search

hpe-storage / co-deployments

HPE storage platforms deployment declarations for container orchestrators
https://scod.hpedev.io
Apache License 2.0
11 stars 44 forks source link

chapSecretValidation breaks Argo CD multi source applications #398

Open wolffberg opened 3 weeks ago

wolffberg commented 3 weeks ago

When deploying the hpe-csi-driver chart using a multi source Argo CD application where the first source is the hpe-csi-driver chart and the second source is a custom chart with the secret containing the iscsi.chapSecretName secret, Argo CD cannot deploy the charts and fails with 

(hpe-csi-driver/templates/pre-install-hook.yaml:26:15): Secret hpe-chap-credentials not found in namespace addon-hpe-storage

Instead of using a custom pre-install-hook I suggest using a Kubernetes native way of ensuring the secret is available and correct.

This could for example be mounting the secret into the container and validating it using an init container.

datamattsson commented 3 weeks ago

The whole point of a cluster wide secret for CHAP was that it needs to exist prior to installing the Chart. I agree this pre-install-hook isn't the prettiest solution but fail to understand you can't reverse the order in your workflow?