argo-cd icon indicating copy to clipboard operation
argo-cd copied to clipboard

Published 20 hours ago verified publisher icon argoproj

argocd notification is unable to trigger to SMTP server

Open rshiva777 opened this issue 8 months ago • 6 comments

argocd notification with insecure_skip_verify not working as expected

Checklist:

  • [x] I've searched in the docs and FAQ for my answer: https://bit.ly/argocd-faq.
  • [x] I've included steps to reproduce the bug.
  • [x] I've pasted the output of argocd version.

Describe the bug

I have enabled argocd notification and integration to my SMTP server. Post that i have triggered notification, but i see error in the argocd-notification pod as below

time="2023-12-18T11:33:32Z" level=error msg="Failed to notify recipient {gmail [email protected]} defined in resource argocd/airflow: tls: server selected unsupported protocol version 301" resource=argocd/newer

To Reproduce

  1. Install argocd with notification enabled
  2. Update the configmap with the SMTP details so that we can have email notifications
  3. Create an application and add the subscription so that email notification triggers

Expected behavior

SO after the above steps, notification is trying to trigger by the argocd notification controller. But it is unable to trigger notification to the SMTP will the below error

time="2023-12-18T11:33:32Z" level=error msg="Failed to notify recipient {gmail [email protected]} defined in resource argocd/airflow: tls: server selected unsupported protocol version 301" resource=argocd/newer

Screenshots

Version

Paste the output from `argocd version` here.

argocd: v2.5.4+86b2dde BuildDate: 2022-12-06T20:09:11Z GitCommit: 86b2dde8e4bf1187acd2b4294e94451cd104dad8 GitTreeState: clean GoVersion: go1.18.8 Compiler: gc Platform: linux/amd64

Logs time="2023-12-18T11:33:32Z" level=info msg="Sending notification about condition 'on-sync-succeeded.[0].zxM90Et6k4Elb1-fHdjtDJq0xR0' to '{gmail [email protected]}'" resource=argocd/airflow time="2023-12-18T11:33:32Z" level=error msg="Failed to notify recipient {gmail [email protected]} defined in resource argocd/airflow: tls: server selected unsupported protocol version 301" resource=argocd/airflow time="2023-12-18T11:33:32Z" level=info msg="Trigger on-sync-status-unknown result: [{[0].6SzWb05EK-0v90hwjyytTbN7S6A [app-sync-status-unknown] false}]" resource=argocd/airflow time="2023-12-18T11:33:32Z" level=info msg="Trigger on-deployed result: [{[0].y7b5sbwa2Q329JYH755peeq-fBs a71c917d73b72f2ad02cd242545e1f032ce29bfb [app-deployed] true}]" resource=argocd/airflow time="2023-12-18T11:33:32Z" level=info msg="Notification about condition 'on-deployed.[0].y7b5sbwa2Q329JYH755peeq-fBs' already sent to '{teams notifications}'" resource=argocd/airflow time="2023-12-18T11:33:32Z" level=info msg="Trigger on-health-degraded result: [{[0].zoG5zUjYGjimkwCGgIQGjx1hO5s [app-health-degraded] false}]" resource=argocd/airflow time="2023-12-18T11:33:32Z" level=info msg="Trigger on-sync-failed result: [{[0].H9WjsqG1dKYm6njOZ7yUQYOA1Wk [app-sync-failed] false}]" resource=argocd/airflow time="2023-12-18T11:33:32Z" level=info msg="Trigger on-sync-running result: [{[0].xGlbhcF_taGYrI3UsrQsINn2hl0 [app-sync-running] false}]" resource=argocd/airflow time="2023-12-18T11:33:32Z" level=info msg="Processing completed" resource=argocd/airflow

Paste any relevant application logs here.

Basing on the above error, i tried to skip the tls with **insecure_skip_verify: true** flag. But even then the same issue

rshiva777 avatar Dec 18 '23 11:12 rshiva777

below is the configmap email notification section defined

service.email.gmail: | host: test.org.com port: 25 from: [email protected] insecure_skip_verify: true

rshiva777 avatar Dec 18 '23 11:12 rshiva777

Hello,

I just found that insecure_skip_verify flag is not working on the argocd notification controller version v2.6.3 and it is working fine with argocd notification controller v1.2.1

Could you please check why the flag is not considering on argocd notification controller v2.6.3

rshiva777 avatar Dec 19 '23 16:12 rshiva777

Same issue on argocd version v2.9.3

i used helm chart version argo-cd-5.51.6 to deploy argocd

Enabled argocd notification, and configured my SMTP details on argocd-notification-cm and restarted pods

Post that again seeing the same error as below

time="2023-12-21T10:22:08Z" level=info msg="Trigger on-sync-status-unknown result: [{[0].6SzWb05EK-0v90hwjyytTbN7S6A [app-sync-status-unknown] false}]" resource=argocd/newer time="2023-12-21T10:22:08Z" level=info msg="Trigger on-sync-failed result: [{[0].H9WjsqG1dKYm6njOZ7yUQYOA1Wk [app-sync-failed] true}]" resource=argocd/newer time="2023-12-21T10:22:08Z" level=info msg="Sending notification about condition 'on-sync-failed.[0].H9WjsqG1dKYm6njOZ7yUQYOA1Wk' to '{gmail [email protected]}' using the configuration in namespace argocd" resource=argocd/newer time="2023-12-21T10:22:08Z" level=error msg="Failed to notify recipient {gmail [email protected]} defined in resource argocd/newer: tls: server selected unsupported protocol version 301 using the configuration in namespace argocd" resource=argocd/newer time="2023-12-21T10:22:08Z" level=info msg="Trigger on-sync-running result: [{[0].xGlbhcF_taGYrI3UsrQsINn2hl0 [app-sync-running] false}]" resource=argocd/newer time="2023-12-21T10:22:08Z" level=info msg="Processing completed" resource=argocd/newer

rshiva777 avatar Dec 21 '23 10:12 rshiva777

Hello @rshiva777 ,

Do you have any news/updates concerning this issue ? I have ran into the same problem with a different message.

ArgoCD v2.9.2 with argocd-notification-controller enabled without authentication.

service.email.relay: | host: smtprelay.company.local port: 25 from: [email protected] insecure_skip_verify: true

I received this error Failed to notify recipient {relay [email protected]} defined in resource argocd/grafana: 454 4.7.0 TLS not available due to local problem using the configuration in namespace argocd" resource=argocd/grafana

We used a smtp relay server without TLS. How can we disable the TLS verification ? It seems that the config "insecure_skip_verify" didn't work as expected.

Thanks

nhat-tong avatar Feb 26 '24 16:02 nhat-tong

Similar problem for me : Notification is working with gmail on port 465, but not for internal mail server on port 587 No connection logged on the internal mail server Definition of the service : "service.email.outils": " host: mail.outils.svc port: 587 from: $email-username-outils insecure_skip_verify: true I have tried with or without insecure_skip_verify Even tried to add a username and password without success

JLO974-2 avatar Apr 23 '24 05:04 JLO974-2

Similar problem for me : Notification is working with gmail on port 465, but not for internal mail server on port 587 No connection logged on the internal mail server Definition of the service : "service.email.outils": " host: mail.outils.svc port: 587 from: $email-username-outils insecure_skip_verify: true I have tried with or without insecure_skip_verify Even tried to add a username and password without success

Removing outils from the end of service.email.outils seemed to get me a little further... I am now getting a timeout issue.

Ryanj535 avatar May 02 '24 17:05 Ryanj535