Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ImageUpdateAutomation fails while cloning the git repository. #207

Closed
Tracked by #2593
amithapa opened this issue Jul 31, 2021 · 5 comments
Closed
Tracked by #2593

ImageUpdateAutomation fails while cloning the git repository. #207

amithapa opened this issue Jul 31, 2021 · 5 comments
Labels
bug Something isn't working

Comments

@amithapa
Copy link

My flux setup is as follows:
I have two git repositories:

  • k8-cluster (Managed by the DevOps to provision the flux and other deployments)
  • k8-deployments (Managed by the Developers)

While referencing k8-deployments sourceRef in ImageUpdateAutomation I get an error.

unable to clone 'ssh://git@github.com/amithapa/k8-deployments', error: Certificate

If I reference k8-cluster it works without any error.

imageupdateautomation.yaml

apiVersion: image.toolkit.fluxcd.io/v1beta1
kind: ImageUpdateAutomation
metadata:
  name: apps-deployment
  namespace: flux-system
spec:
  interval: 1m0s
  sourceRef:
    kind: GitRepository
    name: apps-deployment

  git:
    checkout:
      ref:
        branch: main
    commit:
      author:
        email: amit@examle.com
        name: fluxcdbot
      messageTemplate: '{{range .Updated.Images}}{{println .}}{{end}}'
    push:
      branch: main
  update:
    path: ./dev
    strategy: Setters

Source output

$ flux get source all --all-namespaces
NAMESPACE  	NAME                                	READY	MESSAGE                                                           	REVISION                                        	SUSPENDED 
dev-app   	gitrepository/app-backend            	True 	Fetched revision: develop/a3bc178c92e08884b628c7bd19c42de6dab38d9c	develop/a3bc178c92e08884b628c7bd19c42de6dab38d9c	False    	
flux-system	gitrepository/flux-system           	True 	Fetched revision: main/596bf3d8e78519dd2735521028f365cbec1b8804   	main/596bf3d8e78519dd2735521028f365cbec1b8804   	False    	
flux-system	gitrepository/apps-deployment	        True 	Fetched revision: main/cda81fd0f1f0aa9413d49dc49a0304cd7346ff79   	main/cda81fd0f1f0aa9413d49dc49a0304cd7346ff79   	False

Images output with k8-cluster sourceref

$ flux get images all --all-namespaces
NAMESPACE	NAME                        	READY	MESSAGE                       	LAST SCAN                	SUSPENDED 
dev-app 	imagerepository/app-backend	True 	successful scan, found 85 tags	2021-08-01T03:24:07+05:30	False    	

NAMESPACE	NAME                           	READY	MESSAGE                                                                                   	LATEST IMAGE                                           
dev-app 	imagepolicy/app-backend-policy	True 	Latest image tag for 'docker.io/amithapa/app-backend' resolved to: dev-2021-07-30T00-02-00Z	docker.io/amithapa/app-backend:dev-2021-07-30T00-02-00Z

NAMESPACE  	NAME                                        	READY	MESSAGE                                                                            	LAST RUN	SUSPENDED 
flux-system	imageupdateautomation/apps-deployment	False	unable to clone 'ssh://git@github.com/amithapa/k8-deployments', error: Certificate	        	False

Images output with k8-deployment sourceref

$ flux get images all --all-namespaces
NAMESPACE	NAME                        	READY	MESSAGE                       	LAST SCAN                	SUSPENDED 
dev-app 	imagerepository/app-backend	True 	successful scan, found 85 tags	2021-08-01T03:24:07+05:30	False    	

NAMESPACE	NAME                           	READY	MESSAGE                                                                                   	LATEST IMAGE                                           
dev-app 	imagepolicy/app-backend-policy	True 	Latest image tag for 'docker.io/amithapa/app-backend' resolved to: dev-2021-07-30T00-02-00Z	docker.io/amithapa/app-backend:dev-2021-07-30T00-02-00Z

NAMESPACE  	NAME                                        	READY	MESSAGE        	LAST RUN                 	SUSPENDED 
flux-system	imageupdateautomation/apps-deployment	True 	no updates made	2021-08-01T03:39:58+05:30	False
@squaremo squaremo changed the title ImageUpdateAutomation fails while cloning the git repoisotry. ImageUpdateAutomation fails while cloning the git repository. Aug 24, 2021
@squaremo
Copy link
Member

Sorry for taking a while to get to this @amithapa. The same error message was also reported in fluxcd/source-controller#433. Can I ask you to check whether setting gitImplementation: libgit2 in the spec of the GitRepository for k8s-deployments causes the source to fail, too?

If I reference k8-cluster it works without any error.

Oh! Can you figure out any difference between these two GitRepository objects, or their accompanying secrets? Does the secret for k8s-cluster have a different set of data fields, for example.

@pjbgf
Copy link
Member

pjbgf commented Mar 21, 2022
edited
Loading

A lot of changes took place since this issue was created, focusing on improving git operations stability and the level of details within the error messages.

If you are still experiencing this, can you please try again using the image-automation-controller version v0.21.0 (to be released tomorrow) and let us know how you get on?

@pjbgf pjbgf added the bug Something isn't working label Mar 22, 2022
@pjbgf pjbgf mentioned this issue Mar 29, 2022
Closed
35 tasks
@pjbgf
Copy link
Member

pjbgf commented May 3, 2022

Closing this due to lack of activity. Happy to reopen in case the same issue is being experienced on the latest versions of the controller.

@pjbgf pjbgf closed this as completed May 3, 2022
@bibAtWork
Copy link

bibAtWork commented Jul 25, 2022
edited
Loading

imageupdateautomation.yaml

apiVersion: image.toolkit.fluxcd.io/v1beta1
kind: ImageUpdateAutomation
metadata:
  name: my-app-auto
  namespace: flux-system
spec:
  interval: 3m0s
  sourceRef:
    kind: GitRepository
    name: flux-system ## kubectl get GitRepository --all-namespaces
    namespace: flux-system
  git:
    checkout:
      ref:
        branch: master
    commit:
      author:
        email: my.user@base.com
        name: FluxBot

gotk-sync.yaml

# This manifest was generated by flux. DO NOT EDIT.
---
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: GitRepository
metadata:
  name: flux-system
  namespace: flux-system
spec:
  gitImplementation: libgit2
  interval: 1m0s
  ref:
    branch: master
  secretRef:
    name: flux-system
  url: ssh://git@git.my-company.com/org/GitOps.git
---
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
  name: flux-system
  namespace: flux-system
spec:
  interval: 3m0s
  path: ./non-prod/namespaces
  prune: true
  sourceRef:
    kind: GitRepository
    name: flux-system

Source output

$ flux get source all --all-namespaces

NAMESPACE       NAME                            REVISION        SUSPENDED       READY   MESSAGE
flux-system     gitrepository/flux-system       master/8f93aea  False           True    stored artifact for revision 'master/8f93aea4a0694d784b6118012f03b7187bee8c17'

Images output with k8-cluster sourceref

$ flux get images all --all-namespaces

NAMESPACE       NAME                                    LAST RUN        SUSPENDED       READY   MESSAGE                                                                                                 
flux-system     imageupdateautomation/my-app-auto                       False           False   unable to fetch-connect to remote 'ssh://git@git.daimler.com/DIALOG/GitOps.git': ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

Container Images used

$ kubectl get deployments -n flux-system -o yaml | grep -i image:

    image: ghcr.io/fluxcd/helm-controller:v0.22.1
    image: ghcr.io/fluxcd/image-automation-controller:v0.23.4
    image: ghcr.io/fluxcd/image-reflector-controller:v0.19.2
    image: ghcr.io/fluxcd/kustomize-controller:v0.26.2
    image: ghcr.io/fluxcd/notification-controller:v0.24.0
    image: ghcr.io/fluxcd/source-controller:v0.25.9

Additional Information

  • GitHub Enterprise v3.3.7
  • Kubernetes: GitVersion:"v1.23.6-dhc", GoVersion:"go1.17.9", Compiler:"gc", Platform:"linux/amd64"
  • FluxCD bootstrapped with Terraform fluxcd/flux v0.15.3
  • Same error occurred for fluxcd/source-controller, but was fixed by changing gitImplementation: libgit2
  • fluxcd/kustomize-controller is working correctly
  • Tested versions v0.23.3,v0.23.4,v0.23.5 of fluxcd/image-automation-controller. Thought that the issue might be related to changed made in v0.23.4
  • Tutorial: https://fluxcd.io/docs/migration/flux-v1-automation-migration/#making-an-automation-object
  • git_implementation = "libgit2"
  • known_hosts = "git.my-company.com,53.18.191.110,141.113.0.105 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBN8wdv1Y38ZltBm4w46yC6Ui1KsAG1niOnoL/7sgU3qGBiDyT81R9oX9W4KTrOSQvBRSFo50DmwhSLj/ySBqnQ8="

Please let me know if additional information is required @pjbgf @stefanprodan

@bibAtWork
Copy link

@pjbgf @stefanprodan
updating fluxcd/image-automation-controller to v0.24.2 fixed the problem. Thanks for you continuous commitment to the project

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@squaremo @pjbgf @amithapa @bibAtWork