search

crossplane-contrib / provider-helm

Crossplane Helm Provider
Apache License 2.0
98 stars 63 forks source link

On Helm release with the specified option pullSecretRef does not find the Secret in the namespace #185

Open alexey-pankratyev opened 1 year ago

alexey-pankratyev commented 1 year ago

What happened?

I'm trying to install a helm oci package using the crossplane helm provider xpkg.upbound.io/crossplane-contrib/provider-helm:v0.14.0 in eks with the following configuration

    name: helm-test
    base:
      apiVersion: helm.crossplane.io/v1beta1
      kind: Release
      spec:
        rollbackLimit: 5
        forProvider:
          namespace: test
          chart:
            version: 0.1.0
            name: arena-reaper
            repository: "oci://****.[dkr.ecr.eu-west-1.amazonaws.com/test](http://dkr.ecr.eu-west-1.amazonaws.com/test)"
            pullSecretRef:
              name: oci-creds
              namespace: external-secrets

before these, secret with name oci-creds had been created with data - user and password, in the external-secrets namespace

> kg secrets  oci-creds -o yaml
   apiVersion: v1
   data:
     password: ********
     username: QVdT
   immutable: false
   kind: Secret
   metadata:
     name: oci-creds
     namespace: external-secrets

but got error

Warning CannotCreateExternalResource 3s (x6 over 8s) managed/release.helm.crossplane.io failed to install release: failed to get user name and password from secret reference: failed to get repo pull secret: failed to get secret from namespace "external-secrets": Secret "oci-creds" not found

According to this code chart.go#L43-L68 and chart.go#L31-L34

I created the secret and cross-plane resource for the helm correctly, but for some reason it cannot find the secret in the namespace !!!

How can we reproduce it?

You can create a secret like this

kg secrets oci-creds -o yaml

  apiVersion: v1
  data:
    password: ********
    username: QVdT
  immutable: false
  kind: Secret
  metadata:
    name: oci-creds
    namespace: external-secrets

and than a helm release resource 

    name: helm-test
    base:
      apiVersion: helm.crossplane.io/v1beta1
      kind: Release
      spec:
        rollbackLimit: 5
        forProvider:
          namespace: test
          chart:
            version: 0.1.0
            name: arena-reaper
            repository: "oci://****.[dkr.ecr.eu-west-1.amazonaws.com/test](http://dkr.ecr.eu-west-1.amazonaws.com/test)"
            pullSecretRef:
              name: oci-creds
              namespace: external-secrets

What environment did it happen in?

Crossplane version: helm.sh/chart=crossplane-1.11.0 Image: crossplane/crossplane:v1.11.0 helm provider [xpkg.upbound.io/crossplane-contrib/provider-helm:v0.14.0](http://xpkg.upbound.io/crossplane- contrib/provider-helm:v0.14.0)

Hw: EKS Kubernetes Worker AMI with AmazonLinux2 image, (k8s: 1.25.6, containerd: 1.6.6-1.amzn2.0.2)

anjuchaurasiya commented 1 week ago

Is there any update on this bug?