Can't install argocd 16 -- template rendering issues

[MaxWinterstein]

When trying to use version 16.2.0 i can't perform an installation though terraform:

helm_release.argocd: Creating...
╷
│ Error: template: argocd/charts/argo-cd/charts/redis/templates/master/application.yaml:52:35: executing "argocd/charts/argo-cd/charts/redis/templates/master/application.yaml" at <include (print $.Template.BasePath "/secret.yaml") .>: error calling include: template: argocd/charts/argo-cd/charts/redis/templates/secret.yaml:24:21: executing "argocd/charts/argo-cd/charts/redis/templates/secret.yaml" at <include "redis.password" .>: error calling include: template: argocd/charts/argo-cd/charts/redis/templates/_helpers.tpl:250:12: executing "redis.password" at <include "getValueFromSecret" (dict "Namespace" (include "common.names.namespace" .) "Name" (include "redis.secretName" .) "Length" 10 "Key" (include "redis.secretPasswordKey" .))>: error calling include: template: argocd/charts/argo-cd/charts/redis/templates/_helpers.tpl:234:30: executing "getValueFromSecret" at <b64dec>: invalid value; expected string
│ 
│   with helm_release.argocd,
│   on main.tf line 5, in resource "helm_release" "argocd":
│    5: resource "helm_release" "argocd" {
│ 

Selecting e.g. 15.0.1 works fine

note: using terragrunt. As we just use this chart to bootstrap and let argocd sync/update itself no blocker for me

[krankkkk]

@MaxWinterstein We don't use terragrunt so I don't know how exactly it behaves in regards to helm functions that need a cluster connection, but it seems like helm fails at the lookup for the redis password in the secret argocd-redis.

Do you set any values in the argocd.redis section?

As a workaround could you try setting the redis password? You could use either global.redis.password or argocd.redis.auth.password

[MaxWinterstein]

Do you set any values in the argocd.redis section?

Nope

As a workaround could you try setting the redis password?

yes, that worked for me. But needed to additionally disable the kyverno and ingress stuff to get at least the rendering through.

In the end I just stick to the v15 chart, as it is just a boottrap. It has some issues when upgrading, but I guess they are argocd related: https://github.com/argoproj/argo-cd/issues/17090#issuecomment-2178670903

[krankkkk]

Disabling the kyverno exlusion i can understand, but ingress should work just fine. have you set the ingress host for the server?

here is a working example similar to what we use:

resource "helm_release" "argocd" {
  name                  = "argocd"
  repository            = "https://charts.iits.tech"
  chart                 = "argocd"
  version               = "16.2.0"
  namespace             = "argocd"
  create_namespace      = true
  wait                  = true
  atomic                = true
  timeout = 900 // 15 Minutes
  render_subchart_notes = true
  dependency_update     = true
  wait_for_jobs         = true
  values = [
    yamlencode({
      argo-cd = {
        server = {
          ingress = {
            hostname = "admin.example.com"
          }
        }
      }
      projects = {
        infrastructure-charts = {
          projectValues = {
            # Set this to enable stage values-$STAGE.yaml
            stage      = "dev"
            context    = "iits"
            rootDomain = "example.com"
          }
          git = {
            username = <Some_secret_username>
            branch   = "main"
            password =  <Some_secret_token>
            repoUrl  = <git_url>
          }
        }
      }
    })
  }
  ]
}

yes, that worked for me. But needed to additionally disable the kyverno and ingress stuff to get at least the rendering through.

There really shouldn't be a rendering issue even if you set no values at all, could you provide us with a minimal reproducer where this occurs?