Skip to content
This repository was archived by the owner on Mar 28, 2024. It is now read-only.
This repository was archived by the owner on Mar 28, 2024. It is now read-only.

More intuitive errors when the SSH secret isn't specified for SSH source #95

Open
Open
More intuitive errors when the SSH secret isn't specified for SSH source#95
@netthier

Description

@netthier
netthier
opened on Mar 31, 2023

Controller

  • KluctlDeployment

Who are you?

DevOps Engineer

What do you want to do?

I accidentally deployed a KluctlDeployment pulling from an SSH Git source, but forgot to specify the secretRef:

apiVersion: flux.kluctl.io/v1alpha1
kind: KluctlDeployment
metadata:
  name: foo
  namespace: bar
spec:
  interval: 1m
  source:
    url: ssh://[email protected]:2222/infra/kluctl-templates.git
    path: "./foo"
  context: default
  prune: true
  delete: true

It then failed to deploy with the following status: failed clone source: ssh: handshake failed: mkdir /.ssh: read-only file system.

The controller produced the following logs:

{"level":"info","ts":"2023-03-31T16:02:22.405Z","msg":"Updating git cache for ssh://[email protected]:2222/infra/kluctl-templates.git","c
ontroller":"kluctldeployment","controllerGroup":"flux.kluctl.io","controllerKind":"KluctlDeployment","KluctlDeployment":{"name":"keycloak","
namespace":"keycloak"},"namespace":"keycloak","name":"keycloak","reconcileID":"3cf4387c-5b91-45aa-8899-0eee1fe5dec6"}
{"level":"info","ts":"2023-03-31T16:02:22.406Z","msg":"Failed to connect to ssh agent for url ssh://[email protected]:2222/infra/kluctl-t
emplates.git: SSH agent requested but SSH_AUTH_SOCK not-specified","controller":"kluctldeployment","controllerGroup":"flux.kluctl.io","contr
ollerKind":"KluctlDeployment","KluctlDeployment":{"name":"keycloak","namespace":"keycloak"},"namespace":"keycloak","name":"keycloak","reconc
ileID":"3cf4387c-5b91-45aa-8899-0eee1fe5dec6"}
{"level":"info","ts":"2023-03-31T16:02:22.430Z","msg":"ssh: handshake failed: mkdir /.ssh: read-only file system","controller":"kluctldeploy
ment","controllerGroup":"flux.kluctl.io","controllerKind":"KluctlDeployment","KluctlDeployment":{"name":"keycloak","namespace":"keycloak"},"
namespace":"keycloak","name":"keycloak","reconcileID":"3cf4387c-5b91-45aa-8899-0eee1fe5dec6"}
{"level":"error","ts":"2023-03-31T16:02:22.436Z","msg":"Reconciliation failed after 30.840937ms, next try in 1m0s","controller":"kluctldeplo
yment","controllerGroup":"flux.kluctl.io","controllerKind":"KluctlDeployment","KluctlDeployment":{"name":"keycloak","namespace":"keycloak"},
"namespace":"keycloak","name":"keycloak","reconcileID":"3cf4387c-5b91-45aa-8899-0eee1fe5dec6","revision":"","error":"failed clone source: ss
h: handshake failed: mkdir /.ssh: read-only file system"}

I would like the error to be a bit more intuitive, possible referencing the missing secret directly.

Why do you need that?

People (such as me 10 minutes ago) will spend less time troubleshooting should they run into the same error.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions