Skip to content
This repository has been archived by the owner on Oct 12, 2023. It is now read-only.

Deployment not working - validation failed, resourcegroup is empty #123

Open
sukruthakittur opened this issue Aug 27, 2019 · 2 comments
Open

Deployment not working - validation failed, resourcegroup is empty #123

sukruthakittur opened this issue Aug 27, 2019 · 2 comments
Labels
bug Something isn't working

Comments

@sukruthakittur
Copy link

sukruthakittur commented Aug 27, 2019
edited
Loading

Describe the bug
Flex volumes when mounted as a deployment throws an error

Steps To Reproduce
Use the below deployment yaml

kind: Deployment
apiVersion: apps/v1
metadata:
  name: nginx-flexkv-deployment
  labels:
    app: nginx-flexkv
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx-flexkv
  template:
    metadata:
      labels:
        app: nginx-flexkv
    spec:
      containers:
      - name: nginx-flexkv
        image: nginx
        volumeMounts:
        - name: eekv
          mountPath: /kvmnt
          readOnly: true
      volumes:
      - name: eekv
        flexVolume:
          driver: "azure/kv"
          secretRef:
            name: eecreds
          options: 
            usepodidentity: "false"
            keyvaultname: "myvault"
            keyvaultobjectnames: user-name; password           # list of KeyVault object names (semi-colon separated)
            keyvaultobjecttypes: secret; secret            # list of KeyVault object types: secret, key or cert (semi-colon separated)
            # keyvaultobjectversions: ""          # [OPTIONAL] list of KeyVault object versions (semi-colon separated), will get latest if empty
            resourcegroup: "myresourcegroup"       # the resource group of the KeyVault
            subscriptionid: "mysubid"             # the subscription ID of the KeyVault
            tenantid: "mytenid"                   # the tenant ID of the KeyVault

Expected behavior
Should mount volume

Key Vault FlexVolume version
Latest

Access mode: service principal or pod identity
Service Principal

Kubernetes version
Client Version: v1.15.3
Server Version: v1.14.6

Additional context
Error: MountVolume.SetUp failed for volume "eekv" : mount command failed, status: Failure, reason: validation failed, resourcegroup is empty

The logs from agent node also gives the same error. I couldnt find anything else. I looked at issue #64 and using the same deployment yaml.
@sukruthakittur sukruthakittur added the bug Something isn't working label Aug 27, 2019
@sukruthakittur
Copy link
Author

Figured out the issue. The problem was that there was space between 2 secrets in "keyvaultobjectnames" and "keyvaultobjecttypes". The parser probably didnt like it, and manifested the issue as "resourcegroup is empty".

@ritazh
Copy link
Member

ritazh commented Aug 27, 2019

Thanks @sukruthakittur! Will make sure to address this in the next release.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ritazh @sukruthakittur