Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Repo Credential Template - Charts generates wrong Base64 GH App Private Key #3041

Open
leanst-daniel opened this issue Nov 19, 2024 · 0 comments
Open

Repo Credential Template - Charts generates wrong Base64 GH App Private Key #3041

leanst-daniel opened this issue Nov 19, 2024 · 0 comments
Labels
argo-cd bug Something isn't working

Comments

@leanst-daniel
Copy link

Describe the bug

We deploy ArgoCD with the official Helm chart (via Terraform) and experiencing an issue with configuring Repo Credential Templates with GH Apps. The secret that is created via the Helm Chart contains the correct information but the Base64 String for the GH Private Key is wrong.

If we do the deployment via the Helm Chart the repo access doesn't work because of a 403 Forbidden. If we create the same credentials manually with the exact same data it's working. After investigating the two secrets, the one generated from the Helm Chart and the one that was created from the manual creating, I realized that the Base64 String for the private key is different. Only the last two characters are not the same:

From Helm:
abdcwasd1234VkFURSBLRVktLS0tLQo=

Manually created:
abdcwasd1234VkFURSBLRVktLS0tLQ==

Related helm chart

argo-cd

Helm chart version

7.7.3

To Reproduce

  • Deploy the Helm Chart with values like this:
configs:  
  credentialTemplates:  
  cw-modernapplicationplatform:  
          githubAppEnterpriseBaseUrl: https://github.com/api/v3  
          githubAppID: 1234  
          githubAppInstallationID: '1234'  
          githubAppPrivateKey: |  
            -----BEGIN RSA PRIVATE KEY-----
            MIIEpQIBAAKCAQEAxa6EKHiIgQxcP/xiNniSFP6dIBX7piK7rKj9Xp2f4FVhPjCn
            SZJS5KvoVD7aiyAOaAjSxLi/SmpLTAU+lY+M28e55gzXxT+pONZAMA1PaKy18BoY
            /w/Aio+VBr6kqbrxCsuQW+ovohOW9itvp5YQRetPX6pLizODyrL1waVeG64wqsFy
            tSz4QSDV1qVMNaQuzOBc5j+SmiPRxoS5rFk80ZM16TazCTRBCqmbCqP8p03O39eb
            --- SNIP --- 
            YDvXzqr3YHV6FVMgOrKdj5SVI2BiL6DCzinpAbMyPLWt3p3fXJf3i2H1+Vb5a3BE
            Zy/5qNIkwQvpqAExPwHfaodTN1KP22fxQwkit/OUSA30GrufMSfoDi68n4oHmyFj
            Ey94GKcO0Lnw1BKZI7ZgvJyw0esp6FE418nVw2IxAoGBAN5sRWPAGV2n+6FmSwow
            EWgLuqKRN9ZXepsF155vKdyO9p7tb9GvKR+qaJTv/tQubgouVYGF0ATwLcfDZXNp
            HgKOmlm1hjNBwsEuzZw40eXEQ+Vqhku44PFCJ9APxC2vMoV2Xpk3Q84JM99ev8AM
            9bhPmCE5hV7qTVFsIz6UHNk9AoGAYfQrnZgk+5gcyEE37mFMxHUEmZn9q9vB1e3N
            zE9a1OVbuTqppmTeRDklrXOAO1N9JPJz9U0QYiqMwqhLwE5GvMaNsMxgUoPrxuJz
            oJhlWYOrF/qRY465OZF5GtsqwFCeIcNUgEeD8ehKRAgAFMFq0PtEmErTm8Ecpk3S
            /5a/X7ECgYEAvEST21kk80prDoabQGoPHW35O6jRII5ksfrb9El6SoKPmZW+NncK
            qe7SIu1qXOyU/rOovzomSC9Tw1OV12lXJsELUjGYzMptWV6ZyKqJRrleIizIrJbg
            KVB5k3tcSJdE7a/QKci1NAF5SuJf9jrbi0vSw9iDEZ/avp0uqtk0az8=
            -----END RSA PRIVATE KEY-----
          url: https://github.com/myrepo
  • Create a Repo Credential Template from the ArgoCD using the same data.
  • Compare the Base64 Strings from the Helm Chart and manually created Secret
  • Notice the difference

Looks to me like a incorrect Base64 rendering.

Expected behavior

The Base64 String for the private key should be generated correctly

Screenshots

No response

Additional context

No response
@leanst-daniel leanst-daniel added the bug Something isn't working label Nov 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
argo-cd bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mkilchhofer @leanst-daniel