Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DNS-01 Challenge provider missing key in credential #821

Closed
thekad opened this issue Jan 24, 2018 · 0 comments

Comments

@thekad
Copy link

commented Jan 24, 2018

Running version:

Version = 5.0.0-rc.11
VersionStrategy = tag
Os = alpine
Arch = amd64
CommitHash = 956abb859e2bdb438a7d07ad211775d499554665
GitBranch = release-5.0
GitTag = 5.0.0-rc.11
CommitTimestamp = 2018-01-04T03:10:50

Might be a plain issue, but I can't seem to get it right. I am using dns-01 validation with dnsimple, according to the docs, the following crd.yml file should work:

    apiVersion: voyager.appscode.com/v1beta1
    kind: Certificate
    metadata:
      name: domain-tld
    spec:
      domains:
      - domain.tld
      - www.domain.tld
      acmeUserSecretName: acme-account
      challengeProvider:
        dns:
          provider: dnsimple
          credentialSecretName: voyager-dnsimple
        storage:
          secret:
            name: cert-domain-tld

And the voyager-dnsimple secret:

Name:         voyager-dnsimple
Namespace:    default
Labels:       <none>
Annotations:  <none>

Type:  Opaque

Data
====
DNSIMPLE_OAUTH_TOKEN:  32 bytes

both exist in the default namespace, but when applying the crd I get:

kubectl describe cert domain-tld
Name:         domain-tld
Namespace:    default
Labels:       <none>
Annotations:  kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"voyager.appscode.com/v1beta1","kind":"Certificate","metadata":{"annotations":{},"name":"domain-tld","namespace":"default"},"spec":{"acmeUse...
API Version:  voyager.appscode.com/v1beta1
Kind:         Certificate
Metadata:
  Cluster Name:                   
  Creation Timestamp:             2018-01-24T04:41:22Z
  Deletion Grace Period Seconds:  <nil>
  Deletion Timestamp:             <nil>
  Resource Version:               9469611
  Self Link:                      /apis/voyager.appscode.com/v1beta1/namespaces/default/certificates/domain-tld
  UID:                            d40781f3-00c0-11e8-9867-42010a80001c
Spec:
  Acme User Secret Name:  acme-account
  Challenge Provider:
Dns:
  Credential Secret Name:  voyager-dnsimple
  Provider:                dnsimple
  Domains:
domain.tld
www.domain.tld
  Storage:
Secret:
  Name:  cert-domain-tld
Events:
  Type     Reason              Age   From              Message
  ----     ------              ----  ----              -------
  Warning  CertificateInvalid  4m    voyager operator  dns provider credential missing key DNSIMPLE_OAUTH_TOKEN
  Warning  CertificateInvalid  4m    voyager operator  dns provider credential missing key DNSIMPLE_OAUTH_TOKEN

Which is obviously not true, since I can see the DNSIMPLE_OAUTH_TOKEN key in the voyager-dnsimple secret.

What am I missing? The operator process doesn't show any errors, and the kube client library appears to load the secret fine, thoughts?

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
1 participant
You can’t perform that action at this time.