terraform-provider-flux icon indicating copy to clipboard operation
terraform-provider-flux copied to clipboard

Published 20 hours ago verified publisher icon fluxcd

Source Controller unable to clone when bootstrapped using Terraform

Open winniegakuru opened this issue 3 years ago • 2 comments

Hi, I am getting a particularly odd outcome when I bootstrap an EKS cluster using Terraform. I get the error below:

level":"error","ts":"2022-10-21T14:39:53.699Z","msg":"Reconciler error","controller":"gitrepository","controllerGroup":"source.toolkit.fluxcd.io","controllerKind":"GitRepository","GitRepository":{"name":"flux-system","namespace":"flux-system"},"namespace":"flux-system","name":"flux-system","reconcileID":"b7ddf3e2-2990-4295-a3f8-cd6732bbdb16","error":"failed to checkout and determine revision: unable to clone 'https://gitlab.xxxxxxx.com/dev/fluxv2/xxxxxx.git': authentication required

This is the flux version installed

This manifest was generated by flux. DO NOT EDIT.
Flux Version: v0.35.0
 Components: source-controller,kustomize-controller,helm-controller,notification-controller,image-reflector-controller,image-automation-controller
apiVersion: v1
kind: Namespace
metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    app.kubernetes.io/version: v0.35.0
    pod-security.kubernetes.io/warn: restricted
    pod-security.kubernetes.io/warn-version: latest
  name: flux-system
.....

Flux secret was created successfully.

>>>>>(main) $ kubectl -n flux-system get secrets
NAME                                      TYPE                                  DATA   AGE
default-token-flncz                       kubernetes.io/service-account-token   3      52m
flux-system                               Opaque                                2      52m
helm-controller-token-4nsdw               kubernetes.io/service-account-token   3      52m
image-automation-controller-token-4679s   kubernetes.io/service-account-token   3      52m
image-reflector-controller-token-6p5pg    kubernetes.io/service-account-token   3      52m
kustomize-controller-token-52kwk          kubernetes.io/service-account-token   3      52m
notification-controller-token-sz74d       kubernetes.io/service-account-token   3      52m
source-controller-token-8kttr             kubernetes.io/service-account-token   3      52m

NB: Bootstrapping through CLI works very well using the same Gitlab PAT:

I also had bootstrapped another cluster using terraform ( Flux v0.30.2 component manifests) And it was successful. Not sure if it is a version issue.

winniegakuru avatar Oct 21 '22 15:10 winniegakuru

Having the exact same issue here. Also tried to make my repository public, because I thought maybe something would be bad with authentication, but it seems it doesn't help.

Have been following the official setup guide strictly.

{"level":"error","ts":"2022-12-04T09:09:52.878Z","msg":"failed to checkout and determine revision: unable to clone 'ssh://[email protected]/mr-pascal/test-provider.git': dial tcp: lookup github.com on 127.0.0.53:53: read udp 127.0.0.1:49533->127.0.0.53:53: read: connection refused","controller":"gitrepository","controllerGroup":"source.toolkit.fluxcd.io","controllerKind":"GitRepository","GitRepository":{"name":"flux-system","namespace":"flux-system"},"namespace":"flux-system","name":"flux-system","reconcileID":"817e4411-d67b-4edc-8d23-695093b879e5","error":"failed to checkout and determine revision: unable to clone 'ssh://[email protected]/mr-pascal/test-provider.git': dial tcp: lookup github.com on 127.0.0.53:53: read udp 127.0.0.1:49533->127.0.0.53:53: read: connection refused"}
{"level":"error","ts":"2022-12-04T09:10:07.884Z","msg":"unable to record event","name":"flux-system","namespace":"flux-system","reconciler kind":"GitRepository","error":"POST http://notification-controller.flux-system.svc.cluster.local./ giving up after 5 attempt(s): Post \"http://notification-controller.flux-system.svc.cluster.local./\": dial tcp: lookup notification-controller.flux-system.svc.cluster.local. on 127.0.0.53:53: read udp 127.0.0.1:39150->127.0.0.53:53: read: connection refused"}
{"level":"error","ts":"2022-12-04T09:10:07.927Z","msg":"Reconciler error","controller":"gitrepository","controllerGroup":"source.toolkit.fluxcd.io","controllerKind":"GitRepository","GitRepository":{"name":"flux-system","namespace":"flux-system"},"namespace":"flux-system","name":"flux-system","reconcileID":"817e4411-d67b-4edc-8d23-695093b879e5","error":"failed to checkout and determine revision: unable to clone 'ssh://[email protected]/mr-pascal/test-provider.git': dial tcp: lookup github.com on 127.0.0.53:53: read udp 127.0.0.1:49533->127.0.0.53:53: read: connection refused"}

Edit: I found this where someone had a similar issue, it seems to WORK now, that I changed the following: image Even though I am not so sure about the change, since the file mentioned, that it should NOT be edited

mr-pascal avatar Dec 04 '22 09:12 mr-pascal

@winniegakuru Even though already run into the next "connection" issue.

 failed to download archive, error: GET http://source-controller.flux-system.svc.cluster.local./gitrepository/flux-system/flux-system/c47fbfe032f3d94877e6cc63208baa0909aad6b7.tar.gz giving up after 10 attempt(s): Get "http://source-controller.flux-system.svc.cluster.local./gitrepository/flux-system/flux-system/c47fbfe032f3d94877e6cc63208baa0909aad6b7.tar.gz": dial tcp: lookup source-controller.flux-system.svc.cluster.local. on 8.8.8.8:53: no such host

image

Edit: A completely destroy of all resources and a re-creation seems to have helped.

mr-pascal avatar Dec 04 '22 09:12 mr-pascal

Hi @winniegakuru 👋

I hope you are doing well! As part of our ongoing effort to maintain and improve the quality of our project, I've been reviewing open issues and came across the one you've reported. First off, thank you for taking the time to contribute by reporting this issue; your input is crucial to us.

Upon reviewing the details of your issue, I noticed that it involves the use of a resource or feature that has yet to be supported since the 1.0.0 release of our project, which was approximately 9 months ago. This might be a key factor in the challenges you're experiencing. We understand that changes and deprecations can impact your work, and we're here to help navigate these transitions. If there are specific reasons you've continued using this unsupported resource or if there's any way we can assist in migrating to a supported alternative, please let us know.

Additionally, to ensure the efficient management of our issue tracker and to focus on issues that are actively affecting our community, we have implemented a policy for issues that remain inactive. If there is no activity on this issue within the next 3 weeks, we will consider the issue inactive and close it for you. This doesn't mean your issue is not important to us, but rather that we aim to keep our focus on actively pursued concerns. Of course, if the issue continues or if you have further updates in the future, feel free to reopen the issue or create a new one.

Thank you once again for your contribution to our project. Your feedback not only helps us improve but also supports the broader community in overcoming similar challenges. We look forward to hearing from you and hope to resolve any outstanding concerns together.

Best regards,

Steve

swade1987 avatar Apr 01 '24 13:04 swade1987