Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error: Failed to init clients #231

Closed
mikzuit opened this issue Feb 20, 2023 · 6 comments · May be fixed by #405
Closed

Error: Failed to init clients #231

mikzuit opened this issue Feb 20, 2023 · 6 comments · May be fixed by #405

Comments

@mikzuit
Copy link

mikzuit commented Feb 20, 2023
edited

Hi @oboukili could this be related to sh scripts, LF CRLF or argocd provider authentication?

Setup:
Terraform : 1.0.6
Argocd terraform provider: 4.3.0

Config files:

I execute this script in order to add my agent ssh then use it in private repos.
ssh-init.sh

#!/bin/sh
set -e

eval `ssh-agent -s` > /dev/null 2>&1

ssh-add -k  "~/.ssh/id_rsa" > /dev/null 2>&1

main.tf

resource "null_resource" "init" {
  provisioner "local-exec" {
    command = trimspace(file("${path.module}/scripts/ssh-init.sh"))
  }
}


provider "argocd" {
  username    = "admin"
  password    = "password" 
  context     = "my-context"
  server_addr = "ip_address"
  insecure    = true
  kubernetes {
    config_path            = "~/.kube/config"
    cluster_ca_certificate = "from cluster config" 
    exec {
      api_version = "client.authentication.k8s.io/__internal" # also tried  with v1 or v1beta
      args        = ["login", "ip_address", "--grpc-web", "--username", "admin", "--password", "password", "--insecure"]
      command     = "argocd"
    }
  }
}


resource "argocd_project" "deployed" {
}

Regular output:

│ Error: Failed to init clients
│
│   with argocd_project.deployed,
│   on main.tf line 56, in resource "argocd_project" "deployed":
│   56: resource "argocd_project" "deployed" {
│
│ EOF

... 

same error for each argocd resource

TF_LOG=Debug output:

│ Error: Failed to init clients
│
│   with argocd_project.deployed,
│   on main.tf line 56, in resource "argocd_project" "deployed":
│   56: resource "argocd_project" "deployed" {
│
│ EOF

... 

same error for each argocd resource

2023-02-20T16:55:10.110Z [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2023-02-20T16:55:10.115Z [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/oboukili/argocd/4.3.0/linux_amd64/terraform-provider-argocd_v4.3.0 pid=24320
2023-02-20T16:55:10.115Z [DEBUG] provider: plugin exited

Questions:

  1. how do I check/test my argocd provider connection ?
  2. how can improve my debug argocd provider connection?
  3. Assuming I get error on first resources created, should I consider that argocd provider connection is enabled?
  4. could this be related to using a script with bash/sh ?
  5. Could this be related in any way to?:
    Failed to init client: kubernetes configuration invalid #134

I have used the env variables KUBE_CONFIG_PATH , KUBECONFIG as suggested there.

Other things I tried:

  1. Login directly on dashboard same credentials for admin are working
  2. Login from terminal using argocd-cli same credentials for admin are also working

UPDATE: (solution)
This is the minimun login with cli (--plaintext) to avoid TLS error warning message):

argocd login IP_ADDRESS --username admin  --password $argoPass --plaintext

Agocd providers does have that option as plain_text which SOLVES the problem.
Thanks for the help @onematchfox @Diliz

Thanks
@onematchfox
Copy link
Collaborator

I haven't used the provider alongside a kubernetes configuration block, so I don't know how much value I can add to this conversation. However, I suspect this is related to how you have exposed your ArgoCD instance, if at all.

  1. Login directly on dashboard same credentials for admin are working
  2. Login from terminal using argocd-cli same credentials for admin are also working

How have you gone about doing these checks? In particular, which parameters are you passing to the argocd login command? Do these match the provider configuration? At this point, I guess that perhaps you should be setting port_forward and port_forward_with_namespace on the provider configuration.

@Diliz
Copy link

Diliz commented Feb 23, 2023
edited

Hello there,

Was having the same issue on an openshift cluster with their argo installation (which is named openshift-gitops), got another error when adding the port_forward options:

Error: Failed to init clients
│ 
│   with argocd_project.argo_project,
│   on providers.tf line 106, in resource "argocd_project" "argo_project":
│  106: resource "argocd_project" "argo_project" {
│ cannot find pod with selector:
│ [app.kubernetes.io/name=argocd-server]

I think this is related to: argoproj/argo-cd#10200 (which I created)
Is there any way to target another argocd-server name (by giving the provider a server name or this kind of stuff for custom argo implementations) ?

If it's related to the issue I mentionned, a pull request is still waiting for the merge here: argoproj/argo-cd#11297

EDIT:
yeah in my case (openshift-gitops argo installation), the issue is in the argocd apiclient as well
@mikzuit if the port-forward options are not working, are you using a default argocd installation? (like official helm chart or else)

@mikzuit
Copy link
Author

mikzuit commented Feb 23, 2023
edited

I haven't used the provider alongside a kubernetes configuration block, so I don't know how much value I can add to this conversation. However, I suspect this is related to how you have exposed your ArgoCD instance, if at all.

  1. Login directly on dashboard same credentials for admin are working
  2. Login from terminal using argocd-cli same credentials for admin are also working

How have you gone about doing these checks? In particular, which parameters are you passing to the argocd login command? Do these match the provider configuration? At this point, I guess that perhaps you should be setting port_forward and port_forward_with_namespace on the provider configuration.

Sorry @onematchfox I will answer from memory, I will come back when have more precise data.

I am using argocd loadbalancer option(not port forward or ingress) .
I am able to connect with admin and password on Web Ui. When login using argocd cli I have used :

argocd login IP_ADDRESS --username admin  --password $argoPass

Also

argocd login IP_ADDRESS --insecure --grpc-web--username admin  --password $argoPass

I will say also tried with a ip address:port

Thanks

@mikzuit
Copy link
Author

mikzuit commented Feb 23, 2023
edited

Hello there,

Was having the same issue on an openshift cluster with their argo installation (which is named openshift-gitops), got another error when adding the port_forward options:

Error: Failed to init clients
│ 
│   with argocd_project.argo_project,
│   on providers.tf line 106, in resource "argocd_project" "argo_project":
│  106: resource "argocd_project" "argo_project" {
│ cannot find pod with selector:
│ [app.kubernetes.io/name=argocd-server]

I think this is related to: argoproj/argo-cd#10200 (which I created)
Is there any way to target another argocd-server name (by giving the provider a server name or this kind of stuff for custom argo implementations) ?

If it's related to the issue I mentionned, a pull request is still waiting for the merge here: argoproj/argo-cd#11297

EDIT:
yeah in my case (openshift-gitops argo installation), the issue is in the argocd apiclient as well
@mikzuit if the port-forward options are not working, are you using a default argocd installation? (like official helm chart or else)

Hi @Diliz I am indeed using a argocd default installation from this repo , I will try port forward option ASAP

@onematchfox
Copy link
Collaborator

Hi @Diliz I am indeed using a argocd default installation from this repo , I will try port forward option ASAP

@mikzuit, the provider should be configured using the same parameters as what works when you use argocd login. If you have exposed ArgoCD via a load balancer then there should be no need to specify/set the context and kubernetes attributes on the provider (or the port forwarding options for that matter too). Just use the same configuration as what works when running the CLI. E.g.:

provider "argocd" {
  server_addr = "IP_ADDRESS"
  username    = "admin"
  password    = "password"
  insecure    = true
  grpc_web    = true
}

@onematchfox
Copy link
Collaborator

onematchfox commented Feb 24, 2023
edited

Is there any way to target another argocd-server name (by giving the provider a server name or this kind of stuff for custom argo implementations) ?

@Diliz, I'm afraid the provider uses the argo-cd module just as the argocd CLI does. Right now, there is no option to specify the server name on the API client, so there's nothing we can do here, either. This can be looked at once the PR you mentioned has been merged and released.

Edit: It might also be worth asking if there is a reason you cannot expose the ArgoCD server. If you do so, then, as per my comment above, there is no need to use port-forwarding to connect to it. You can simply configure the provider to connect to whatever DNS/port the server is exposed on.

@mikzuit mikzuit closed this as completed Feb 26, 2023
@MarshallOfSound MarshallOfSound mentioned this issue Jul 5, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: add support for customer argocd api server name MarshallOfSound/terraform-provider-argocd
3 participants
@onematchfox @Diliz @mikzuit