-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
error reading BasicDigestAuth annotation in Ingress <ns>/<ingress> #5323
Comments
@zeph just in case, I cannot reproduce what you describe following the example Edit: please make sure you are using the latest version |
Please check the secret is there, |
@aledbf I did (the kubectl get... the Secret resource is indeed there) latest version of the ingress-controller? I'm working in a pretty controlled env, that is going to get challenging |
looking at your gist... |
Just test 0.27.1 and still works |
Also tried using a different ns for the secret
|
still the Ingress definition is in namespace |
I'm just spotting the differences, if things are too obvious or uncorrelated... I... |
I mean, the error seems exactly the one at #3493 |
Still working
|
|
$ k8s get svc kafka-web-cp-kafka-rest -o yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: "2020-03-23T10:57:31Z"
labels:
app: cp-kafka-rest
app.kubernetes.io/instance: kafka-web
chart: cp-kafka-rest-0.1.0
heritage: Tiller
release: kafka-web
name: kafka-web-cp-kafka-rest
namespace: infrastructure
resourceVersion: "297498516"
selfLink: /api/v1/namespaces/infrastructure/services/kafka-web-cp-kafka-rest
uid: 311a848d-6039-41e7-b544-4b4d4c997151
spec:
clusterIP: 172.31.133.143
ports:
- name: rest-proxy
port: 8082
protocol: TCP
targetPort: 8082
selector:
app: cp-kafka-rest
release: kafka-web
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {} |
$ k8s get ing kafka-web-kafka-topics-ui -o yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/auth-realm: '"like ArgoCD !SSO"'
nginx.ingress.kubernetes.io/auth-secret: basic-auth
nginx.ingress.kubernetes.io/auth-type: basic
creationTimestamp: "2020-03-23T12:10:46Z"
generation: 1
labels:
app: kafka-topics-ui
app.kubernetes.io/instance: kafka-web
chart: kafka-topics-ui-0.2.0
heritage: Tiller
release: kafka-web
name: kafka-web-kafka-topics-ui
namespace: infrastructure
resourceVersion: "302102842"
selfLink: /apis/extensions/v1beta1/namespaces/infrastructure/ingresses/kafka-web-kafka-topics-ui
uid: f23c2afc-d627-49ac-ae3d-1bf62b1f6e8f
spec:
rules:
- host: kafka.dss.kube
http:
paths:
- backend:
serviceName: kafka-web-kafka-topics-ui
servicePort: http
path: /
status:
loadBalancer:
ingress:
- ip: 172.31.40.16
- ip: 172.31.40.17
- ip: 172.31.40.18 |
$ k8s get secret basic-auth -o yaml
apiVersion: v1
data:
auth: <removed>MQo=
kind: Secret
metadata:
creationTimestamp: "2020-04-03T13:05:20Z"
name: basic-auth
namespace: infrastructure
ownerReferences:
- apiVersion: bitnami.com/v1alpha1
controller: true
kind: SealedSecret
name: basic-auth
uid: 08bd8aa3-6f3a-4f97-aa9e-bc27c428e275
resourceVersion: "302098017"
selfLink: /api/v1/namespaces/infrastructure/secrets/basic-auth
uid: 5a672646-9098-44fb-9d4f-d7e07883fd1b
type: Opaque |
doesn't look like science fiction compared to your test... but, it doesn't work :/ |
@aledbf aside of NGINX (ingress-controller) who might provide me logs ... or where can I increase verbosity to be able to triage this thing? I mean, given your feedback seems it shall "just" work, out of the box |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
Rotten issues close after 30d of inactivity. Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
@fejta-bot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
I just copy pasted through https://kubernetes.github.io/ingress-nginx/examples/auth/basic/
E0403 13:01:51.116636 8 annotations.go:200] error reading BasicDigestAuth annotation in Ingress <ns>/<ingress>: unexpected error reading secret <ns>/<secret>: no object matching key "<ns>/<secret>" in local store
I have Ingress Controller
0.27.1
and kubernetes:p.s. yes, I do create the Secret resource via SealedSecret, but that shall not be of concern (it simply gets automatically generated by the decoded templated)... the yaml structure is 1:1 of the one of the example, with the xtra of the
ownerReferences
, that's itThe text was updated successfully, but these errors were encountered: