helm-charts icon indicating copy to clipboard operation
helm-charts copied to clipboard
verified publisher icon cloudflare

Cloudflare helm chart does not work when we use secretname reference for secrets.

Open Taran-asapp opened this issue 1 year ago • 3 comments

I'm trying to deploy the cloudflare tunnel using helm chart and i passed the secret name in the values.yaml file, but it seems like it is not able to read the secret correctly from the secrets. Getting the below error

2024-12-16T10:45:33Z ERR Failed to serve quic connection error="Unauthorized: Failed to get tunnel" connIndex=0 event=0 
ip=x.x.x.x
2024-12-16T10:45:33Z ERR Register tunnel error from server side error="Unauthorized: Failed to get tunnel" connIndex=0 event=0 ip=x.x.x.x
2024-12-16T10:45:33Z INF Retrying connection in up to 16s connIndex=0 event=0 ip=x.x.x.x

but when i modify the chart and pass tunnel token in the argument it is working as expected. --token $TOKEN To validate further, i create the yaml file from helm chart (using helm template command ) by passing all the values to the values.yaml, and created the secret from there and passed the reference of secret name in deployment but still name issue.

Version -- 2024.8.3 chart version -- 0.3.2

Any thoughts?

Taran-asapp avatar Dec 16 '24 11:12 Taran-asapp

Hi, I added the below and worked for me

cloudflare:
  tunnelName: 'cloudflare-tunnel'
  secretName: cloudflare-tunnel-credentials

vladciobancai avatar Dec 30 '24 11:12 vladciobancai

Hey @vladciobancai , can you please share the object defination of the secret, I tried this too, but it was not working for me.

Taran-asapp avatar Jan 02 '25 14:01 Taran-asapp

Hey @vladciobancai , can you please share the object defination of the secret, I tried this too, but it was not working for me.

I have used this tutorial https://developers.cloudflare.com/cloudflare-one/tutorials/many-cfd-one-tunnel/

the secret command kubectl create secret generic cloudflare-tunnel-credentials --namespace cloudflare --from-file=credentials.json=.cloudflared/1873ff49-10d9-4375-b6ea-7492a72cc0a1.json

the secret file

apiVersion: v1
kind: Secret
metadata:
  name: cloudflare-tunnel-credentials
  namespace: cloudflare
data:
  credentials.json: >-
    eyJBY2NvdW50VGFnIjoiYzk..... [base64 encode]
type: Opaque

the json is format of

{"AccountTag":"c952ce....","TunnelSecret":"s7l9zAvO....","TunnelID":"1873f...."}

the credentials json is created by running cloudflared tunnel create example-tunnel

vladciobancai avatar Jan 02 '25 14:01 vladciobancai