gitops-operator icon indicating copy to clipboard operation
gitops-operator copied to clipboard

Published 20 hours ago verified publisher icon redhat-developer

Server ingress not setting `ingressClassName` once ArgoCD instance gets updated with the field

Open slopezz opened this issue 1 year ago • 1 comments

Describe the bug

We are using Red Hat OpenShift GitOps operator on stable channel,with automatic updates, exactly openshift-gitops-operator.v1.7.4.

Our ArgoCD instance uses the Ingress object in the spec.server config to publish the server.

We have just upgraded to OCP 4.12.33, and obtained a prometheus alert called IngressWithoutClassName, and the reason is that the ingress created by the openshift-gitops-operator was not setting the ingressClassName.

To resolve the alert, we have updated our ArgoCD instance to include the missing ingressClassName field:

apiVersion: argoproj.io/v1alpha1
kind: ArgoCD
metadata:
  name: argocd
spec:
  server:
    host: gitops.example.net
    ingress:
      annotations:
        cert-manager.io/cluster-issuer: letsencrypt-production
        external-dns.alpha.kubernetes.io/target: gitops.apps.example-cluster.example.net
      enabled: true
      ingressClassName: openshift-default  ## THIS
      tls:
        - hosts:
            - gitops.example.net
          secretName: gitops.example.net-cert
...

However, the ingress created by openshift-gitops-operator is not updated on the next operator reconcile:

kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-production
    external-dns.alpha.kubernetes.io/target: gitops.apps.example-cluster.example.net
  name: argocd-server
spec:
  tls:
    - hosts:
        - gitops.example.net
      secretName: gitops.example.net-cert
  rules:
    - host: gitops.example.net
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: argocd-server
                port:
                  name: http

Expected behavior

I would expect, that after adding the field spec.server.ingress.ingressClassName to the ArgoCD instance, openshift-gitops-operator would reconcile the Ingress and add the ingressClassName field to the Ingress resource:

kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-production
    external-dns.alpha.kubernetes.io/target: gitops.apps.example-cluster.example.net
  name: argocd-server
spec:
  ingressClassName: openshift-default   ## THIS
  tls:
    - hosts:
        - gitops.example.net
      secretName: gitops.example.net-cert
  rules:
    - host: gitops.example.net
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: argocd-server
                port:
                  name: http

Screenshots image

Additional context N/A

slopezz avatar Sep 28 '23 10:09 slopezz

Was able to reproduce this, made corresponding jira for this here: https://issues.redhat.com/browse/GITOPS-3412

reginapizza avatar Sep 28 '23 16:09 reginapizza