charts icon indicating copy to clipboard operation
charts copied to clipboard

Published 20 hours ago verified publisher icon kedacore

Helm chart not correctly rendering when using additional annotations and azure workload identity

Open tkennes opened this issue 1 year ago • 5 comments

A clear and concise description of what the bug is.

Expected Behavior

Helm template rendering

Actual Behavior

Issue. Cannot convert YAML to JSON

Steps to Reproduce the Problem

  1. Set podIdentity.azureWorkload.enabled: true
  2. Set additionalAnnotations: key: value
  3. Run a helm template dry-run

Specifications

  • KEDA Version: 2.10.2

Fix

  • Change indent to nindent here: https://github.com/kedacore/charts/blob/main/keda/templates/01-serviceaccount.yaml#L14, or remove the annotation on the service account altogether.

I tried to submit a pull request myself, but I'm not allowed to push a branch.

tkennes avatar May 08 '23 12:05 tkennes

I'm trying to use additionalAnnotations from the 2.9.4 chart which has nindent in it and it isn't working either. There's something broken going on with the annotations. I'm wondering if some neighboring field is gobbling whitespace incorrectly. I'm using aws annotations instead of azure.

jared-schmidt-niceincontact avatar May 08 '23 22:05 jared-schmidt-niceincontact

Running a dry-run for the sa gives me this:

# Source: nlaks-keda/charts/keda/templates/01-serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    app.kubernetes.io/name: keda-operator
    azure.workload.identity/use: "true"    
    helm.sh/chart: keda-2.10.2
    app.kubernetes.io/component: operator
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/instance: keda-deployment
    app.kubernetes.io/part-of: keda-operator
    app.kubernetes.io/version: 2.10.1
  annotations:    keda: keda
    azure.workload.identity/client-id: "8684c9da-0d13-4d14-89e3-1bef458d3940"
    azure.workload.identity/tenant-id: "ac9c9f22-b439-4f4e-848c-a4b0fe3a8215"
    azure.workload.identity/service-account-token-expiration: "3600"
  name: keda-operator
  namespace: tmp
automountServiceAccountToken: true

hence why I mentioned nindent. What do you get for AWS?

tkennes avatar May 09 '23 08:05 tkennes

Looks like the issue is probably here: annotations: keda: keda

Are you willing to contribute a fix?

tomkerkhove avatar May 09 '23 10:05 tomkerkhove

Exactly, that's why I proposed the nindent :).

Sure. But I'll provide a couple more fixes. The reason I have this weird annotation is because of issues on my servicemonitors, it's a bit wonky with resources in a permanent state of out-of-sync under ArgoCD management.

tkennes avatar May 09 '23 10:05 tkennes

I opened a PR (#441) that revamps annotations all over the helm chart so they will actually work correctly. There is a problem where the '{}' gets included in the annotations even when you override the value with something else. There's also an issue with empty annotations. So, I modified that in all of the templates. The PR also fixes the whitespace gobbling issues.

jared-schmidt-niceincontact avatar May 15 '23 21:05 jared-schmidt-niceincontact