You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While trying to bootstrap a talos linux cluster by placing argocd in a talos cluster inlineManifest and at the same time create the argocd certificates with cert-manager, due to races at bootstrap times, argocd ends up starting before the certificate secret is actually created, so I end up with a broken argocd, one which has bogus certificates.
Related helm chart
argo-cd
Describe the solution you'd like
Some kind of chart variable to make all the tls related volumes as non-optional.
For example, a way to modify the optional: true at:
Hi @rgl , thank you for opening an issue.
argo-helm follows upstreams' manifest. The values you mention are optional in upstream, so changing default config is not reasonable.
On the other hand, I think it makes sense to add attributes in values.yaml to override the optional flag. 🤔
Hi @rgl - for race conditions or pod restarts on change in secret / configmaps I can also recommend Reloader project that solves this and is applicable for other things inside of the cluster.
Is your feature request related to a problem?
While trying to bootstrap a talos linux cluster by placing argocd in a talos cluster inlineManifest and at the same time create the argocd certificates with cert-manager, due to races at bootstrap times, argocd ends up starting before the certificate secret is actually created, so I end up with a broken argocd, one which has bogus certificates.
Related helm chart
argo-cd
Describe the solution you'd like
Some kind of chart variable to make all the tls related volumes as non-optional.
For example, a way to modify the
optional: true
at:https://github.com/argoproj/argo-helm/blob/argo-cd-7.3.9/charts/argo-cd/templates/argocd-server/deployment.yaml#L493-L512
From what I understood, that would prevent argo from being started until the, e.g., argocd-server-tls, secret exists.
Describe alternatives you've considered
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: