New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(server): Update argo-server crt/key owner #4750
Conversation
Signed-off-by: Daisuke Taniwaki <daisuketaniwaki@gmail.com>
We've not seen this problem, which is odd. |
@dtaniwaki are you doubly sure this is a problem? How come we can execute |
I signed off the commit just 1 second before your approval, but the code change is the same. |
Hmm... It's a problem in my company cluster which is very strict and force non-root. Let me try it in minikube just in case. |
I found it's reproducible in my minikube. Maybe, you miss the security context and your pod is running as root? |
However, I guess this change affects your currently working environment because the root user will not be able to read the |
v2.11 does not have https://github.com/argoproj/argo/blob/release-2.11/Dockerfile |
v2.12 does, but this is not released yet. |
@simster7 @sarabala1979 v2.12.0 Argo Server is unusable because the server cannot read its keys. I've just merged this PR, but we need v2.12.1. |
@alexec Ill make a new release tonight |
Signed-off-by: Daisuke Taniwaki <daisuketaniwaki@gmail.com>
Checklist:
The self-signed key bundled in the argocli image cannot be used.
Here's the log.