search

jfrog / charts

JFrog official Helm Charts
https://jfrog.com/integration/helm-repository/
Apache License 2.0
259 stars 448 forks source link

Install Jfrog pipelines with a pre-existing Vault is failing during init phase #1871

Closed adrianiacob22 closed 3 months ago

adrianiacob22 commented 7 months ago

Is this a request for help?: No

Is this a BUG REPORT or FEATURE REQUEST? (choose one): BUG REPORT

Version of Helm and Kubernetes: Client Version: v1.28.0 Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3 Server Version: v1.28.6-eks-508b6b3

helm version version.BuildInfo{Version:"v3.12.3", GitCommit:"3a31588ad33fe3b89af5a2a54ee1d25bfe6eaa5e", GitTreeState:"clean", GoVersion:"go1.20.7"}

Which chart: pipelines-101.56.6

Which product license (Enterprise/Pro/oss): Pro

JFrog support reference (if already raised with support team): Not yet

What happened: When deploying Jfrog pipelines using an already existing Vault installation VAULT_TOKEN variable is not populated in initContainers and they are failing. More exactly pipelines-installer container in pipelines services statefulset is not able to update vault token in system yaml because VAULT_TOKEN variable is not set.

|___ Updating vault token in system yaml
|___ Missing env for vault root token: VAULT_TOKEN

This appears to be caused by this line here: https://github.com/jfrog/charts/blob/35a303260c75be98160a39a554cf077f5e7d78dd/stable/pipelines/templates/pipelines-statefulset.yaml#L309

While using an already existing Vault installation .Values.vault.enabled has to be set to false, in which case the if condition is false so the VAULT_TOKEN variable is not populated.

What you expected to happen: To be able to set the token for an already existing Vault installation.

How to reproduce it (as minimally and precisely as possible): Install Jfrog pipelines by setting it up using an existing Hashicorp Vault.

Anything else we need to know:

shashank-taliwal commented 7 months ago

The JFrog Pipelines do not support vault installation anymore. For more information, please check this hyperlink https://github.com/jfrog/vault-plugin-secrets-artifactory

adrianiacob22 commented 7 months ago

Hi @shashank-taliwal this is not about vault instalation. The issue is happening when I choose not to install vault using pipelines chart.

shashank-taliwal commented 7 months ago

Hi @adrianiacob22 , We don't support external vault installations. PFA documentation link for your perusal https://jfrog.com/help/r/jfrog-installation-setup-documentation/use-an-external-vault