Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OCIrepository: not able to apply yaml #5153

Open
1 task done
LittaKake opened this issue Jan 20, 2025 · 1 comment
Open
1 task done

OCIrepository: not able to apply yaml #5153

LittaKake opened this issue Jan 20, 2025 · 1 comment

Comments

@LittaKake
Copy link

Describe the bug

When trying to apply manifests from an oci repository I get this error from the kustomization object.

flux get ks
NAME REVISION SUSPENDED READY MESSAGE
flux-system main@sha1:e8e82c0d False True Applied revision: main@sha1:e8e82c0d
securecodebox main@sha1:e8e82c0d False True Applied revision: main@sha1:e8e82c0d
tenants main@sha1:e8e82c0d False True Applied revision: main@sha1:e8e82c0d

k get kustomizations.kustomize.toolkit.fluxcd.io -n securecodebox securecodebox
NAME AGE READY STATUS
securecodebox 31m False failed to decode Kubernetes YAML from /tmp/kustomization-3934915096/operator/Chart.yaml: missing kind in object {{v2 } {{ } map[] map[]}}

k get ocirepositories.source.toolkit.fluxcd.io -n securecodebox securecodebox
NAME URL READY STATUS AGE
securecodebox oci://ghcr.io/securecodebox/helm/operator True stored artifact for digest '4.12.0@sha256:69015f17dfa26b429af6243c044de31cb40b42844fb7282815fe7589c85d4458' 31m

Steps to reproduce

  1. Setup an infrastructure folder with this file
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: securecodebox
  namespace: flux-system
spec:
  interval: 1m0s
  sourceRef:
    kind: GitRepository
    name: flux-system
  serviceAccountName: kustomize-controller
  path: ./infrastructure/securecodebox
  prune: true
  timeout: 1m
  1. In infrastructure/securecodebox add these files
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- source.yaml
- sync.yaml
---
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: OCIRepository
metadata:
  name: securecodebox
  namespace: securecodebox
spec:
  interval: 1m0s
  provider: generic
  url: oci://ghcr.io/securecodebox/helm/operator
  ref:
    tag: "4.12.0"
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: securecodebox
  namespace: securecodebox
spec:
  interval: 1m0s
  sourceRef:
    kind: OCIRepository
    name: securecodebox
  serviceAccountName: securecodebox
  path: ./
  prune: true
  timeout: 1m0s
---
apiVersion: v1
kind: Namespace
metadata:
  name: securecodebox
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: securecodebox
  namespace: securecodebox
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: securecodebox
rules: 
- apiGroups: [""]
  resources: ["*"] 
  verbs: ["*"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: securecodebox
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: securecodebox
subjects:
- kind: ServiceAccount
  name: securecodebox
  namespace: securecodebox

Expected behavior

Apply the helm

Screenshots and recordings

No response

OS / Distro

mac

Flux version

v2.4.0

Flux check

► checking prerequisites
✔ Kubernetes 1.30.8-gke.1051000 >=1.28.0-0
► checking version in cluster
✔ distribution: flux-v2.4.0
✔ bootstrapped: true
► checking controllers
✔ helm-controller: deployment ready
► ghcr.io/fluxcd/helm-controller:v1.1.0
✔ kustomize-controller: deployment ready
► ghcr.io/fluxcd/kustomize-controller:v1.4.0
✔ notification-controller: deployment ready
► ghcr.io/fluxcd/notification-controller:v1.4.0
✔ source-controller: deployment ready
► ghcr.io/fluxcd/source-controller:v1.4.1
► checking crds
✔ alerts.notification.toolkit.fluxcd.io/v1beta3
✔ buckets.source.toolkit.fluxcd.io/v1
✔ gitrepositories.source.toolkit.fluxcd.io/v1
✔ helmcharts.source.toolkit.fluxcd.io/v1
✔ helmreleases.helm.toolkit.fluxcd.io/v2
✔ helmrepositories.source.toolkit.fluxcd.io/v1
✔ kustomizations.kustomize.toolkit.fluxcd.io/v1
✔ ocirepositories.source.toolkit.fluxcd.io/v1beta2
✔ providers.notification.toolkit.fluxcd.io/v1beta3
✔ receivers.notification.toolkit.fluxcd.io/v1
✔ all checks passed

Git provider

github

Container Registry provider

No response

Additional context

No response

Code of Conduct

  • I agree to follow this project's Code of Conduct
@LittaKake LittaKake changed the title OCIrepository OCIrepository is not able to apply yaml Jan 20, 2025
@LittaKake LittaKake changed the title OCIrepository is not able to apply yaml OCIrepository: not able to apply yaml Jan 20, 2025
@matheuscscp
Copy link
Member

failed to decode Kubernetes YAML from /tmp/kustomization-3934915096/operator/Chart.yaml: missing kind in object {{v2 } {{ } map[] map[]}}

This means you have a Helm chart in the manifests from the OCI artifact, you have this Chart.yaml file. Don't use Kustomization to apply an OCI Helm chart, Kustomization does not understand the format of Helm charts. Use HelmRelease instead, which does understand the format of Helm charts.

If what you need is not to deploy this Helm chart, then remove it from the OCI artifact, then Kustomization will be able to deploy the other things.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@matheuscscp @LittaKake