Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(crowdsec): Prevent empty annotation error for cert manifests #220

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(crowdsec): Prevent empty annotation error for cert manifests #220

wants to merge 1 commit into from

Conversation

holysoles
Copy link

Problem

When using a values file like the following (taken from this crowdsec blog post):

container_runtime: containerd
tls:
  enabled: true
  bouncer:
    reflector:
      namespaces: ["traefik"]
agent:
  # Specify each pod whose logs you want to process
  acquisition:
    - namespace: traefik
      podName: traefik-*
      program: traefik
  env:
    - name: PARSERS
      value: "crowdsecurity/cri-logs"
    - name: COLLECTIONS
      value: "crowdsecurity/traefik"
    - name: DISABLE_PARSERS
      value: "crowdsecurity/whitelists"
  persistentVolume:
    config:
      enabled: false
lapi:
  dashboard:
    enabled: false
    ingress:
      host: my-crowdsec.lan
      enabled: true
  persistentVolume:
    config:
      enabled: false
  env:
    - name: DISABLE_ONLINE_API
      value: "true"

The following error is observed:

Could not determine release state: unable to determine cluster state: Certificate/crowdsec/crowdsec-agent dry-run failed (Invalid): Certificate.cert-manager.io "crowdsec-agent" is invalid: spec.secretTemplate.annotations: Invalid value: "null": spec.secretTemplate.annotations in body must be of type object: "null"

This is because the annotations key is set empty in the
agent-certificate and bouncer-certificate resource files.

Proposed Solution

Implement similar logic that exists in the lapi-certificate template file, meaning only add the annotations key if we'll be populating it.

@github-actions GitHub Actions
Copy link

@holysoles: There are no 'kind' label on this PR. You need a 'kind' label to generate the release automatically.

  • /kind feature
  • /kind enhancement
  • /kind fix
  • /kind chore
  • /kind dependencies
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the forked project rr404/oss-governance-bot repository.

@github-actions github-actions bot added the needs/kind Kind label required label Dec 27, 2024
@github-actions GitHub Actions
Copy link

@holysoles: There are no area labels on this PR. You can add as many areas as you see fit.

  • /area agent
  • /area local-api
  • /area cscli
  • /area security
  • /area configuration
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the forked project rr404/oss-governance-bot repository.

@holysoles
Copy link
Author

/area configuration

@holysoles
Copy link
Author

/kind fix

@github-actions github-actions bot added kind/fix fixing a bug and removed needs/kind Kind label required labels Dec 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mmetc mmetc mmetc approved these changes

Assignees
No one assigned
Labels
area/configuration kind/fix fixing a bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@holysoles @mmetc