search

virtual-kubelet / azure-aci

Things related to Azure Container Instances for Virtual Kubelet
Apache License 2.0
92 stars 71 forks source link

ACI Provider does not handle empty string secrets well #175

Open fishman opened 2 years ago

fishman commented 2 years ago

Environment summary

Provider (e.g. ACI, AWS Fargate, Hyper) ACI

Version (e.g. 0.1, 0.2-beta) Master

K8s Master Info (e.g. AKS, ACS, Bare Metal, EKS) AKS

Install Method (e.g. Helm Chart, ) Helm Chart

Issue Details

When I create a gitlab ci runner with an empty variable in the secrets it causes the following error

Warning ProviderCreateFailed 44s (x17 over 11m) virtual-node-aci-linux/pod-controller api call to https://management.azure.com/subscriptions//resourceGroups//providers/Microsoft.ContainerInstance/containerGroups/gitlab-managed-apps-gitlab-runner-gitlab-runner-59b4fd586d-gbtdb?api-version=2018-10-01: got HTTP response status code 400 error code "SecretValueNotSpecified": The value of secret 'runner-token' is not specified in volume 'init-runner-secrets'.

Repo Steps

In the below output you can see how the secret is stored in kubernetes

apiVersion: v1
data:
  runner-registration-token: somebase64==
  runner-token: ""
kind: Secret
metadata:
  annotations:
    meta.helm.sh/release-name: gitlab-runner
    meta.helm.sh/release-namespace: gitlab-managed-apps
  labels:
    app: gitlab-runner-gitlab-runner
    app.kubernetes.io/managed-by: Helm
  name: gitlab-runner-gitlab-runner
type: Opaque
fishman commented 2 years ago

If the secret is an empty string it should be accessible as such. Instead it's treated as unset.