Closed andrei-dascalu closed 3 years ago
You must follow the image-update guide to preview image automation, it requires some additional components that are still prerelease:
https://toolkit.fluxcd.io/guides/image-update/#install-flux
--components-extra=image-reflector-controller,image-automation-controller
From the roadmap it appears that ECR-specific support is still forthcoming, ref: https://github.com/fluxcd/image-reflector-controller/issues/11 – so if you are attempting to use this with an ECR, I expect you may have some difficulty.
Edit: this ECR section in the document may help - https://toolkit.fluxcd.io/guides/image-update/#aws-elastic-container-registry
Hi,
Thanks for replying so fast.
This was my setup command
flux bootstrap gitlab \
--owner="<owner>" \
--repository="<repo>" \
--branch=master \
--path="<path>" \
--token-auth \
--components-extra=image-reflector-controller,image-automation-controller
But the error still happens
Can you please post here the output of:
Without further information is nothing we can do here. The image automation is covered by our end-to-end testing and we can't replicate this.
@stefanprodan I am getting the same issue, see the output of my commands
➜ flux-configuration git:(main) kubectl -n flux-system get pods | grep -v Shutdown
NAME READY STATUS RESTARTS AGE
helm-controller-5b96d94c7f-bvjqz 1/1 Running 0 81m
image-automation-controller-7864779cb4-nwhv9 1/1 Running 0 8m14s
image-reflector-controller-548756b8c8-hpt5z 1/1 Running 0 8m14s
kustomize-controller-df8bb769-fdckp 1/1 Running 0 81m
notification-controller-55f94bc746-r5lwg 1/1 Running 0 81m
source-controller-679d5777d9-ml5dl 1/1 Running 0 81m
➜ flux-configuration git:(main) kubectl get crds | grep fluxcd
alerts.notification.toolkit.fluxcd.io 2021-08-11T15:52:49Z
buckets.source.toolkit.fluxcd.io 2021-08-11T15:52:49Z
gitrepositories.source.toolkit.fluxcd.io 2021-08-11T15:52:49Z
helmcharts.source.toolkit.fluxcd.io 2021-08-11T15:52:49Z
helmreleases.helm.toolkit.fluxcd.io 2021-08-11T15:52:50Z
helmrepositories.source.toolkit.fluxcd.io 2021-08-11T15:52:50Z
imagepolicies.image.toolkit.fluxcd.io 2021-08-23T15:34:16Z
imagerepositories.image.toolkit.fluxcd.io 2021-08-23T15:34:16Z
imageupdateautomations.image.toolkit.fluxcd.io 2021-08-23T15:34:16Z
kustomizations.kustomize.toolkit.fluxcd.io 2021-08-11T15:52:50Z
providers.notification.toolkit.fluxcd.io 2021-08-11T15:52:50Z
receivers.notification.toolkit.fluxcd.io 2021-08-11T15:52:50Z
➜ flux-configuration git:(main) flux -v
flux version 0.16.2
and the actual error
✚ generating ImageRepository
► applying ImageRepository
✗ no matches for kind "ImageRepository" in version "image.toolkit.fluxcd.io/v1beta1"
@shmish111 please post here kubectl get crd imagerepositories.image.toolkit.fluxcd.io -oyaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.5.0
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"apiextensions.k8s.io/v1","kind":"CustomResourceDefinition","metadata":{"annotations":{"controller-gen.kubebuilder.io/version":"v0.5.0","kustomize.toolkit.fluxcd.io/checksum":"f1b8ea0305dfcee147e24b6c5fb460c7062820e2"},"creationTimestamp":null,"labels":{"app.kubernetes.io/instance":"flux-system","app.kubernetes.io/part-of":"flux","app.kubernetes.io/version":"v0.16.2","kustomize.toolkit.fluxcd.io/name":"flux-system","kustomize.toolkit.fluxcd.io/namespace":"flux-system"},"name":"imagerepositories.image.toolkit.fluxcd.io"},"spec":{"group":"image.toolkit.fluxcd.io","names":{"kind":"ImageRepository","listKind":"ImageRepositoryList","plural":"imagerepositories","singular":"imagerepository"},"scope":"Namespaced","versions":[{"additionalPrinterColumns":[{"jsonPath":".status.lastScanResult.scanTime","name":"Last scan","type":"string"},{"jsonPath":".status.lastScanResult.tagCount","name":"Tags","type":"string"}],"name":"v1alpha1","schema":{"openAPIV3Schema":{"description":"ImageRepository is the Schema for the imagerepositories API","properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources","type":"string"},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds","type":"string"},"metadata":{"type":"object"},"spec":{"description":"ImageRepositorySpec defines the parameters for scanning an image repository, e.g., `fluxcd/flux`.","properties":{"certSecretRef":{"description":"CertSecretRef can be given the name of a secret containing either or both of \n - a PEM-encoded client certificate (`certFile`) and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) \n and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server certificate.","properties":{"name":{"description":"Name of the referent","type":"string"}},"required":["name"],"type":"object"},"image":{"description":"Image is the name of the image repository","type":"string"},"interval":{"description":"Interval is the length of time to wait between scans of the image repository.","type":"string"},"secretRef":{"description":"SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with `kubectl create secret docker-registry`, or the equivalent.","properties":{"name":{"description":"Name of the referent","type":"string"}},"required":["name"],"type":"object"},"suspend":{"description":"This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.","type":"boolean"},"timeout":{"description":"Timeout for image scanning. Defaults to 'Interval' duration.","type":"string"}},"type":"object"},"status":{"description":"ImageRepositoryStatus defines the observed state of ImageRepository","properties":{"canonicalImageName":{"description":"CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., `docker.io/library/alpine` rather than `alpine`.","type":"string"},"conditions":{"items":{"description":"Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }","properties":{"lastTransitionTime":{"description":"lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.","format":"date-time","type":"string"},"message":{"description":"message is a human readable message indicating details about the transition. This may be an empty string.","maxLength":32768,"type":"string"},"observedGeneration":{"description":"observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.","format":"int64","minimum":0,"type":"integer"},"reason":{"description":"reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.","maxLength":1024,"minLength":1,"pattern":"^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$","type":"string"},"status":{"description":"status of the condition, one of True, False, Unknown.","enum":["True","False","Unknown"],"type":"string"},"type":{"description":"type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)","maxLength":316,"pattern":"^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$","type":"string"}},"required":["lastTransitionTime","message","reason","status","type"],"type":"object"},"type":"array"},"lastHandledReconcileAt":{"description":"LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change can be detected.","type":"string"},"lastScanResult":{"description":"LastScanResult contains the number of fetched tags.","properties":{"scanTime":{"format":"date-time","type":"string"},"tagCount":{"type":"integer"}},"required":["tagCount"],"type":"object"},"observedGeneration":{"description":"ObservedGeneration is the last reconciled generation.","format":"int64","type":"integer"}},"type":"object"}},"type":"object"}},"served":true,"storage":false,"subresources":{"status":{}}},{"additionalPrinterColumns":[{"jsonPath":".status.lastScanResult.scanTime","name":"Last scan","type":"string"},{"jsonPath":".status.lastScanResult.tagCount","name":"Tags","type":"string"}],"name":"v1alpha2","schema":{"openAPIV3Schema":{"description":"ImageRepository is the Schema for the imagerepositories API","properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources","type":"string"},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds","type":"string"},"metadata":{"type":"object"},"spec":{"description":"ImageRepositorySpec defines the parameters for scanning an image repository, e.g., `fluxcd/flux`.","properties":{"certSecretRef":{"description":"CertSecretRef can be given the name of a secret containing either or both of \n - a PEM-encoded client certificate (`certFile`) and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) \n and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server certificate.","properties":{"name":{"description":"Name of the referent","type":"string"}},"required":["name"],"type":"object"},"image":{"description":"Image is the name of the image repository","type":"string"},"interval":{"description":"Interval is the length of time to wait between scans of the image repository.","type":"string"},"secretRef":{"description":"SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with `kubectl create secret docker-registry`, or the equivalent.","properties":{"name":{"description":"Name of the referent","type":"string"}},"required":["name"],"type":"object"},"suspend":{"description":"This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.","type":"boolean"},"timeout":{"description":"Timeout for image scanning. Defaults to 'Interval' duration.","type":"string"}},"type":"object"},"status":{"description":"ImageRepositoryStatus defines the observed state of ImageRepository","properties":{"canonicalImageName":{"description":"CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., `docker.io/library/alpine` rather than `alpine`.","type":"string"},"conditions":{"items":{"description":"Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }","properties":{"lastTransitionTime":{"description":"lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.","format":"date-time","type":"string"},"message":{"description":"message is a human readable message indicating details about the transition. This may be an empty string.","maxLength":32768,"type":"string"},"observedGeneration":{"description":"observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.","format":"int64","minimum":0,"type":"integer"},"reason":{"description":"reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.","maxLength":1024,"minLength":1,"pattern":"^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$","type":"string"},"status":{"description":"status of the condition, one of True, False, Unknown.","enum":["True","False","Unknown"],"type":"string"},"type":{"description":"type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)","maxLength":316,"pattern":"^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$","type":"string"}},"required":["lastTransitionTime","message","reason","status","type"],"type":"object"},"type":"array"},"lastHandledReconcileAt":{"description":"LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change can be detected.","type":"string"},"lastScanResult":{"description":"LastScanResult contains the number of fetched tags.","properties":{"scanTime":{"format":"date-time","type":"string"},"tagCount":{"type":"integer"}},"required":["tagCount"],"type":"object"},"observedGeneration":{"description":"ObservedGeneration is the last reconciled generation.","format":"int64","type":"integer"}},"type":"object"}},"type":"object"}},"served":true,"storage":true,"subresources":{"status":{}}}]},"status":{"acceptedNames":{"kind":"","plural":""},"conditions":[],"storedVersions":[]}}
kustomize.toolkit.fluxcd.io/checksum: f1b8ea0305dfcee147e24b6c5fb460c7062820e2
creationTimestamp: "2021-08-23T15:34:16Z"
generation: 1
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v0.16.2
kustomize.toolkit.fluxcd.io/name: flux-system
kustomize.toolkit.fluxcd.io/namespace: flux-system
name: imagerepositories.image.toolkit.fluxcd.io
resourceVersion: "7254378"
uid: 4365c37d-7fca-4c0a-845b-9ead4799adad
spec:
conversion:
strategy: None
group: image.toolkit.fluxcd.io
names:
kind: ImageRepository
listKind: ImageRepositoryList
plural: imagerepositories
singular: imagerepository
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.lastScanResult.scanTime
name: Last scan
type: string
- jsonPath: .status.lastScanResult.tagCount
name: Tags
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: ImageRepository is the Schema for the imagerepositories API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ImageRepositorySpec defines the parameters for scanning an
image repository, e.g., `fluxcd/flux`.
properties:
certSecretRef:
description: "CertSecretRef can be given the name of a secret containing
either or both of \n - a PEM-encoded client certificate (`certFile`)
and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`)
\n and whichever are supplied, will be used for connecting to the
\ registry. The client cert and key are useful if you are authenticating
with a certificate; the CA cert is useful if you are using a self-signed
server certificate."
properties:
name:
description: Name of the referent
type: string
required:
- name
type: object
image:
description: Image is the name of the image repository
type: string
interval:
description: Interval is the length of time to wait between scans
of the image repository.
type: string
secretRef:
description: SecretRef can be given the name of a secret containing
credentials to use for the image registry. The secret should be
created with `kubectl create secret docker-registry`, or the equivalent.
properties:
name:
description: Name of the referent
type: string
required:
- name
type: object
suspend:
description: This flag tells the controller to suspend subsequent
image scans. It does not apply to already started scans. Defaults
to false.
type: boolean
timeout:
description: Timeout for image scanning. Defaults to 'Interval' duration.
type: string
type: object
status:
description: ImageRepositoryStatus defines the observed state of ImageRepository
properties:
canonicalImageName:
description: CanonicalName is the name of the image repository with
all the implied bits made explicit; e.g., `docker.io/library/alpine`
rather than `alpine`.
type: string
conditions:
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are:
\"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
\ // +patchStrategy=merge // +listType=map // +listMapKey=type
\ Conditions []metav1.Condition `json:\"conditions,omitempty\"
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
\n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change can be detected.
type: string
lastScanResult:
description: LastScanResult contains the number of fetched tags.
properties:
scanTime:
format: date-time
type: string
tagCount:
type: integer
required:
- tagCount
type: object
observedGeneration:
description: ObservedGeneration is the last reconciled generation.
format: int64
type: integer
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .status.lastScanResult.scanTime
name: Last scan
type: string
- jsonPath: .status.lastScanResult.tagCount
name: Tags
type: string
name: v1alpha2
schema:
openAPIV3Schema:
description: ImageRepository is the Schema for the imagerepositories API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ImageRepositorySpec defines the parameters for scanning an
image repository, e.g., `fluxcd/flux`.
properties:
certSecretRef:
description: "CertSecretRef can be given the name of a secret containing
either or both of \n - a PEM-encoded client certificate (`certFile`)
and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`)
\n and whichever are supplied, will be used for connecting to the
\ registry. The client cert and key are useful if you are authenticating
with a certificate; the CA cert is useful if you are using a self-signed
server certificate."
properties:
name:
description: Name of the referent
type: string
required:
- name
type: object
image:
description: Image is the name of the image repository
type: string
interval:
description: Interval is the length of time to wait between scans
of the image repository.
type: string
secretRef:
description: SecretRef can be given the name of a secret containing
credentials to use for the image registry. The secret should be
created with `kubectl create secret docker-registry`, or the equivalent.
properties:
name:
description: Name of the referent
type: string
required:
- name
type: object
suspend:
description: This flag tells the controller to suspend subsequent
image scans. It does not apply to already started scans. Defaults
to false.
type: boolean
timeout:
description: Timeout for image scanning. Defaults to 'Interval' duration.
type: string
type: object
status:
description: ImageRepositoryStatus defines the observed state of ImageRepository
properties:
canonicalImageName:
description: CanonicalName is the name of the image repository with
all the implied bits made explicit; e.g., `docker.io/library/alpine`
rather than `alpine`.
type: string
conditions:
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are:
\"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
\ // +patchStrategy=merge // +listType=map // +listMapKey=type
\ Conditions []metav1.Condition `json:\"conditions,omitempty\"
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
\n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change can be detected.
type: string
lastScanResult:
description: LastScanResult contains the number of fetched tags.
properties:
scanTime:
format: date-time
type: string
tagCount:
type: integer
required:
- tagCount
type: object
observedGeneration:
description: ObservedGeneration is the last reconciled generation.
format: int64
type: integer
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ImageRepository
listKind: ImageRepositoryList
plural: imagerepositories
singular: imagerepository
conditions:
- lastTransitionTime: "2021-08-23T15:34:16Z"
message: no conflicts found
reason: NoConflicts
status: "True"
type: NamesAccepted
- lastTransitionTime: "2021-08-23T15:34:16Z"
message: the initial names have been accepted
reason: InitialNamesAccepted
status: "True"
type: Established
storedVersions:
- v1alpha2
It should be storedVersions: v1beta1
, you have to upgrade the controllers with flux 0.16.2
ok weird, after removing the ImageRepository
that I had added and reconciling, I re-ran bootstrap using flux 0.16.2
flux bootstrap github --private-key-file=/Users/davidsmith/.ssh/flux --owner=ClaimerApp --repository=flux-configuration --path=clusters/dev-one
and
flux bootstrap github --private-key-file=/Users/davidsmith/.ssh/flux --owner=ClaimerApp --repository=flux-configuration --path=clusters/dev-one --components-extra=image-reflector-controller,image-automation-controller
and everything finished successfully but I still get the following
➜ flux-configuration git:(main) kubectl get crd imagerepositories.image.toolkit.fluxcd.io -oyaml | tail -2
storedVersions:
- v1alpha2
Should I change something manually in the flux-system yaml files?
I had another go this morning, first I ran bootstrap without the extra components and kubectl get crd imagerepositories.image.toolkit.fluxcd.io
started to error (makes sense as the components were removed). Then I ran bootstrap with the extra components and the command started working but the storedVersion
is still v1alpha2
. I'm definitely using flux 0.16.2 (this is the exact version of flux I'm using https://github.com/NixOS/nixpkgs/blob/5fc7992364b278e2aa93914a6adccffefcf2ed67/pkgs/applications/networking/cluster/fluxcd/default.nix#L7)
I tried the same thing as you and v1beta1 is there https://github.com/stefanprodan/flux2-kustomize-helm-example/commit/c6498195f63033ec9b072d64e7326a5401752d25
Can you please download the Flux CLI from GitHub and try that, maybe the Nix package is messed up.
oh, now I have both:
➜ flux-configuration git:(main) kubectl get crd imagerepositories.image.toolkit.fluxcd.io -oyaml | tail -2
- v1alpha2
- v1beta1
Is this correct?
Also, there must be something wrong with the nixpkgs flux, everything looks totally correct to me, not sure if there's some weird difference between the built binary on the flux2 releases page and the nixpkgs one. FYI when running the nix one after the upgrade I get
lots of json....
Resource: "apiextensions.k8s.io/v1, Resource=customresourcedefinitions", GroupVersionKind: "apiextensions.k8s.io/v1, Kind=CustomResourceDefinition"
Name: "imageupdateautomations.image.toolkit.fluxcd.io", Namespace: ""
for: "/tmp/nix-shell.IcqbSj/nix-shell.Kjqsci/flux-bootstrap-3553615852/clusters/dev-one/flux-system": CustomResourceDefinition.apiextensions.k8s.io "imageupdateautomations.image.toolkit.fluxcd.io" is invalid: status.storedVersions[1]: Invalid value: "v1beta1": must appear in spec.versions
✗ exit status 1
Yes Nix is broken, they decided to build Flux differently then want we do...
oh wow, now when I added the ImageRepository, flux get kustomizations
shows me this:
{"metadata":{"annotations":{"kubectl.kubernetes.io/last-applied-configuration":"{\"apiVersion\":\"apiextensions.k8s.io/v1\",\"kind\":\"CustomResourceDefinition\",\"metadata\":{\"annotations\":{\"controller-gen.kubebuilder.io/version\":\"v0.5.0\",\"kustomize.toolkit.fluxcd.io/checksum\":\"7ac68b7a2baf9189fb7db0d12aed811080bc4662\"},\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/instance\":\"flux-system\",\"app.kubernetes.io/part-of\":\"flux\",\"app.kubernetes.io/version\":\"v0.16.2\",\"kustomize.toolkit.fluxcd.io/name\":\"flux-system\",\"kustomize.toolkit.fluxcd.io/namespace\":\"flux-system\"},\"name\":\"imagepolicies.image.toolkit.fluxcd.io\"},\"spec\":{\"group\":\"image.toolkit.fluxcd.io\",\"names\":{\"kind\":\"ImagePolicy\",\"listKind\":\"ImagePolicyList\",\"plural\":\"imagepolicies\",\"singular\":\"imagepolicy\"},\"scope\":\"Namespaced\",\"versions\":[{\"additionalPrinterColumns\":[{\"jsonPath\":\".status.latestImage\",\"name\":\"LatestImage\",\"type\":\"string\"}],\"name\":\"v1alpha1\",\"schema\":{\"openAPIV3Schema\":{\"description\":\"ImagePolicy is the Schema for the imagepolicies API\",\"properties\":{\"apiVersion\":{\"description\":\"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources\",\"type\":\"string\"},\"kind\":{\"description\":\"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\",\"type\":\"string\"},\"metadata\":{\"type\":\"object\"},\"spec\":{\"description\":\"ImagePolicySpec defines the parameters for calculating the ImagePolicy\",\"properties\":{\"filterTags\":{\"description\":\"FilterTags enables filtering for only a subset of tags based on a set of rules. If no rules are provided, all the tags from the repository will be ordered and compared.\",\"properties\":{\"extract\":{\"description\":\"Extract allows a capture group to be extracted from the specified regular expression pattern, useful before tag evaluation.\",\"type\":\"string\"},\"pattern\":{\"description\":\"Pattern specifies a regular expression pattern used to filter for image tags.\",\"type\":\"string\"}},\"type\":\"object\"},\"imageRepositoryRef\":{\"description\":\"ImageRepositoryRef points at the object specifying the image being scanned\",\"properties\":{\"name\":{\"description\":\"Name of the referent\",\"type\":\"string\"}},\"required\":[\"name\"],\"type\":\"object\"},\"policy\":{\"description\":\"Policy gives the particulars of the policy to be followed in selecting the most recent image\",\"properties\":{\"alphabetical\":{\"description\":\"Alphabetical set of rules to use for alphabetical ordering of the tags.\",\"properties\":{\"order\":{\"default\":\"asc\",\"description\":\"Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A.\",\"enum\":[\"asc\",\"desc\"],\"type\":\"string\"}},\"type\":\"object\"},\"numerical\":{\"description\":\"Numerical set of rules to use for numerical ordering of the tags.\",\"properties\":{\"order\":{\"default\":\"asc\",\"description\":\"Order specifies the sorting order of the tags. Given the integer values from 0 to 9 as tags, ascending order would select 9, and descending order would select 0.\",\"enum\":[\"asc\",\"desc\"],\"type\":\"string\"}},\"type\":\"object\"},\"semver\":{\"description\":\"SemVer gives a semantic version range to check against the tags available.\",\"properties\":{\"range\":{\"description\":\"Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image.\",\"type\":\"string\"}},\"required\":[\"range\"],\"type\":\"object\"}},\"type\":\"object\"}},\"required\":[\"imageRepositoryRef\",\"policy\"],\"type\":\"object\"},\"status\":{\"description\":\"ImagePolicyStatus defines the observed state of ImagePolicy\",\"properties\":{\"conditions\":{\"items\":{\"description\":\"Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \\\"Available\\\", \\\"Progressing\\\", and \\\"Degraded\\\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\\\"conditions,omitempty\\\" patchStrategy:\\\"merge\\\" patchMergeKey:\\\"type\\\" protobuf:\\\"bytes,1,rep,name=conditions\\\"` \\n // other fields }\",\"properties\":{\"lastTransitionTime\":{\"description\":\"lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.\",\"format\":\"date-time\",\"type\":\"string\"},\"message\":{\"description\":\"message is a human readable message indicating details about the transition. This may be an empty string.\",\"maxLength\":32768,\"type\":\"string\"},\"observedGeneration\":{\"description\":\"observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.\",\"format\":\"int64\",\"minimum\":0,\"type\":\"integer\"},\"reason\":{\"description\":\"reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.\",\"maxLength\":1024,\"minLength\":1,\"pattern\":\"^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$\",\"type\":\"string\"},\"status\":{\"description\":\"status of the condition, one of True, False, Unknown.\",\"enum\":[\"True\",\"False\",\"Unknown\"],\"type\":\"string\"},\"type\":{\"description\":\"type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)\",\"maxLength\":316,\"pattern\":\"^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$\",\"type\":\"string\"}},\"required\":[\"lastTransitionTime\",\"message\",\"reason\",\"status\",\"type\"],\"type\":\"object\"},\"type\":\"array\"},\"latestImage\":{\"description\":\"LatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy.\",\"type\":\"string\"},\"observedGeneration\":{\"format\":\"int64\",\"type\":\"integer\"}},\"type\":\"object\"}},\"type\":\"object\"}},\"served\":true,\"storage\":false,\"subresources\":{\"status\":{}}},{\"additionalPrinterColumns\":[{\"jsonPath\":\".status.latestImage\",\"name\":\"LatestImage\",\"type\":\"string\"}],\"name\":\"v1alpha2\",\"schema\":{\"openAPIV3Schema\":{\"description\":\"ImagePolicy is the Schema for the imagepolicies API\",\"properties\":{\"apiVersion\":{\"description\":\"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources\",\"type\":\"string\"},\"kind\":{\"description\":\"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\",\"type\":\"string\"},\"metadata\":{\"type\":\"object\"},\"spec\":{\"description\":\"ImagePolicySpec defines the parameters for calculating the ImagePolicy\",\"properties\":{\"filterTags\":{\"description\":\"FilterTags enables filtering for only a subset of tags based on a set of rules. If no rules are provided, all the tags from the repository will be ordered and compared.\",\"properties\":{\"extract\":{\"description\":\"Extract allows a capture group to be extracted from the specified regular expression pattern, useful before tag evaluation.\",\"type\":\"string\"},\"pattern\":{\"description\":\"Pattern specifies a regular expression pattern used to filter for image tags.\",\"type\":\"string\"}},\"type\":\"object\"},\"imageRepositoryRef\":{\"description\":\"ImageRepositoryRef points at the object specifying the image being scanned\",\"properties\":{\"name\":{\"description\":\"Name of the referent\",\"type\":\"string\"}},\"required\":[\"name\"],\"type\":\"object\"},\"policy\":{\"description\":\"Policy gives the particulars of the policy to be followed in selecting the most recent image\",\"properties\":{\"alphabetical\":{\"description\":\"Alphabetical set of rules to use for alphabetical ordering of the tags.\",\"properties\":{\"order\":{\"default\":\"asc\",\"description\":\"Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A.\",\"enum\":[\"asc\",\"desc\"],\"type\":\"string\"}},\"type\":\"object\"},\"numerical\":{\"description\":\"Numerical set of rules to use for numerical ordering of the tags.\",\"properties\":{\"order\":{\"default\":\"asc\",\"description\":\"Order specifies the sorting order of the tags. Given the integer values from 0 to 9 as tags, ascending order would select 9, and descending order would select 0.\",\"enum\":[\"asc\",\"desc\"],\"type\":\"string\"}},\"type\":\"object\"},\"semver\":{\"description\":\"SemVer gives a semantic version range to check against the tags available.\",\"properties\":{\"range\":{\"description\":\"Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image.\",\"type\":\"string\"}},\"required\":[\"range\"],\"type\":\"object\"}},\"type\":\"object\"}},\"required\":[\"imageRepositoryRef\",\"policy\"],\"type\":\"object\"},\"status\":{\"description\":\"ImagePolicyStatus defines the observed state of ImagePolicy\",\"properties\":{\"conditions\":{\"items\":{\"description\":\"Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \\\"Available\\\", \\\"Progressing\\\", and \\\"Degraded\\\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\\\"conditions,omitempty\\\" patchStrategy:\\\"merge\\\" patchMergeKey:\\\"type\\\" protobuf:\\\"bytes,1,rep,name=conditions\\\"` \\n // other fields }\",\"properties\":{\"lastTransitionTime\":{\"description\":\"lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.\",\"format\":\"date-time\",\"type\":\"string\"},\"message\":{\"description\":\"message is a human readable message indicating details about the transition. This may be an empty string.\",\"maxLength\":32768,\"type\":\"string\"},\"observedGeneration\":{\"description\":\"observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.\",\"format\":\"int64\",\"minimum\":0,\"type\":\"integer\"},\"reason\":{\"description\":\"reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.\",\"maxLength\":1024,\"minLength\":1,\"pattern\":\"^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$\",\"type\":\"string\"},\"status\":{\"description\":\"status of the condition, one of True, False, Unknown.\",\"enum\":[\"True\",\"False\",\"Unknown\"],\"type\":\"string\"},\"type\":{\"description\":\"type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)\",\"maxLength\":316,\"pattern\":\"^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$\",\"type\":\"string\"}},\"required\":[\"lastTransitionTime\",\"message\",\"reason\",\"status\",\"type\"],\"type\":\"object\"},\"type\":\"array\"},\"latestImage\":{\"description\":\"LatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy.\",\"type\":\"string\"},\"observedGeneration\":{\"format\":\"int64\",\"type\":\"integer\"}},\"type\":\"object\"}},\"type\":\"object\"}},\"served\":true,\"storage\":true,\"subresources\":{\"status\":{}}}]},\"status\":{\"acceptedNames\":{\"kind\":\"\",\"plural\":\"\"},\"conditions\":[],\"storedVersions\":[]}}\n","kustomize.toolkit.fluxcd.io/checksum":"7ac68b7a2baf9189fb7db0d12aed811080bc4662"}},"spec":{"versions":[{"additionalPrinterColumns":[{"jsonPath":".status.latestImage","name":"LatestImage","type":"string"}],"name":"v1alpha1","schema":{"openAPIV3Schema":{"description":"ImagePolicy is the Schema for the imagepolicies API","properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources","type":"string"},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds","type":"string"},"metadata":{"type":"object"},"spec":{"description":"ImagePolicySpec defines the parameters for calculating the ImagePolicy","properties":{"filterTags":{"description":"FilterTags enables filtering for only a subset of tags based on a set of rules. If no rules are provided, all the tags from the repository will be ordered and compared.","properties":{"extract":{"description":"Extract allows a capture group to be extracted from the specified regular expression pattern, useful before tag evaluation.","type":"string"},"pattern":{"description":"Pattern specifies a regular expression pattern used to filter for image tags.","type":"string"}},"type":"object"},"imageRepositoryRef":{"description":"ImageRepositoryRef points at the object specifying the image being scanned","properties":{"name":{"description":"Name of the referent","type":"string"}},"required":["name"],"type":"object"},"policy":{"description":"Policy gives the particulars of the policy to be followed in selecting the most recent image","properties":{"alphabetical":{"description":"Alphabetical set of rules to use for alphabetical ordering of the tags.","properties":{"order":{"default":"asc","description":"Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A.","enum":["asc","desc"],"type":"string"}},"type":"object"},"numerical":{"description":"Numerical set of rules to use for numerical ordering of the tags.","properties":{"order":{"default":"asc","description":"Order specifies the sorting order of the tags. Given the integer values from 0 to 9 as tags, ascending order would select 9, and descending order would select 0.","enum":["asc","desc"],"type":"string"}},"type":"object"},"semver":{"description":"SemVer gives a semantic version range to check against the tags available.","properties":{"range":{"description":"Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image.","type":"string"}},"required":["range"],"type":"object"}},"type":"object"}},"required":["imageRepositoryRef","policy"],"type":"object"},"status":{"description":"ImagePolicyStatus defines the observed state of ImagePolicy","properties":{"conditions":{"items":{"description":"Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }","properties":{"lastTransitionTime":{"description":"lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.","format":"date-time","type":"string"},"message":{"description":"message is a human readable message indicating details about the transition. This may be an empty string.","maxLength":32768,"type":"string"},"observedGeneration":{"description":"observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.","format":"int64","minimum":0,"type":"integer"},"reason":{"description":"reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.","maxLength":1024,"minLength":1,"pattern":"^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$","type":"string"},"status":{"description":"status of the condition, one of True, False, Unknown.","enum":["True","False","Unknown"],"type":"string"},"type":{"description":"type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions...
and the error at the top is apply failed: Error from server (Invalid): error when applying patch:
Get rid of the Nix binary, download the official binary from our release page and start over with cluster bootstrap. After you download the right binary, do flux uninstall
then flux bootstrap
.
OK, all working now. I had an old version of flux installed before, perhaps the nix version was using the PATH in my shell profile or something instead of the live PATH. Thanks @stefanprodan and hopefully the nix version will get fixed soon
Hello,
I'm trying to setup automatic image update with a simple yaml for ImageRepository as such
However, I am getting the following error:
Flux was setup simply using
flux bootstrap gitlab