search

fluxcd / flux2

Open and extensible continuous delivery solution for Kubernetes. Powered by GitOps Toolkit.
https://fluxcd.io
Apache License 2.0
6.6k stars 609 forks source link

Variable Substitution failed with did not find expected key on "simple" Configmap #3520

Open ebini opened 1 year ago

ebini commented 1 year ago

Describe the bug

The Variable Substition is failing on a configmap with error 

var substitution failed for 'prometheus-config-test': YAMLToJSON: YAMLToJSON: yaml: line 5: did not find expected key

in logs

2023-01-27T08:18:52.644Z info Kustomization/mytest.flux-system - Dispatching event: var substitution failed for 'prometheus-config-test': YAMLToJSON: YAMLToJSON: yaml: line 5: did not find expected key

Steps to reproduce

i stripped down the ressources to this: I

Kustomization:

apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
  name: mytest
  namespace: flux-system
spec:
  interval: 10m
  wait: true
  timeout: 5m0s
  retryInterval: 2m0s # retry every two minutes on apply or waiting failures
  prune: true  # remove stale resources from cluster
  force: false # enable this to recreate resources on immutable fields changes
  path: ./mytest
  postBuild:
    substitute:
      MYTEST: "subtest"
  sourceRef:
    kind: GitRepository
    name: flux-system

the failing configmap (stripped it down to these lines):

apiVersion: v1
kind: ConfigMap
metadata:
  name: prometheus-config-test
  labels:
    testlabel: ${MYTEST}
data:
  alerts.yaml: |-
    "groups": 
    - "name": "kubernetes-apps"
      "rules":
      - "alert": "KubePodCrashLooping"
        "annotations":
          "description": "Pod {{ $labels.namespace }}/{{ $labels.pod }} ({{ $labels.container }}) is in waiting state (reason: \"CrashLoopBackOff\")."

Replacing with "other" (comparable) data (for prometheus alert-configs) it is working. so it seems to be in these lines

Note: the validate.sh script als not reporting any issues.

Thanks in advance

Expected behavior

Deploy configmap and replace (only) ${MYTEST} with "subtest"

Screenshots and recordings

No response

OS / Distro

Kubernetes Cluster: 1.24 (think the client is not relevant)

Flux version

v0.38.3

Flux check

╰─ flux check ► checking prerequisites ✔ Kubernetes 1.24.8-eks-ffeb93d >=1.20.6-0 ► checking controllers ✔ helm-controller: deployment ready ► ghcr.io/fluxcd/helm-controller:v0.28.1 ✔ image-automation-controller: deployment ready ► ghcr.io/fluxcd/image-automation-controller:v0.28.0 ✔ image-reflector-controller: deployment ready ► ghcr.io/fluxcd/image-reflector-controller:v0.23.1 ✔ kustomize-controller: deployment ready ► ghcr.io/fluxcd/kustomize-controller:v0.32.0 ✔ notification-controller: deployment ready ► ghcr.io/fluxcd/notification-controller:v0.30.2 ✔ source-controller: deployment ready ► ghcr.io/fluxcd/source-controller:v0.33.0 ► checking crds ✔ alerts.notification.toolkit.fluxcd.io/v1beta2 ✔ buckets.source.toolkit.fluxcd.io/v1beta2 ✔ gitrepositories.source.toolkit.fluxcd.io/v1beta2 ✔ helmcharts.source.toolkit.fluxcd.io/v1beta2 ✔ helmreleases.helm.toolkit.fluxcd.io/v2beta1 ✔ helmrepositories.source.toolkit.fluxcd.io/v1beta2 ✔ imagepolicies.image.toolkit.fluxcd.io/v1beta1 ✔ imagerepositories.image.toolkit.fluxcd.io/v1beta1 ✔ imageupdateautomations.image.toolkit.fluxcd.io/v1beta1 ✔ kustomizations.kustomize.toolkit.fluxcd.io/v1beta2 ✔ ocirepositories.source.toolkit.fluxcd.io/v1beta2 ✔ providers.notification.toolkit.fluxcd.io/v1beta2 ✔ receivers.notification.toolkit.fluxcd.io/v1beta2 ✔ all checks passed

Git provider

GitHub Enterprise

Container Registry provider

not relevant

Additional context

No response

Code of Conduct

zioc commented 1 year ago

I'm also hitting the same issue, it looks like the controller is attempting to perform substitution, it seems to be confused by $ and { in gotpl that aren't containing any variable in the ${var} format.

this file was causing my kustomisation's substitution to fail.

The issue seems to come from this section of the code that is using ensubst

But I haven't been able to reproduce the issue while using the same code against your template: https://go.dev/play/p/YmsBSRpajqU

rezuma commented 1 year ago

Also hitting this bug, a manifest with this line alb.ingress.kubernetes.io/listen-ports: "[{\"HTTPS\":443}]"

produces the same error

rezuma commented 1 year ago

any news with this issues? still having issues var substitution failed for '[)': YAMLToJSON: variable substitution failed: bad substitution

makkes commented 11 months ago

any news with this issues? still having issues var substitution failed for '[)': YAMLToJSON: variable substitution failed: bad substitution

Try this:

[...]
annotations:
  alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]'
[...]
sumeet-zuora commented 10 months ago

After upgrade we are also facing same issue 

var substitution failed for 'vector-agent-values-4h59cd2m47': YAMLToJSON: YAMLToJSON: yaml: line 72: found unknown escape character