I want to create a secret in my argo workflow but it does not create. If I run the workflow and I run the comman kubectl get secret -n argo-events the secret is not created
I am using shipwright for my build
I created a dag which is dependent on each other. After the secret is created the shipwright build calls the secret.
but the secret is not creating...
apiVersion: argoproj.io/v1alpha1
kind: Sensor
metadata:
name: argo-service-sensor-with-dockerfile
namespace: argo-events
spec:
template:
serviceAccountName: operate-workflow-sa
dependencies:
- name: deploy-service-with-dockerfile
eventSourceName: deploy-service-with-dockerfile-event
eventName: example
triggers:
- template:
name: webhook-workflow-trigger
k8s:
group: argoproj.io
version: v1alpha1
resource: workflows
operation: create
source:
resource:
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
generateName: service-workflow-with-dockerfile-
spec:
serviceAccountName: deployer-sa
entrypoint: serviceWorkflow
arguments:
parameters:
- name: repo_url
value: hello world
- name: cpu_limit
value: hello world
- name: git_branch
value: hello world
- name: username
value: hello world
- name: token
value: hello world
templates:
- name: serviceWorkflow
inputs:
parameters:
- name: username
value: "{{inputs.parameters.username}}"
- name: token
value: "{{inputs.parameters.token}}"
- name: repo_url
value: "{{inputs.parameters.repo_url}}"
- name: cpu_limit
value: "{{inputs.parameters.cpu_limit}}"
- name: git_branch
value: "{{inputs.parameters.git_branch}}"
dag:
tasks:
- name: createSecretForGithub
template: create-secret-for-github
arguments:
parameters:
- name: username
value: "{{inputs.parameters.username}}"
- name: token
value: "{{inputs.parameters.token}}"
- name: buildNodeServiceWorkflowWithDockerfile
template: build-node-with-dockerfile
arguments:
parameters:
- name: repo_url
value: "{{inputs.parameters.repo_url}}"
- name: cpu_limit
value: "{{inputs.parameters.cpu_limit}}"
- name: git_branch
value: "{{inputs.parameters.git_branch}}"
depends: createSecretForGithub.Succeeded
- name: showFailedMessage
template: build-failed
depends: buildNodeServiceWorkflowWithDockerfile.Failed
- name: deleteSecret
template: delete-secret
depends: buildNodeServiceWorkflowWithDockerfile.Succeeded
- name: curlAWebsite
template: curl-a-website
depends: deleteSecret.Succeeded
- name: create-secret-for-github
inputs:
parameters:
- name: username
value: "{{inputs.parameters.username}}"
- name: token
value: "{{inputs.parameters.token}}"
resource:
action: create
setOwnerReference: true
failureCondition: status.conditions.0.reason == Failed
successCondition: status.conditions.0.reason == Succeeded
manifest: |
apiVersion: v1
kind: Secret
metadata:
name: secret-git-basic-auth
namespace: argo-events
annotations:
build.shipwright.io/referenced.secret: "true"
type: kubernetes.io/basic-auth
stringData:
username: username
password: password
- name: build-node-with-dockerfile
inputs:
parameters:
- name: repo_url
value: "{{inputs.parameters.repo_url}}"
- name: cpu_limit
value: "{{inputs.parameters.cpu_limit}}"
- name: git_branch
value: "{{inputs.parameters.git_branch}}"
resource:
action: create
setOwnerReference: true
failureCondition: status.conditions.0.reason == Failed
successCondition: status.conditions.0.reason == Succeeded
manifest: |
apiVersion: shipwright.io/v1alpha1
kind: BuildRun
metadata:
generateName: buildpack-nodejs-buildrun-with-dockerfile-
spec:
buildSpec:
source:
url: "{{inputs.parameters.repo_url}}"
credentials:
name: secret-git-basic-auth
strategy:
name: kaniko
kind: ClusterBuildStrategy
output:
image: aws/demo-app:latest
credentials:
name: ecr-docker-configjson
- name: curl-a-website
container:
image: curlimages/curl:latest
command:
- "sh"
args:
- -c
- |
echo $(curl -d '{"bucketName":"node-app", "repoUrl": "git-url", "completedWebhook", "", "cpu_limit": "1"}' -H "Content-Type: application/json" -X POST https://webhook.site/749f85b1-e5b6-4fa5-a7aa-7170dc1178ef)
- name: build-failed
container:
image: alpine:3.6
command: [sh, -c]
args: ['echo "the flakey container failed"']
- name: delete-secret
script:
image: debian:9.4
command: [bash]
source: |
cat /dev/urandom | od -N2 -An -i | awk -v f=1 -v r=100 '{printf "%i\n", f + r * $1 / 65536}'
parameters:
- src:
dependencyName: deploy-service-with-dockerfile
dataKey: body.repo_url
dest: spec.arguments.parameters.0.value
- src:
dependencyName: deploy-service-with-dockerfile
dataKey: body.cpu_limit
dest: spec.arguments.parameters.1.value
- src:
dependencyName: deploy-service-with-dockerfile
dataKey: body.git_branch
dest: spec.arguments.parameters.2.value
- src:
dependencyName: deploy-service-with-dockerfile
dataKey: body.username
dest: spec.arguments.parameters.3.value
- src:
dependencyName: deploy-service-with-dockerfile
dataKey: body.token
dest: spec.arguments.parameters.4.value
This is my log
time="2023-09-23T12:27:19 UTC" level=info msg="Waiting for resource secret./secret-git-basic-auth in namespace argo-events resulte
d in retryable error: Neither success condition nor the failure condition has been matched. Retrying..."
time="2023-09-23T12:27:24 UTC" level=info msg="failure condition '{status.phase == [Failed]}' evaluated false"
time="2023-09-23T12:27:24 UTC" level=info msg="success condition '{status.phase == [Succeeded]}' evaluated false"
time="2023-09-23T12:27:24 UTC" level=info msg="0/1 success conditions matched"
time="2023-09-23T12:27:24 UTC" level=info msg="Waiting for resource secret./secret-git-basic-auth in namespace argo-events resulte
d in retryable error: Neither success condition nor the failure condition has been matched. Retrying..."
time="2023-09-23T12:27:29 UTC" level=info msg="failure condition '{status.phase == [Failed]}' evaluated false"
time="2023-09-23T12:27:29 UTC" level=info msg="success condition '{status.phase == [Succeeded]}' evaluated false"
time="2023-09-23T12:27:29 UTC" level=info msg="0/1 success conditions matched"
time="2023-09-23T12:27:29 UTC" level=info msg="Waiting for resource secret./secret-git-basic-auth in namespace argo-events resulte
d in retryable error: Neither success condition nor the failure condition has been matched. Retrying..."