search

fluxcd / image-automation-controller

GitOps Toolkit controller that patches container image tags in Git
https://fluxcd.io
Apache License 2.0
173 stars 71 forks source link

label fail when using image update automation #118

Closed davidkarlsen closed 3 years ago

davidkarlsen commented 3 years ago

It seems like the image is stored as a label, and that this labels value is too large? Maybe use an annotation for the actual value?

der    False   Helm upgrade failed: cannot patch "ghec-onboarder-fsjetty" with kind ServiceAccount: ServiceAccount "ghec-onboarder-fsjetty" is invalid: [metadata.labels: Invalid value: "fsnexus.evry.com:8085/evryfs/ccm/ccm-userclean-ghec-onboarder:2.0.212": must be no more than 63 characters, metadata.labels: Invalid value: "fsnexus.evry.com:8085/evryfs/ccm/ccm-userclean-ghec-onboarder:2.0.212": a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue',  or 'my_value',  or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')] && cannot patch "ghec-onboarder-fsjetty-imagepullsecret" with kind Secret: Secret "ghec-onboarder-fsjetty-imagepullsecret" is invalid: [metadata.labels: Invalid value: "fsnexus.evry.com:8085/evryfs/ccm/ccm-userclean-ghec-onboarder:2.0.212": must be no more than 63 characters, metadata.labels: Invalid value: "fsnexus.evry.com:8085/evryfs/ccm/ccm-userclean-ghec-onboarder:2.0.212": a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue',  or 'my_value',  or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')] && cannot patch "ghec-onboarder-fsjetty-config" with kind ConfigMap: ConfigMap "ghec-onboarder-fsjetty-config" is invalid: [metadata.labels: Invalid value: "fsnexus.evry.com:8085/evryfs/ccm/ccm-userclean-ghec-onboarder:2.0.212": must be no more than 63 characters, metadata.labels: Invalid value: "fsnexus.evry.com:8085/evryfs/ccm/ccm-userclean-ghec-onboarder:2.0.212": a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue',  or 'my_value',  or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')] && cannot patch "ghec-onboarder-fsjetty" with kind Role: Role.rbac.authorization.k8s.io "ghec-onboarder-fsjetty" is invalid: [metadata.labels: Invalid value: "fsnexus.evry.com:8085/evryfs/ccm/ccm-userclean-ghec-onboarder:2.0.212": must be no more than 63 characters, metadata.labels: Invalid value: "fsnexus.evry.com:8085/evryfs/ccm/ccm-userclean-ghec-onboarder:2.0.212": a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue',  or 'my_value',  or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')] && cannot patch "ghec-onboarder-fsjetty" with kind RoleBinding: RoleBinding.rbac.authorization.k8s.io "ghec-onboarder-fsjetty" is invalid: [metadata.labels: Invalid value: "fsnexus.evry.com:8085/evryfs/ccm/ccm-userclean-ghec-onboarder:2.0.212": must be no more than 63 characters, metadata.labels: Invalid value: "fsnexus.evry.com:8085/evryfs/ccm/ccm-userclean-ghec-onboarder:2.0.212": a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue',  or 'my_value',  or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')] && cannot patch "ghec-onboarder-fsjetty" with kind Service: Service "ghec-onboarder-fsjetty" is invalid: [metadata.labels: Invalid value: "fsnexus.evry.com:8085/evryfs/ccm/ccm-userclean-ghec-onboarder:2.0.212": must be no more than 63 characters, metadata.labels: Invalid value: "fsnexus.evry.com:8085/evryfs/ccm/ccm-userclean-ghec-onboarder:2.0.212": a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue',  or 'my_value',  or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')] && cannot patch "ghec-onboarder-fsjetty" with kind Deployment: Deployment.apps "ghec-onboarder-fsjetty" is invalid: [metadata.labels: Invalid value: "fsnexus.evry.com:8085/evryfs/ccm/ccm-userclean-ghec-onboarder:2.0.212": must be no more than 63 characters, metadata.labels: Invalid value: "fsnexus.evry.com:8085/evryfs/ccm/ccm-userclean-ghec-onboarder:2.0.212": a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue',  or 'my_value',  or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')]   152m
squaremo commented 3 years ago

There's nowhere that the image is stored as a label by the controller. What might have happened is that there's a marker in a HelmRelease .spec.values section, and the value is interpolated into a template for a ServiceAccount resource. Are you using a marker (# {"$imagepolicy": "...something..."}) in a HelmRelease, somewhere?

davidkarlsen commented 3 years ago

Wops. I thought I didn't click save on this. It was just me missing to refer the tag in the policy so that I got the full image ref inside the tag value.