tls email not populated

[dicolasi]

Summary

TLS email not populated in jx-requirements, resulting in a error in git-operator.

Steps to reproduce the behavior

In main.tf set tls_email = "[email protected]" Execute terraform apply

Expected behavior

In jx-requirements.yml, the ingress section should be populated with the following:

tls:
    email: "[email protected]"

Actual behavior

    tls:
      email: ""

Git operator fails with the following error:

│ jx verify ingress                                                                                                                                                                                                                                                            │
│ error: You must provide a valid email address to enable TLS so you can receive notifications from LetsEncrypt about your certificates: mail: no address

Terraform version

The output of terraform version is:

Terraform v0.13.5
+ provider registry.terraform.io/hashicorp/aws v3.16.0
+ provider registry.terraform.io/hashicorp/helm v1.3.2
+ provider registry.terraform.io/hashicorp/kubernetes v1.11.1
+ provider registry.terraform.io/hashicorp/local v1.4.0
+ provider registry.terraform.io/hashicorp/null v2.1.2
+ provider registry.terraform.io/hashicorp/random v2.3.1
+ provider registry.terraform.io/hashicorp/template v2.2.0

Module version

Operating system

[ankitm123]

/assign

[dicolasi]

just to add to this: the same applies to everything under ingress in jx-requirements.yaml. An example is externalDNS, which defaults to false even if main.tf says true.

[ankitm123]

So, I tried to reproduce it with this:

module "eks-jx" {
  source                               = "../../"
  region                               = var.region
  use_vault                            = var.use_vault
  use_asm                              = var.use_asm
  is_jx2                               = false
  enable_worker_groups_launch_template = true
  encrypt_volume_self                  = true
  tls_email                            = "[email protected]"
}

I see in the configmap:

ingress:
                  domain: ""
                  ignoreLoadBalancer: false
                  externalDNS: false
                  tls:
                    email: "[email protected]"
                    enabled: false
                    production: false

@dicolasi when you do a plan, what does it show in the plan? it seems to populate the right value for email for me.

[dicolasi]

Strange. Just created 3 new clusters and I see the same behaviour. I can only see this: ingress: domain: data.property.xyz externalDNS: true namespaceSubDomain: -jx. tls: email: "" enabled: true production: true

Enabled | Production | domain | externalDNS are correctly populated. Email still empty...

Here another example: main.tf

tls_email = "[email protected]" enable_tls = true production_letsencrypt = true enable_external_dns = true

jx-requirements.yaml:

ingress: domain: "" externalDNS: false namespaceSubDomain: -jx. tls: email: "" enabled: false production: false

[marsdalesa]

I experienced the same issue when creating a cluster 3 days ago - will be building from scratch soon so will chime in if I see the same again as well.

[frankvollenweider]

I have the same issue while building a new jx3 cluster today. jx version: 3.0.787 terraform version: v0.13.5

[jenkins-x-bot]

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with /close. Provide feedback via https://jenkins-x.io/community. /lifecycle stale