Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing git credentials pass-through for kustomize remotebases #2477

Open
4 tasks done
dan1el-k opened this issue Aug 28, 2024 · 0 comments
Open
4 tasks done

Missing git credentials pass-through for kustomize remotebases #2477

dan1el-k opened this issue Aug 28, 2024 · 0 comments
Labels
kind/bug needs/area needs/priority

Comments

@dan1el-k
Copy link

Checklist

  • I've searched the issue queue to verify this is not a duplicate bug report.
  • I've included steps to reproduce the bug.
  • I've pasted the output of kargo version.
  • I've pasted logs, if applicable.

Description

When using kustomize with a remoteBase targeting to a private repository (in our case Github Enterprise), credentials are needed for authentication. With ArgoCD repoServer as well as with local kustomize client, credentials are passed through
.
"kargo-render" howerver, do not pass through the credentials properly so that it prompts again for git credentials, even though they are provided from a credential store.

This results simply in failed promotions via Kargo Controller and an error message in the logs (see below).
When running kargo-render locally within a container it fails as well when no credentials are provided, but would succeed if they are provided a 2nd time as a user-input.

I understood that kargo-renders future is unknown, and it might end up fully in Kargo 0.9+, Therefore I want to highlight this bug here to be directly covered in the potentially integration, since we are heavily relying in using kustomize remotebases

Expected behavior:

Kargo/Kargo-render handles git credentials similar like ArgoCD does in order to support kustomize remote bases targeting private repositories

Screenshots

Steps to Reproduce

Example:

kargo-render.yaml

configVersion: v1alpha1
branchConfigs:
  - name: stage/kube1-dev
    appConfigs:
      mercury-argoevents: # source repo
        configManagement:
          path: applications/cortex-argoevents-manifest/stages/kube1-dev
        outputPath: mercury-argoevents
        combineManifests: true

kustomization

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

resources:
  - https://my-company/my-org/cortex-argoevents-manifest.git//deployment?ref=HEAD
#  - ../../base
#  - ../../tests

local command

docker run -it ghcr.io/akuity/kargo-render:v0.1.0-rc.40  --repo https://my-company/my-org/mercury-manifest  --repo-username yyy   --repo-password xxx  --target-branch stage/kube1-dev

prompts for:

Username for 'https://code.rbi.tech':

and if not provided it fails with error

Error: error pre-rendering manifests: error generating manifests using Argo CD repo server: `kustomize build /tmp/repo-311868286/repo/applications/cortex-argoevents-manifest/stages/kube1-dev` failed exit status 1: Error: accumulating resources: accumulating resources from 'https://my-company/my-org/cortex-argoevents-manifest.git//deployment?ref=HEAD': MalformedYAMLError: yaml: line 184: mapping values are not allowed in this context in File: https://my-company/my-org/cortex-argoevents-manifest.git//deployment?ref=HEAD

Version

version: 0.8.4

Logs

Paste any relevant application logs here.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug needs/area needs/priority
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dan1el-k