Unable to deploy robusta helm chart with ArgoCD
Closed this issue ยท 5 comments
Describe the bug
Original slack conversation: https://robustacommunity.slack.com/archives/C02R0LVANKY/p1707937278191989
I am unable to deploy robusta when using a yaml templated application for ArgoCD. As suggested on slack, I have tried a number of different ways to refer to my secret values, none of them have worked. Example yaml application for Argo to deploy the helm chart:
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: robusta
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
destination:
server: https://kubernetes.default.svc
namespace: robusta
project: default
source:
chart: robusta
repoURL: https://robusta-charts.storage.googleapis.com
targetRevision: 0.10.29
helm:
values: |
globalConfig:
signing_key: "{{ '{{' }} env.SIGNING_KEY {{ '}}' }}"
account_id: "{{ '{{' }} env.ACCOUNT_ID {{ '}}' }}"
sinksConfig:
- robusta_sink:
name: robusta_ui_sink
token: "{{ '{{' }} env.ROBUSTA_UI_TOKEN {{ '}}' }}"
- discord_sink:
name: mckernans_discord_sink
url: "{{ '{{' }} env.DISCORD_SINK_WEBHOOK {{ '}}' }}"
enablePlatformPlaybooks: true
runner:
sendAdditionalTelemetry: true
rsa:
private: "{{ '{{' }} env.RSA_PRIVATE {{ '}}' }}"
public: "{{ '{{' }} env.RSA_PUBLIC {{ '}}' }}"
runner:
additional_env_vars:
- name: SIGNING_KEY
valueFrom:
secretKeyRef:
name: environment
key: SIGNING_KEY
- name: ACCOUNT_ID
valueFrom:
secretKeyRef:
name: environment
key: ACCOUNT_ID
- name: ROBUSTA_UI_TOKEN
valueFrom:
secretKeyRef:
name: environment
key: ROBUSTA_UI_TOKEN
- name: DISCORD_SINK_WEBHOOK
valueFrom:
secretKeyRef:
name: environment
key: DISCORD_SINK_WEBHOOK
- name: RSA_PRIVATE
valueFrom:
secretKeyRef:
name: environment
key: RSA_PRIVATE
- name: RSA_PUBLIC
valueFrom:
secretKeyRef:
name: environment
key: RSA_PUBLIC
To Reproduce
Steps to reproduce the behavior:
- Create a secret with your environment values (I am using the 1password operator, but any secret should work)
- Try to deploy robusta with argocd, using the manifest above
- Receive an error like this:
Failed to load target state: failed to generate manifest for source 1 of 1: rpc error: code = Unknown desc = Manifest generation error (cached): `helm template . --name-template root --namespace argocd --kube-version 1.28 <api versions removed> --include-crds` failed exit status 1: Error: parse error at (root/templates/robusta.yaml:20): '{{' Use --debug flag to render out invalid YAML
Expected behavior
I should be able to deploy Robusta and reference environment secrets
The solution ended up being using a separate values file, using a yaml file located in the repository instead of trying to inline in an argocd application directly. example:
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: robusta
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
destination:
server: https://kubernetes.default.svc
namespace: robusta
project: default
sources:
- chart: robusta
repoURL: https://robusta-charts.storage.googleapis.com
targetRevision: 0.10.31
helm:
valueFiles:
- $values/values/robusta.yaml
Thanks, I'll update our docs accordingly. Can you explain what $values
refers to in valueFiles
? Is that something specific to your company to differentiate between different environments?
Thanks for getting the docs updated! I chopped off a few lines by mistake, here's the context on what $values
refers to:
sources:
- chart: robusta
repoURL: https://robusta-charts.storage.googleapis.com
targetRevision: 0.10.31
helm:
valueFiles:
- $values/values/robusta.yaml
- repoURL: "git@github.com:mckernanin/homelab.git"
targetRevision: HEAD
ref: values