuland/aro-hello-chris-tekton-chains/issues/2, or unsubscribe https://github.com/notifications/unsubscribe-auth/AASFDYZSWGGO7I3E2WD2PPDXQGR4HANCNFSM6AAAAAA2KYBFPI . You are receiving this because you are subscribed to this thread.Message ID: @.***>