-
Notifications
You must be signed in to change notification settings - Fork 661
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
argocd app shows 'degraded' though the key unsealed sucessfully and sealed secret health status shows wrong #739
Comments
This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback. |
Due to the lack of activity in the last 7 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary. |
This issue is still relevant: if the secret fails to decrypt at least once (i.e. the master key is not uploaded yet), the This can cause the whole Argo CD deployment to get stuck because the sealed secrets are not detected as healthy. Searching through at the code, it looks like this condition is the reason the status is not updated: sealed-secrets/pkg/controller/controller.go Lines 356 to 360 in 58b8864
Is this condition required for some reason or can it be removed to fix this issue? I guess it is also possible to bump the generation when a secret is successfully decrypted. |
commenting as the issue still exists a major concern with an app being stuck in degraded even though it succeeded is that it conditions users to stop checking why the app shows as degraded, which could cause a real issue to be missed |
@agarcia-oss can this issue be re-opened? |
can confirm I am also having the very same issue. My secrets are decrypting, but argocd is still reporting a degraded sealed secret. |
Same issue here, and very interested in a resolution |
Same issue. |
Also having the same issue. |
Controller version - v0.17.1
I just deployed argocd and declared the argocd creds using sealed secrets - secrets got unsealed successfully and everything's working fine BUT the argocd app health shows as DEGRADED as it failed first few times App health status still shows the previous error while the live state is good
https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories
Expected behavior
App status should be healthy and sealed secret health status should show the correct message 'unsealed sealed secret successfully'
Version of Kubernetes:
v1.21
Actual behavior:
Output:
sealed secrets got decrypted and argocd is working fine. Only problem is the app status shows degraded and sealed secrets health status shows wrong
The text was updated successfully, but these errors were encountered: