Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Helm chart dynamic version detection not working #6466

Open
1 of 3 tasks
Gby56 opened this issue Jun 27, 2022 · 5 comments
Open
1 of 3 tasks

Helm chart dynamic version detection not working #6466

Gby56 opened this issue Jun 27, 2022 · 5 comments
Assignees
@dsever
Labels
bug

Comments

@Gby56
Copy link
Contributor

Gby56 commented Jun 27, 2022

Bug description
I'm currently trying to redeploy DDojo 2.10.0 on an EKS cluster 1.22 v1.22.9-eks-a64ea69
I've been having lots of issues relating to Ingress definitions, I managed to correct a lot of them by tweaking the chart, but I think the semverCompare is not working as intended in the chart. (maybe because the EKS versioning is weird ?)

First error I was getting:

Error: INSTALLATION FAILED: unable to build kubernetes objects from release manifest: resource mapping not found for name: "defectdojo" namespace: "" from "": no matches for kind "Ingress" in version "networking.k8s.io/v1beta1"

which clearly showed that the version detected was not correct imo ? I have changed the apiVersion in django-ingress.yaml to networking.k8s.io/v1 in both conditions of the {{- if semverCompare ">=1.19.0" .Capabilities.KubeVersion.GitVersion }}

Then I had a few more issues

Error: INSTALLATION FAILED: unable to build kubernetes objects from release manifest: error validating "": error validating data: ValidationError(Ingress.spec.rules[0].http.paths[0]): missing required field "pathType" in io.k8s.api.networking.v1.HTTPIngressPath

Error: INSTALLATION FAILED: unable to build kubernetes objects from release manifest: error validating "": error validating data: [ValidationError(Ingress.spec.rules[0].http.paths[0].backend): unknown field "serviceName" in io.k8s.api.networking.v1.IngressBackend, ValidationError(Ingress.spec.rules[0].http.paths[0].backend): unknown field "servicePort" in io.k8s.api.networking.v1.IngressBackend, ValidationError(Ingress.spec.rules[0].http.paths[0]): missing required field "pathType" in io.k8s.api.networking.v1.HTTPIngressPath]

Steps to reproduce
Steps to reproduce the behavior:
Try to deploy it on an EKS cluster ? maybe you could reproduce the issue if you could change the version returned by kubectl version or at least test the semverCompare, I think there are issues like this in other projects... kubernetes/ingress-nginx#8271

my kubectl version:
Server Version: version.Info{Major:"1", Minor:"22+", GitVersion:"v1.22.9-eks-a64ea69", GitCommit:"540410f9a2e24b7a2a870ebfacb3212744b5f878", GitTreeState:"clean", BuildDate:"2022-05-12T19:15:31Z", GoVersion:"go1.16.15", Compiler:"gc", Platform:"linux/amd64"}

Deployment method (select with an X)

  • Docker Compose
  • Kubernetes
  • GoDojo

Environment information

  • DefectDojo version (see footer) or commit message: 2.10.0
@Gby56 Gby56 added the bug label Jun 27, 2022
@dsever
Copy link
Contributor

dsever commented Jun 28, 2022
edited

@Gby56, I did some research, looks like it is not the bug in our Helm, this is problem that EKS (AWS) is not respecting the semVer standard of versioning.

aws/containers-roadmap#1404

I will rethink and maybe implement kind of workaround.

@metcox
Copy link

metcox commented Aug 24, 2022

I'm having the same issue with microk8s, it's probably not specific to EKS.
However if I only get the manifest template (with helm template) it looks ok ... weird behaviour.

$ kubectl version
Client Version: version.Info{Major:"1", Minor:"23+", GitVersion:"v1.23.9-2+88a2c6a14e7008", GitCommit:"88a2c6a14e7008ae9577b448c50091f44b6be572", GitTreeState:"clean", BuildDate:"2022-07-13T18:07:58Z", GoVersion:"go1.17.10", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"23+", GitVersion:"v1.23.9-2+88a2c6a14e7008", GitCommit:"88a2c6a14e7008ae9577b448c50091f44b6be572", GitTreeState:"clean", BuildDate:"2022-07-13T18:05:30Z", GoVersion:"go1.17.10", Compiler:"gc", Platform:"linux/amd64"}

That being said,

the Capabilities.KubeVersion.GitVersion capability has been deprecated (removed?) from helm and should be replaced with Capabilities.KubeVersion.Version .

deprecation note: https://github.com/helm/helm/blob/72e2bff0aff44734056be2c859921f2cb22bb2f9/pkg/chartutil/capabilities.go#L82
GitVersion capability is no longer documented: https://helm.sh/docs/chart_template_guide/builtin_objects/

A better solution would be to use .Capabilities.APIVersions.Has "networking.k8s.io/v1"

@dsever
Copy link
Contributor

dsever commented Aug 24, 2022

@metcox good point, I will adjust helm.

@dsever dsever mentioned this issue Aug 25, 2022
Merged
@dsever
Copy link
Contributor

dsever commented Aug 25, 2022
edited

@Gby56 and @metcox can you please test https://github.com/dsever/django-DefectDojo/tree/helmv3_check_capabilities I don't have AWS or microk8s

@metcox
Copy link

metcox commented Aug 25, 2022

@dsever it's working well with microk8s , thanks

@baznikin baznikin mentioned this issue Dec 9, 2022
Open
@lhotari lhotari mentioned this issue Dec 22, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dsever dsever

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@metcox @Gby56 @dsever