Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Helm chart 2.12.0 - endless loop in ArgoCD #544

Closed
michalromanowskiap opened this issue Oct 5, 2023 · 2 comments
Closed

Helm chart 2.12.0 - endless loop in ArgoCD #544

michalromanowskiap opened this issue Oct 5, 2023 · 2 comments
Labels
bug Something isn't working

Comments

@michalromanowskiap
Copy link

michalromanowskiap commented Oct 5, 2023
edited
Loading

Hi,

we are running helm chart 2.12.0 on AKS v1.27.3 using ArgoCD (2.8.4). It seems that some properties are overwritten/deleted by the AKS itself. From what I've seen in the chart src code, there's no way of adjusting it. How could I fix the issue? Argo is endlessly trying to apply the manifests because there's non-zero diff.

Expected Behavior

We are able to deploy all K8S resources

Actual Behavior

There's a unresolvable diff in 2 resources:

  • ValidatingWebhookConfiguration keda-admission:
# actual:
webhooks:
  - admissionReviewVersions:
      - v1
-    namespaceSelector:
-      matchExpressions: []
# desired
webhooks:
  - admissionReviewVersions:
      - v1
+    namespaceSelector: {}
  • APIService v1beta1.external.metrics.k8s.io:
# actual
none
# desired:
spec:
+  insecureSkipTLSVerify: false

Steps to Reproduce the Problem

  1. Running the exact versions on the AKS should do it

Specifications

  • KEDA Version: chart 2.12.0
  • Platform & Version: not sure what it is
  • Kubernetes Version: AKS v1.27.3
  • Scaler(s): non relevant
@michalromanowskiap michalromanowskiap added the bug Something isn't working label Oct 5, 2023
@michalromanowskiap
Copy link
Author

I've managed to fix it. Just add this to the argo-cm ConfigMap:

configs:
  cm:
    resource.customizations: |
      admissionregistration.k8s.io/ValidatingWebhookConfiguration:
        ignoreDifferences: |
          jqPathExpressions:
            - . | select (.metadata.name == "keda-admission") | .webhooks[].namespaceSelector.matchExpressions
      apiregistration.k8s.io/APIService:
        ignoreDifferences: |
          jqPathExpressions:
            - . | select (.metadata.name == "v1beta1.external.metrics.k8s.io") | .spec.insecureSkipTLSVerify

@f2calv
Copy link

f2calv commented Oct 7, 2023

Disabling webhooks fixed the first namespaceSelector issue for me, then added an ignoreDifferences entry for the insecureSkipTLSVerify;

  source:
    repoURL: https://kedacore.github.io/charts
    targetRevision: 2.12.0
    chart: keda
    helm:
      values: |-
        webhooks:
          enabled: false
  ignoreDifferences:
    - name: v1beta1.external.metrics.k8s.io
      group: apiregistration.k8s.io
      kind: APIService
      jsonPointers:
        - /spec/insecureSkipTLSVerify

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@f2calv @michalromanowskiap