Webhook server crashes when Argo CD option `server.insecure` is set.
asyncmax opened this issue · 1 comments
asyncmax commented
Hi,
We are using Argo CD with the following setting because TLS is terminated at the external Load Balancer outside of cluster.
apiVersion: v1
kind: ConfigMap
metadata:
name: argocd-cmd-params-cm
data:
server.insecure: "true"
With this setting, ApplicationSet controller's webhook server crashes at startup as below:
$ kubectl logs argocd-applicationset-controller-66689cbf4b-wnvxk -n argocd
1.6521430257851515e+09 INFO setup ApplicationSet controller v0.4.1 using namespace 'argocd' {"namespace": "argocd", "COMMIT_ID": "a5712ba564afaff0b23697135d6281d413e60345"}
1.6521430265947015e+09 INFO controller-runtime.metrics Metrics server is starting to listen {"addr": ":8080"}
time="2022-05-10T00:37:06Z" level=info msg="Starting configmap/secret informers"
time="2022-05-10T00:37:06Z" level=info msg="Configmap/secret informer synced"
1.6521430267008247e+09 ERROR setup failed to create webhook handler {"error": "Failed to get argocd settings: server.secretkey is missing"}
main.main
/workspace/main.go:160
runtime.main
/usr/local/go/src/runtime/proc.go:255
Because of this problem, ApplicationSet webhooks are completely disabled in this configuration. (Argo CD's webhooks work fine.)
acelinkio commented
Looks like that warning is expected. argoproj/argo-cd#1936
I also stumbled into this when trying to use an ApplicationSet. Try putting it in the same namespace as argocd. https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/application.yaml#L5
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: guestbook
# You'll usually want to add your resources to the argocd namespace.
namespace: argocd
...
...
...