Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Charm goes into error state when deployed without --trust #39

Open
sed-i opened this issue Nov 16, 2023 · 0 comments
Open

Charm goes into error state when deployed without --trust #39

sed-i opened this issue Nov 16, 2023 · 0 comments

Comments

@sed-i
Copy link

sed-i commented Nov 16, 2023

Bug Description

When the charm is deployed without --trust, it goes into error state.

It would be handy if it would block with a message. Example.

To Reproduce

juju deploy ./oathkeeper_ubuntu-22.04-amd64.charm ok --resource oci-image=$(yq eval '.resources.oci-image.upstream-source' metadata.yaml)

Environment

Model  Controller  Cloud/Region        Version  SLA          Timestamp
auth   k8s2        microk8s/localhost  3.1.6    unsupported  14:17:40-05:00

Charm built from main (6c6151e).

Relevant log output

unit-ok-0: 14:12:53.575 ERROR unit.ok/0.juju-log Uncaught exception while in charm code:
Traceback (most recent call last):
  File "/var/lib/juju/agents/unit-ok-0/charm/venv/lightkube/core/generic_client.py", line 188, in raise_for_status
    resp.raise_for_status()
  File "/var/lib/juju/agents/unit-ok-0/charm/venv/httpx/_models.py", line 758, in raise_for_status
    raise HTTPStatusError(message, request=request, response=self)
httpx.HTTPStatusError: Client error '403 Forbidden' for url 'https://10.152.183.1/api/v1/namespaces/auth/configmaps?fieldManager=ok'
For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/403

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/var/lib/juju/agents/unit-ok-0/charm/./src/charm.py", line 555, in <module>
    main(OathkeeperCharm)
  File "/var/lib/juju/agents/unit-ok-0/charm/venv/ops/main.py", line 434, in main
    framework.reemit()
  File "/var/lib/juju/agents/unit-ok-0/charm/venv/ops/framework.py", line 852, in reemit
    self._reemit()
  File "/var/lib/juju/agents/unit-ok-0/charm/venv/ops/framework.py", line 931, in _reemit
    custom_handler(event)
  File "/var/lib/juju/agents/unit-ok-0/charm/./src/charm.py", line 324, in _on_install
    config_map.create_all()
  File "/var/lib/juju/agents/unit-ok-0/charm/src/config_map.py", line 133, in create_all
    ConfigMapManager.create_all()
  File "/var/lib/juju/agents/unit-ok-0/charm/src/config_map.py", line 26, in create_all
    cm.create()
  File "/var/lib/juju/agents/unit-ok-0/charm/src/config_map.py", line 74, in create
    self._client.create(cm)
  File "/var/lib/juju/agents/unit-ok-0/charm/venv/lightkube/core/client.py", line 359, in create
    return self._client.request("post", name=name, namespace=namespace, obj=obj,
  File "/var/lib/juju/agents/unit-ok-0/charm/venv/lightkube/core/generic_client.py", line 245, in request
    return self.handle_response(method, resp, br)
  File "/var/lib/juju/agents/unit-ok-0/charm/venv/lightkube/core/generic_client.py", line 196, in handle_response
    self.raise_for_status(resp)
  File "/var/lib/juju/agents/unit-ok-0/charm/venv/lightkube/core/generic_client.py", line 190, in raise_for_status
    raise transform_exception(e)
lightkube.core.exceptions.ApiError: configmaps is forbidden: User "system:serviceaccount:auth:ok" cannot create resource "configmaps" in API group "" in the namespace "auth"

Additional context

No response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sed-i