search

jenkins-x / terraform-aws-eks-jx

A Terraform module for creating Jenkins X infrastructure on AWS
Apache License 2.0
63 stars 42 forks source link

tls email not populated #208

Open dicolasi opened 3 years ago

dicolasi commented 3 years ago

Summary

TLS email not populated in jx-requirements, resulting in a error in git-operator.

Steps to reproduce the behavior

In main.tf set tls_email = "foo@bar.xyz" Execute terraform apply

Expected behavior

In jx-requirements.yml, the ingress section should be populated with the following:

 tls:
      email: "foo@bar.xyz"

Actual behavior

    tls:
      email: ""

Git operator fails with the following error:

│ jx verify ingress                                                                                                                                                                                                                                                            │
│ error: You must provide a valid email address to enable TLS so you can receive notifications from LetsEncrypt about your certificates: mail: no address

Terraform version

The output of terraform version is:

Terraform v0.13.5
+ provider registry.terraform.io/hashicorp/aws v3.16.0
+ provider registry.terraform.io/hashicorp/helm v1.3.2
+ provider registry.terraform.io/hashicorp/kubernetes v1.11.1
+ provider registry.terraform.io/hashicorp/local v1.4.0
+ provider registry.terraform.io/hashicorp/null v2.1.2
+ provider registry.terraform.io/hashicorp/random v2.3.1
+ provider registry.terraform.io/hashicorp/template v2.2.0

Module version

Operating system

ankitm123 commented 3 years ago

/assign

dicolasi commented 3 years ago

just to add to this: the same applies to everything under ingress in jx-requirements.yaml. An example is externalDNS, which defaults to false even if main.tf says true.

ankitm123 commented 3 years ago

So, I tried to reproduce it with this:

module "eks-jx" {
  source                               = "../../"
  region                               = var.region
  use_vault                            = var.use_vault
  use_asm                              = var.use_asm
  is_jx2                               = false
  enable_worker_groups_launch_template = true
  encrypt_volume_self                  = true
  tls_email                            = "test@test.com"
}

I see in the configmap:

ingress:
                  domain: ""
                  ignoreLoadBalancer: false
                  externalDNS: false
                  tls:
                    email: "test@test.com"
                    enabled: false
                    production: false

@dicolasi when you do a plan, what does it show in the plan? it seems to populate the right value for email for me.

dicolasi commented 3 years ago

Strange. Just created 3 new clusters and I see the same behaviour. I can only see this: ingress: domain: data.property.xyz externalDNS: true namespaceSubDomain: -jx. tls: email: "" enabled: true production: true

Enabled | Production | domain | externalDNS are correctly populated. Email still empty...

Here another example: main.tf

tls_email = "security@property.xyz" enable_tls = true production_letsencrypt = true enable_external_dns = true

jx-requirements.yaml:

ingress: domain: "" externalDNS: false namespaceSubDomain: -jx. tls: email: "" enabled: false production: false

marsdalesa commented 3 years ago

I experienced the same issue when creating a cluster 3 days ago - will be building from scratch soon so will chime in if I see the same again as well.

frankvollenweider commented 3 years ago

I have the same issue while building a new jx3 cluster today. jx version: 3.0.787 terraform version: v0.13.5

jenkins-x-bot commented 3 years ago

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with /close. Provide feedback via https://jenkins-x.io/community. /lifecycle stale