imagepullSecrets not working?
# 🌱|help-and-getting-startedq
quick-answer-45507
02/21/2023, 4:37 PMSo i have this current config....
Copy code
providers:
- name: local-kubernetes
context: minikube
environments: [dev]
defaultHostname: "whenidev.net"
setupIngressController: false
deploymentRegistry:
hostname: nexus-docker-out.build-tools.DOMAIN-production.com
namespace: default
imagePullSecrets:
- name: gitlab
copySecrets:
- name: gitlab Copy code
imagePullSecrets:
- name: gitlabb
bright-policeman-43626
02/22/2023, 7:37 AMHello there! First action I would take:
1. check if the secret actually exists in the namespace you are trying to pull from and make sure the content is valid.
2. Could you describe the pod and share the details at the end, perhaps we can find a little bit more of details over there?
Thanks for reporting this hopefully we can find a nice solution for it❤️
q
quick-answer-45507
02/22/2023, 1:46 PMthis is the pod in question,
Copy code
apiVersion: apps/v1
kind: Deployment
metadata:
name: dynamodb
spec:
selector:
matchLabels:
app: dynamodb
template:
metadata:
labels:
app: dynamodb
spec:
volumes:
- name: dbstorage
persistentVolumeClaim:
claimName: dynamodb-pv-claim
containers:
- name: dynamodb
image: nexus-docker-out.build-tools.wheniwork-production.com/amazon/dynamodb-local:1.12.0
args: ["-jar", "DynamoDBLocal.jar", "-sharedDb", "-dbPath", "./data"]
ports:
- containerPort: 8000
volumeMounts:
- name: dbstorage
mountPath: /home/dynamodblocal/data
- name: dynamodb-ui
image: nexus-docker-out.build-tools.wheniwork-production.com/aaronshaf/dynamodb-admin:latest
ports:
- containerPort: 8001
env:
- name: DYNAMO_ENDPOINT
value: "http://localhost:8000"
imagePullSecrets:
- name: gitlabquick-answer-45507
02/22/2023, 1:46 PMand i manually verified the secret was there in both the default namespace and the garden-default one
quick-answer-45507
02/22/2023, 2:27 PMi think the issue is garden isnt adding the imagepullsecret to the default service account....
b
bright-policeman-43626
02/22/2023, 2:58 PMWould you mind doing a « kubectl get secrets » in the namespace you deployed dynamodb?
bright-policeman-43626
02/22/2023, 3:20 PMAlso can you share the garden module configuration you are using for it? ✨
q
quick-answer-45507
02/22/2023, 5:30 PM Copy code
kind: Module
type: kubernetes
name: dynamodb
files:
- ./container.yamlquick-answer-45507
02/22/2023, 5:30 PM Copy code
kubectl get secrets -n garden-default
NAME TYPE DATA AGE
gitlab kubernetes.io/dockerconfigjson 1 25mq
quaint-dress-831
02/24/2023, 10:43 AMAre you able to pull from GitLab's container registry locally? So
docker login registry.example.comquaint-dress-831
02/24/2023, 10:44 AMThat way we remove any additional variables that could be in the way
quaint-dress-831
02/24/2023, 10:44 AMAlso: thank you for being patient with us 🙂
q
quick-answer-45507
02/24/2023, 11:13 PMno worries at all, and yes docker login works fine and docker pull works.
f
freezing-pharmacist-34446
02/27/2023, 11:21 AMSo garden automatically copies the specified
imagePullSecretimagePullSecretb
bright-policeman-43626
03/03/2023, 5:00 PMhey @quick-answer-45507 just wanted to check-in and see if everything ended up working on your side? I would be happy to help you debug this issue further
b
big-spring-14945
03/06/2023, 11:58 AM@quick-answer-45507 Sorry for not spotting this earlier, we can confirm that this is a bug when using the kubernetes-module type and we'll resolve this with high priority. https://github.com/garden-io/garden/issues/3894
q
quick-answer-45507
03/06/2023, 12:52 PMSo I’m not crazy! Awesome
f
freezing-pharmacist-34446
03/06/2023, 1:08 PMThis bug above is about the secrets not being copied to the namespace where the garden environment is deployed to, however if i understood you correctly your secret gets copied but is not picked up by the service you want to deploy @quick-answer-45507 ? Just making sure we are not missing another bug here 🙂
q
quick-answer-45507
03/06/2023, 1:17 PMCorrect
114 Views