capsule-proxy url hardcoded not reachable in FluxCD deploy

[heytrav]

I'm attempting to set up Capsule in FluxCD and am running into a problem similar to one already encountered in another repository: projectcapsule/capsule#1299

 ImageRepository/preview1-system/my-dashboard dry-run failed: failed to get
API group resources: unable to retrieve the complete list of server APIs: image.toolkit.fluxcd.io/v1beta2: Get "https://capsule-proxy.capsule-system.svc:90
01/apis/image.toolkit.fluxcd.io/v1beta2?timeout=30s": dial tcp: lookup capsule-proxy.capsule-system.svc on 10.96.0.10:53: no such host

Capsule seems to want to query APIResources at https://capsule-proxy.capsule-system.svc:9001/apis/image.toolkit.fluxcd.io/v1beta2.

In my config, capsule is being deployed to the capsule namespace. Even if I do change the namespace to match, FluxCD also adds capsule- as a prefix in front of the service name making it capsule-capsule-proxy which I cannot change.

The name of the service capsule-proxy as well as the namespace capsule-system appear to be hardcoded somewhere and I am not sure where to override them. I've come across this line of code which I think might have something to do with it but am not sure if this is even the correct repository.

My FluxCD config for capsule and capsule-addon-fluxcd:

---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
  name: projectcapsule
  namespace: flux-system
spec:
  interval: 1m0s
  url: https://projectcapsule.github.io/charts
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: capsule
  namespace: flux-system
spec:
  serviceAccountName: helm-controller
  chart:
    spec:
      chart: capsule
      reconcileStrategy: ChartVersion
      sourceRef:
        kind: HelmRepository
        name: projectcapsule
      version: '>=0.7.2 < 0.8.0'
  install:
    crds: Create
    createNamespace: true
    remediation:
      retries: -1
  interval: 5m0s
  targetNamespace: capsule
  upgrade:
    crds: CreateReplace
  values:
    proxy:
      enabled: true
    certManager:
      generateCertificates: true
    # tls:
    #   enableController: false
    fullnameOverride: capsule-capsule

---
---
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: OCIRepository
metadata:
  name: oci-capsule-addon-fluxcd
  namespace: flux-system
spec:
  interval: 5m0s
  provider: generic
  ref:
    semver: '>=0.1.2 < 0.2.0'
  url: oci://ghcr.io/projectcapsule/charts/capsule-addon-fluxcd
---
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: capsule-addon-fluxcd
  namespace: flux-system
spec:
  serviceAccountName: helm-controller
  chartRef:
    kind: OCIRepository
    name: oci-capsule-addon-fluxcd
  install:
    crds: Create
    createNamespace: true
    remediation:
      retries: -1
  interval: 1m0s
  targetNamespace: capsule
  upgrade:
    crds: CreateReplace
  values:
    proxy:
      tls:
        secretName: capsule-capsule-proxy

[maxgio92]

Hi @heytrav, thank you for opening an issue for this!

The proxy URL can indeed be customized with the --proxy-url CLI flags of the addon.
Unfortunately the Helm chart doesn't support it yet, but I've just opened a PR for this here #40.

[heytrav]

@maxgio92 brilliant! Thank you!

[maxgio92]

Hi @heytrav, you can now use the Helm value with the new chart version, released to the OCI repository

helm upgrade -n capsule capsule-addon-fluxcd \
  oci://ghcr.io/projectcapsule/charts/capsule-addon \
  --version v0.2.0 \
  --set proxy.url=https://capsule-proxy.capsule.svc:9001

[heytrav]

@maxgio92 Done! I can verify that it is working now.

Thank you for implementing this so quickly!

I'll close the issue now.

[maxgio92]

Thank you so much @heytrav for checking on this!