fleet icon indicating copy to clipboard operation
fleet copied to clipboard
verified publisher icon rancher

[SURE-8993] CABundle secret not created for gitjob

Open sebastienmusso opened this issue 1 year ago • 3 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Current Behavior

When create a gitrepo with CABundle string, git-sync job is created with an extra volume secret wich does not exist. The init container remain in pending state because of the missing secret

Expected Behavior

When a gitrepo is created with CABundle spec field, the secret with gitrepoName-cabundle have to be created

Steps To Reproduce

  • Architecture: amd64
  • Fleet Version: v0.10.1
  • Cluster:
    • Provider: rke2
    • Options: none
    • Kubernetes Version: v1.28.11+rke2r1

install fleet v0.10.1, create gitrepo with caBundle spec field set. Wait gitsync pod de start

Environment

- Architecture:
- Fleet Version:
- Cluster:
  - Provider:
  - Options:
  - Kubernetes Version:

Logs

No response

Anything else?

No response

sebastienmusso avatar Sep 11 '24 08:09 sebastienmusso

An integration test would be helpful, to make sure this stays in place.

manno avatar Sep 11 '24 10:09 manno

Additional QA

See this comment

weyfonk avatar Sep 17 '24 14:09 weyfonk

@manno shouldn't this be targeting 2.9.x instead ? https://github.com/rancher/fleet/issues/2829 ftw !

kkaempf avatar Sep 18 '24 07:09 kkaempf

Verified in v2.10-fe49760f4e50d0b78ca0102c8475bc93361336b0-head with fleet:105.0.0+up0.11.0-beta.3

  • ca-bundle secret IS created when TLS cert is added
  • ca-bundle secret IS NOT created when TLS cert is not added

image

mmartin24 avatar Oct 29 '24 17:10 mmartin24