-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Grpc.Core.RpcException: "Failed to deserialize response message." when using "cert-manager.crds.yaml" for ConfigFile #4224
Comments
This worked using the NodeJS SDK, so it must be specific to .NET. Can you take a look @mikhailshilkov? new k8s.yaml.ConfigFile("guestbook2",
{
file: "https://github.com/jetstack/cert-manager/releases/download/v0.14.0/cert-manager.crds.yaml"
}
); |
Here is a minimal repro YAML to get the same exception: apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
spec:
validation:
openAPIV3Schema:
properties:
spec:
properties:
solver:
properties:
http01:
properties:
ingress:
properties:
podTemplate:
properties:
spec:
properties:
affinity:
properties:
podAffinity:
properties:
preferredDuringSchedulingIgnoredDuringExecution:
items:
properties:
podAffinityTerm:
properties:
labelSelector:
properties:
matchExpressions:
items:
properties:
values:
type: array The C# gRPC swallows the real exception, but I got it with a debugger:
Unfortunately, I don't see a setting to configure the recursion limit in the gRPC library - the protobuf setting mentioned in the exception doesn't look available. I'll open an issue and ask there. |
The issue in gRPC: grpc/grpc#22682 |
I was wondering if anyone could recommend an alternative approach to installing CertManager, even as a temporary workaround (other than manually invoking helm)? |
I've got the same problem using dotnet/c# with cert manager. This is a showstopper! 😬 |
I'm seeing the same issue when using the option to install Cert-Manager CRD's as part of the Helm chart. So currently there is no way to install cert-manager with Pulumi, as far as I can see |
I'm still puzzled by why the above minimal repro yaml and cert-manager.yaml causes ParsingPrimitivesMessages.ReadMessage to throw with error "too many levels of nesting" since
(using yaml indentation as guide) What am I missing? |
We just ran into this to, as part of setting up the AWS Load Balancer controller in our EKS environment. We are fully integrated with Pulumi and need a solution. |
@mikhailshilkov Any ideas on a workaround here? |
I don't have any workarounds that wouldn't require a fix in our SDK. Options of how this could be resolved:
None of the options look particularly appealing but forking may be the least evil. Ideas? |
So, for every layer of yaml, |
@mikhailshilkov Given the latest response, I’d expect the upstream issues to take too long to wait, and we need a fix now, so I’d fork to increase the default recursion limit in the meantime. |
Is there the best practice for publishing forked NuGet packages? Any examples in the wild? |
I don’t know about best practice but in the past we’ve done it by publishing to an internal NuGet repository and configuring You could do the same but for a public repository and feed, which could be hosted on MyGet or GitHub packages etc. (Note: GitHub packages requires auth for private packages and I’m not sure if it requires auth for public packages, which would make it useless.) |
Before resorting to a fork, I tried changing YAML-parsing invokes to return a string of JSON rather than a raw untyped protobuf map. This fixed the issue at invoke time but the same issue re-appeared at resource invocation time: each CRD in that YAML is only 1 level less deep than the YAML overall, so resource creation hits the same max recursion threshold. So, I hit
|
Here is the draft of the forking plan:
I ran this sequence locally, without any publishing, and it does fix the original problem. I am able to deploy the CRDs from Any concerns about this proposal, technically or from the IP perspective? |
Sounds good. Only concern would be to ensure you follow any upstream updates. Also, I thought |
Thanks to everyone for waiting for so long: it took a while to investigate the issue, find an issue in the Protobuf .NET library, discuss it with maintainers, and finally come up with a workaround. The issue is now fixed in the latest alpha release ( |
That’s great news! Thanks for the effort that went into this. |
Awesome! Can't wait to get this built out. |
Thanks for sorting this @mikhailshilkov I can confirm it works as expected with the Alpha release, looking forward to getting it in once 2.8.1 is out! |
I think the next release is going to be 2.7.2 - I messed it up due to our alpha naming. I'll post an update here whenever the fix is released. |
This release fixes pulumi/pulumi#4224 where users were unable to install large CRDs using .NET.
https://github.com/pulumi/pulumi-kubernetes/releases/tag/v2.7.2 is out now with the fix |
I also want to thank @mikhailshilkov for implementing the work around for this unfortunate issue with dotnet grpc! ❤️ |
When using the following code in my C# Pulumi project:
and do
pulumi up
, the process fails with:I'm trying to automate the installation of cert-manager as described here. One of its first steps mentions I should install some custom resource definitions separately.
Perhaps I should be using a different class to get the
cert-manager.crds.yaml
applied?The text was updated successfully, but these errors were encountered: