search

kubeshop / monokle-cli

CLI for Monokle core validation library
19 stars 3 forks source link

The "monokle validate . --api-token=... --project=..." command errors #45

Open f1ames opened 9 months ago

f1ames commented 9 months ago

As in the title, encountered by @WitoDelnat during demo. However, I checked this with latest version and seems to work 🤔 

kkrzton@DESKTOP-H6J6G6R:~/Workspace/kubeshop/monokle-cli$ monokle validate . --api-token=REDACTED --project=pJFIBNae
┌──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┐
│                                                                                                                                                          │
│    ℹ Validated 4 resources using remote policy from Default project. It can be adjusted on https://app.monokle.com/dashboard/projects/pJFIBNae/policy.   │
│                                                                                                                                                          │
└──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘

panda-blog.deployment@test/assets/multiple-bad-resources.yaml
[⚠ schema-violated] Value at /spec/replicas should be integer
[⚠ no-latest-image] Disallow images with the latest tag
[✖ no-writable-fs] Require a read-only root file system
[✖ drop-capabilities] Require default capabilities to be dropped
[⚠ no-low-user-id] Disallow running with a low user ID
[✖ no-low-group-id] Disallow running with a low group ID
[✖ no-automount-service-account-token] Disallow automounting the service account token

@WitoDelnat could you recheck on your end 🤔

WitoDelnat commented 9 months ago

I tried running it again and I got this error. 

~/code/monokle-natixis  ▶ monokle validate ocp-templates --api-token=mca_redacted --project=gYKredacted --debug
Something unexpected happened. You can re-run with --debug for more details.

Error: Not Found error (code: INTERNAL_SERVER_ERROR). Cannot fetch data from https://api.monokle.com/graphql.
    at ApiHandler.queryApi (/snapshot/cjs/main.cjs:169102:19)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)
    at async Synchronizer.fetchPolicyForProject (/snapshot/cjs/main.cjs:193674:32)
    at async getRemotePolicyForProject (/snapshot/cjs/main.cjs:196627:24)
    at async Promise.all (index 0)
    at async Object.handler (/snapshot/cjs/main.cjs:197035:48)

The server logs are not indicating any problem though. When I make a CLI request the getProject appears so it seems to be calling it though.

monokle-core-api-production-8667df9c74-qqb76 [Nest] 1  - 12/14/2023, 9:39:39 AM     LOG [LoggingInterceptor] 94872df00694b90fe225a5a35cc49910 HTTP GET /auth/provider/:provider/installation/:installation/credentials
monokle-core-api-production-8667df9c74-qqb76 [Nest] 1  - 12/14/2023, 9:39:39 AM     LOG [LoggingInterceptor] 94872df00694b90fe225a5a35cc49910 HTTP GET /auth/provider/:provider/installation/:installation/credentials response - 143ms
monokle-core-api-production-8667df9c74-qqb76 [Nest] 1  - 12/14/2023, 9:39:54 AM     LOG [LoggingInterceptor] 9caf589b0bd7e21634d8f484713e15c6 GQL Query getProject
monokle-core-api-production-8667df9c74-qqb76 [Nest] 1  - 12/14/2023, 9:39:54 AM     LOG [LoggingInterceptor] 16790984-55bd-4f41-85c0-4acb4be5cc89 GQL Query getValidationPolicies
monokle-core-api-production-8667df9c74-bpqmq [Nest] 1  - 12/14/2023, 9:39:54 AM     LOG [LoggingInterceptor] c815ec377dbb98d91caee32c0f787931 GQL Query getProject
monokle-core-api-production-8667df9c74-bpqmq [Nest] 1  - 12/14/2023, 9:40:03 AM     LOG [LoggingInterceptor] bbcbad84bde3858d8ae44c7339d07e5c GQL Query getProject
monokle-core-api-production-8667df9c74-bpqmq [Nest] 1  - 12/14/2023, 9:40:03 AM     LOG [LoggingInterceptor] ac939874626c04489d171d82bcf3c9e0 GQL Query getProject
f1ames commented 9 months ago

@WitoDelnat this error:

Error: Not Found error (code: INTERNAL_SERVER_ERROR). Cannot fetch data from https://api.monokle.com/graphql

usually means projectId does not match, so maybe it's not valid in the context of https://api.monokle.com/graphql?

Still, error message could be more meaningful maybe? 🤔

WitoDelnat commented 9 months ago

It's indeed an invalid projectId as it belongs to an enterprise instance. It does not exist on Monokle Cloud.

About error handling. I'm thinking along the lines of: "Cannot validate. Either the project does not exist or you are using the wrong origin." Not sure if we want to be explicit about origins though 🤔