Strange template rendering YAML errors

[MikaelSmith]

Given a config like this (at manifests/config.yaml)

apiVersion: kots.io/v1beta1
kind: Config
metadata:
  name: config
spec:
  groups:
  - name: setup
    title: Setup
    items:
    - name: hostname
      type: text
      title: Hostname
      required: true
    - name: enable_ingress
      type: bool
      default: "1"
    - name: tls_cert_method
      type: select_one
      title: TLS certificate method
      default: self_signed
      items:
      - name: self_signed
        title: Generate self-signed certificate (expires in 365 days)
      - name: manual
        title: Provide certificates
      - name: auto
        title: Automatic generator (such as cert-manager)
      when: '{{repl ConfigOptionEquals "enable_ingress" "1"}}'
    - name: ingress_certs
      type: textarea
      hidden: true
      value: repl{{$ca := genCA "ingress-ca" 365}}repl{{$cert := genSignedCert (ConfigOption "hostname") nil (list (ConfigOption "hostname") (print "*." (ConfigOption "hostname"))) 365 $ca}}repl{{cat ($ca.Cert | b64enc) ($cert.Cert | b64enc) ($cert.Key | b64enc)}}
      when: '{{repl and (ConfigOptionEquals "enable_ingress" "1") (ConfigOptionEquals "tls_cert_method" "self_signed")}}'
    - name: self_ingress_ca
      type: textarea
      hidden: true
      value: repl{{(split " " (ConfigOption "ingress_certs"))._0 | b64dec}}
      when: '{{repl and (ConfigOptionEquals "enable_ingress" "1") (ConfigOptionEquals "tls_cert_method" "self_signed")}}'
    - name: self_ingress_cert
      type: textarea
      hidden: true
      value: repl{{(split " " (ConfigOption "ingress_certs"))._1 | b64dec}}
      when: '{{repl and (ConfigOptionEquals "enable_ingress" "1") (ConfigOptionEquals "tls_cert_method" "self_signed")}}'
    - name: self_ingress_key
      type: textarea
      hidden: true
      value: repl{{(split " " (ConfigOption "ingress_certs"))._2 | b64dec}}
      when: '{{repl and (ConfigOptionEquals "enable_ingress" "1") (ConfigOptionEquals "tls_cert_method" "self_signed")}}'

rendering it with

kubectl kots pull cd4pe --local-path manifests --rootdir output --exclude-admin-console --exclude-kots-kinds=false

produces an error in installation.yaml

  yamlErrors:
  - error: 'yaml: line 39: could not find expected '':'''
    path: config.yaml

It seems to render as valid YAML when I look at base/userdata/config.yaml.

Note that I have seen some strange fragility in rendering this when I change it, so I'm going to keep exploring that. It's a more complicated repro than I think it needs to be because of that.

[emosbaugh]

The errors will be hidden from the ui in this pr #819

The underlying issue will have to be fixed so that the config.yaml does not trigger that error

[emosbaugh]

Resolved by #824

[MikaelSmith]

I simplified the example

apiVersion: kots.io/v1beta1
kind: Config
metadata:
  name: config
spec:
  groups:
  - name: setup
    title: Setup
    items:
    - name: ingress_ca
      type: textarea
      value: repl{{TLSCert "cert" "foo.com" nil nil 365 }}
    - name: other
      type: textarea

I still get an error in yamlErrors when I do kots pull on it

apiVersion: kots.io/v1beta1
kind: Installation
metadata:
  creationTimestamp: null
  name: replicated-kots-app
spec:
  encryptionKey: UZVUwZA1XlguhKqhi2L4X1FdV9OD1xg6rzDna29XcEMnQfIG
  yamlErrors:
  - error: 'yaml: line 14: could not find expected '':'''
    path: config.yaml
status: {}

I'm using a build based on a64f3e6 to test.

[MikaelSmith]

Also, https://mikefarah.gitbook.io/yq/ still shows both the input config.yaml and output in base/userdata as valid YAML.

[emosbaugh]

I will reopen the issue and test tomorrow with your example

[emosbaugh]

Thank you for the simple repro

[MikaelSmith]

This still seems to be a problem, and is being highlighted in "Version history" again.

[emosbaugh]

can you explain to me your use case for setting --exclude-kots-kinds=false?

[MikaelSmith]

I think I was just using it to see the result of rendering config.yaml. It's not relevant to the error.

I can reproduce with kubectl kots pull blank --local-path manifests --rootdir output.

[emosbaugh]

What version of kots are you running? I can only reproduce with --exclude-kots-kinds=false on 1.18.0 kots.

$ kubectl kots pull default --local-path manifests --rootdir output --exclude-admin-console 

  • Pulling upstream ✓  
  • Creating base ✓  
  • Creating midstream ✓  

    Kubernetes application files created in /home/ethan/go/src/github.com/replicatedhq/kots/test/output/replicated-kots-app

    To deploy, run kubectl apply -k /home/ethan/go/src/github.com/replicatedhq/kots/test/output/replicated-kots-app/overlays/midstream

$ cat output/replicated-kots-app/upstream/userdata/installation.yaml apiVersion: kots.io/v1beta1
kind: Installation
metadata:
  creationTimestamp: null
  name: replicated-kots-app
spec:
  encryptionKey: ZsVzKVFKSCshDPZ8Bnx3lmAhzQ1y82dEFIhr1F/LGICRLwoO
status: {}
$ kubectl kots version
Replicated Kots 1.18.0

[MikaelSmith]

Ok, maybe it's showing it for versions that were rendered before I upgraded my console to 1.18.0. The very latest release doesn't show the warning anymore.

[MikaelSmith]

This hasn't recurred, so I think it's ok to consider it fixed.