can't update argocd from 2.6.6 to any newer version while using oboukili/argocd provider
Closed this issue ยท 5 comments
Terraform Version, ArgoCD Provider Version and ArgoCD Version
Terraform version: 3.104.2
ArgoCD provider version: 6.1.1
ArgoCD version: 2.6.6
update to
Terraform version: 3.104.2
ArgoCD provider version: 6.1.1
ArgoCD version: (any newer version than 2.6.6)
Affected Resource(s)
Terraform Configuration Files
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "3.104.2"
}
argocd = {
source = "oboukili/argocd"
version = "6.1.1"
}
}
}
provider "argocd" {
server_addr = var.argocd_admin_host
username = var.argocd_admin_username
password = var.argocd_admin_password
insecure = true
}
########argocd values.yaml###########
global:
image:
# -- Overrides the global Argo CD image tag whose default is the chart appVersion
tag: "v2.8.20"
server:
extraArgs:
- --insecure
ingress:
enabled: true
annotations:
kubernetes.io/ingress.class: nginx
hostname: "argocd-servername"
extraTls:
- hosts:
- argocd-dns-name
secretName: argocd-secret-name
Debug Output
Panic Output
Steps to Reproduce
I have argocd 2.6.6 running and exposed by oboukili/argocd verion 6.1.1 but when modifying the versions of argocd helm chart and argocd tag in its values.yaml file (as shown above), terraform runs into error complaining about invalid provider configurations. Worth to be mentioned, these the same provider configurations being used for deploy argocd version 2.6.6
Expected Behavior
Terraform should be able to update argocd from 2.6.6 to a newer version
Actual Behavior
it runs into the following error complaining about invalid argocd provider configurations even these are configurations being working in case of the old argocd version (2.6.6) . Here is the error message :
Important Factoids
References
Community Note
- Please vote on this issue by adding a ๐ reaction to the original issue to help the community and maintainers prioritize this request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
Terraform version: 3.104.2
Can you recheck please? There is no TF version with >3.x. Can you paste the output of terraform version please?
$ terraform version
Terraform v1.9.5
on darwin_amd64
Your version of Terraform is out of date! The latest version
is 1.9.7. You can update by downloading from https://www.terraform.io/downloads.htmlArgoCD version: 2.6.6
So since you are using Argo CD 2.6.6, I assume that you're on Helm chart version 5.27.1?
You cannot update to 2.8.x by only updating the global.image.tag value. You need to update the helm chart also.
But it still seems to work (for now - still it doesn't make sense).
I tried to reproduce your issue without luck ๐.
-
Bootstrap an empty cluster with an Ingress controller installed
$ cat kind.yaml kind: Cluster apiVersion: kind.x-k8s.io/v1alpha4 name: issue-456 nodes: - role: control-plane kubeadmConfigPatches: - | kind: InitConfiguration nodeRegistration: kubeletExtraArgs: node-labels: "ingress-ready=true" extraPortMappings: - containerPort: 80 hostPort: 80 protocol: TCP - containerPort: 443 hostPort: 443 protocol: TCP $ kind create cluster --config kind.yaml Creating cluster "issue-456" ... โ Ensuring node image (kindest/node:v1.31.0) ๐ผ โ Preparing nodes ๐ฆ โ Writing configuration ๐ โ Starting control-plane ๐น๏ธ โ Installing CNI ๐ โ Installing StorageClass ๐พ Set kubectl context to "kind-issue-456" You can now use your cluster with: kubectl cluster-info --context kind-issue-456 Have a nice day! ๐ $ kubectl apply -f https://raw.githubusercontent.com/kubernetes/ ingress-nginx/main/deploy/static/provider/kind/deploy.yaml namespace/ingress-nginx created serviceaccount/ingress-nginx created serviceaccount/ingress-nginx-admission created role.rbac.authorization.k8s.io/ingress-nginx created role.rbac.authorization.k8s.io/ingress-nginx-admission created clusterrole.rbac.authorization.k8s.io/ingress-nginx created clusterrole.rbac.authorization.k8s.io/ingress-nginx-admission created rolebinding.rbac.authorization.k8s.io/ingress-nginx created rolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx created clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created configmap/ingress-nginx-controller created service/ingress-nginx-controller created service/ingress-nginx-controller-admission created deployment.apps/ingress-nginx-controller created job.batch/ingress-nginx-admission-create created job.batch/ingress-nginx-admission-patch created ingressclass.networking.k8s.io/nginx created validatingwebhookconfiguration.admissionregistration.k8s.io/ ingress-nginx-admission created
-
Bootstrap Argo CD
$ cat issue-456_values.yaml global: image: # -- Overrides the global Argo CD image tag whose default is the chart appVersion tag: "v2.8.20" server: extraArgs: - --insecure ingress: enabled: true annotations: kubernetes.io/ingress.class: nginx hostname: "argocd-servername" extraTls: - hosts: - argocd-dns-name secretName: argocd-secret-name $ helm install argocd argo/argo-cd \ --namespace argocd \ --create-namespace \ --version 5.27.1 \ --values issue-456_values.yaml \ --wait -
Prepare for Terraform
$ export TF_VAR_argocd_admin_password=$(kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d) $ cat main.tf terraform { required_providers { argocd = { source = "oboukili/argocd" version = "6.1.1" } } } provider "argocd" { server_addr = var.argocd_admin_host username = var.argocd_admin_username password = var.argocd_admin_password insecure = true } variable "argocd_admin_host" { type = string default = "localhost" } variable "argocd_admin_username" { type = string default = "admin" } variable "argocd_admin_password" {} resource "argocd_project" "example" { metadata { name = "example" } spec { description = "An example project" source_repos = ["*"] destination { server = "https://kubernetes.default.svc" namespace = "*" } } }
-
Now fire up Terraform
$ terraform init $ terraform apply -auto-approve Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # argocd_project.example will be created + resource "argocd_project" "example" { + id = (known after apply) + metadata { + generation = (known after apply) + name = "example" + namespace = (known after apply) + resource_version = (known after apply) + uid = (known after apply) } + spec { + description = "An example project" + source_repos = [ + "*", ] + destination { name = null + namespace = "*" + server = "https://kubernetes.default.svc" } } } Plan: 1 to add, 0 to change, 0 to destroy. argocd_project.example: Creating... argocd_project.example: Creation complete after 1s [id=example] Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
i was trying to update the already existing argocd release to newer helm chart version and image version. as follows
current running argocd setup:
argocd version: v2.6.6
argocd helm chart version: 6.9.2
ArgoCD provider version: 6.1.1
to these versions:
argocd version: v2.8.20
argocd helm chart version: 7.6.8
ArgoCD provider version: 6.1.1
The following is azurerm provider not the terraform version (sorry my bad):
azurerm provider version: 3.104.2
I use Terragrunt version v0.58.12 and Terraform v1.4.7
so, will the example you implemented be upgraded to reproduce the behaviour
This was solved by properly retrieving the initial-admin secret which was generated during the first installation. After that the update ran smoothly.
So this is not a bug and this issue can not be closed!
This was solved by properly retrieving the initial-admin secret which was generated during the first installation. After that the update ran smoothly.
So this is not a bug and this issue can not be closed!
Oh :) that make sense. Thank you for confiriming that ๐