flame icon indicating copy to clipboard operation
flame copied to clipboard
verified publisher icon fdarveau

Kubernetes integration broken by small typo

Open tillo opened this issue 1 year ago • 5 comments

The following code doesn't work because the annotation is supposed to be flame.pawelmalak/name and not flame.pawelmalak/.name. https://github.com/fdarveau/flame/blob/32324ed6967743250460a44a0e5407579b5805d3/controllers/apps/docker/useKubernetes.js#L63

tillo avatar Sep 25 '24 13:09 tillo

Thanks for the bug report and the solution.

Since I don't have a Kubernetes setup to test on, could you pull ghcr.io/fdarveau/flame:fix_kubernetes_annotation and confirm the fix is working?

I will complete #27 once you confirm to push the fix to the latest tag.

fdarveau avatar Sep 26 '24 19:09 fdarveau

@fdarveau maybe the OP was a TrueNAS Scale user, as 24.04 and earlier used a lightweight kubernetes.

However, in October, TrueNAS dropped k3s all together and went to pure Docker. So we no longer have k8s cluster to test on. lol

eduncan911 avatar Jan 06 '25 00:01 eduncan911

I'm sorry for the long delay, I completely missed the notification and applied my own patch in the meantime.

I confirm that the patch in fix_kubernetes_annotation works, but there is another fatal bug in the same file that I've worked around for the last few months:

      throw new sequelizeError.ValidationError(null, this.errors);
            ^
ValidationError [SequelizeValidationError]: notNull Violation: App.categoryId cannot be null
    at InstanceValidator._validate (/app/node_modules/sequelize/lib/instance-validator.js:50:13)
    at async InstanceValidator._validateAndRunHooks (/app/node_modules/sequelize/lib/instance-validator.js:60:7)
    at async InstanceValidator.validate (/app/node_modules/sequelize/lib/instance-validator.js:54:12)
    at async model.save (/app/node_modules/sequelize/lib/model.js:2426:7)
    at async App.create (/app/node_modules/sequelize/lib/model.js:1362:12)
    at async useKubernetes (/app/controllers/apps/docker/useKubernetes.js:108:9)
    at async /app/utils/init/initIntegrationsApps.js:18:5
    at async /app/server.js:30:3 {
  errors: [

The patch is easy:

    +++ controllers/apps/docker/useKubernetes.js
    @@ -85,12 +85,6 @@
                 orderId: orders[i] || 500,
               });
             }
    -
    -        kubernetesApps.push({
    -          name: annotations['flame.pawelmalak/name'],
    -          url: annotations['flame.pawelmalak/url'],
    -          icon: annotations['flame.pawelmalak/icon'] || 'kubernetes',
    -        });
           }
         }

The deleted code is not useful (the actual push is done correctly just above) and raises the exception because it's missing the mandatory categoryId.

I like using original images and patch things an runtime using a custom entrypoint, but with your latest image it got harder (unprivileged container cannot run apk to install patch anymore).

If you prefer I can fork your repo and create a PR directly.

tillo avatar Mar 29 '25 20:03 tillo

has there been any progress with this fix implementation and for multiarch?

cfios4 avatar May 03 '25 07:05 cfios4

I'm going to share my full runtime-patching workaround, in case it may be useful to anyone else.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: flame
  namespace: flame
spec:
  selector:
    matchLabels:
      app: flame
  replicas: 1
  template:
    metadata:
      labels:
        app: flame
    spec:
      serviceAccountName: flame
      containers:
      - name: flame
        image: ghcr.io/fdarveau/flame
        ports:
        - containerPort: 5005
        command: ['/bin/sh']
        args:
        - '+x'
        - '-c'
        - >-
          apk add --no-cache patch
          && patch -l -N -t -p3 -i /mnt/patches/dot-name-bug.patch /app/controllers/apps/docker/useKubernetes.js
          && patch -l -N -t -p3 -i /mnt/patches/category-bug.patch /app/controllers/apps/docker/useKubernetes.js
          && node server.js
          || sleep infinity
        volumeMounts:
        - name: flame-patches
          mountPath: /mnt/patches
      volumes:
      - name: flame-patches
        configMap:
          name: flame-patches
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: flame-patches
  namespace: flame
data:
  dot-name-bug.patch: |
    --- controllers/apps/docker-orig/useKubernetes.js
    +++ controllers/apps/docker/useKubernetes.js
    @@ -60,7 +60,7 @@
             /^app/.test(annotations['flame.pawelmalak/type'])
           ) {

    -        const names = annotations['flame.pawelmalak/.name'].split(';');
    +        const names = annotations['flame.pawelmalak/name'].split(';');
             const urls = annotations['flame.pawelmalak/url'].split(';');
             const categoriesLabels = annotations['flame.pawelmalak/category'] ? annotations['flame.pawelmalak/category'].split(';') : [];
             const orders = annotations['flame.pawelmalak/order'] ? annotations['flame.pawelmalak/order'].split(';') : [];
  category-bug.patch: |
    --- controllers/apps/docker-orig/useKubernetes.js
    +++ controllers/apps/docker/useKubernetes.js
    @@ -85,12 +85,6 @@
                 orderId: orders[i] || 500,
               });
             }
    -
    -        kubernetesApps.push({
    -          name: annotations['flame.pawelmalak/name'],
    -          url: annotations['flame.pawelmalak/url'],
    -          icon: annotations['flame.pawelmalak/icon'] || 'kubernetes',
    -        });
           }
         }

It works with the latest image, but not with fix_kubernetes_annotation (not because it's already half-patched, but because I cannot run apk on it).

tillo avatar May 04 '25 20:05 tillo