Skip to content

Helm OCI Login is broken #11324

New issue
New issue
Closed
#11327
Closed
Helm OCI Login is broken#11324
#11327
Labels
bugSomething isn't working
@lancehudson

Description

@lancehudson
lancehudson
opened on Nov 16, 2022

Checklist:

  • I've searched in the docs and FAQ for my answer: https://bit.ly/argocd-faq.
  • I've included steps to reproduce the bug.
  • I've pasted the output of argocd version.

Describe the bug

I am using a helm chart dependency on a OCI helm repo. Under 2.14.X my config worked (I dont know when the error started exactly, the cache seems to be preventing it from affecting everything so far.)

Currently I am seeing this error

{"error":"Manifest generation error (cached): `helm registry login oci://ghcr.io/XXXXX/XXXXXXXX --username ****** --password ******` failed exit status 1: WARNING: Using --password ****** the CLI is insecure. Use --password-stdin.\ntime=\"2022-11-16T22:06:57Z\" level=info msg=\"Error logging in to endpoint, trying next endpoint\" error=\"Get \\\"https://oci/v2/\\\": dial tcp: lookup oci on XXXXXXXX:53: no such host\"\nError: Get \"https://oci/v2/\": dial tcp: lookup oci on XXXXXXX:53: no such host","grpc.code":"Unknown","grpc.method":"GenerateManifest","grpc.service":"repository.RepoServerService","grpc.start_time":"2022-11-16T22:45:56Z","grpc.time_ms":221.418,"level":"error","msg":"finished unary call with code Unknown","span.kind":"server","system":"grpc","time":"2022-11-16T22:45:57Z"}

It appears to be trying to login with helm registry login oci://ghcr.io instead of helm registry login https://ghcr.io

To Reproduce

Helm Chart with an OCI dependency

apiVersion: v2
name: template
description: A helm3 chart 
type: application
dependencies:
  - name: common
    version: "^1.0.4"
    repository: "oci://ghcr.io/XXXXXX/XXXXXX"
appVersion: 1.0.0
version: 1.0.0

an Application

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: test
  namespace: argocd
spec:
  project: project
  source:
    repoURL: 'https://github.com/XXXXXXXX'
    path: .
    targetRevision: main
    helm:
      releaseName: test
  destination:
    namespace: XXXXX
    name: XXXXX

oci helm secret

apiVersion: v1
kind: Secret
metadata:
  name: github-oci-common
  namespace: argocd
  labels:
    app.kubernetes.io/instance: argocd
    app.kubernetes.io/part-of: argocd
    argocd.argoproj.io/secret-type: repository
type: Opaque
stringData:
  enableOCI: "true"
  name: github-oci-common
  type: helm
  url: ghcr.io/XXXXXXX/XXXXXXX/common

oci helm secret creds

apiVersion: v1
kind: Secret
metadata:
  name: github-oci-common-creds
  namespace: argocd
  labels:
    app.kubernetes.io/instance: argocd
    app.kubernetes.io/part-of: argocd
    argocd.argoproj.io/secret-type: repo-creds
type: Opaque
stringData:
  enableOCI: "true"
  type: helm
  url: ghcr.io/XXXXXXX
  username: XXXXXX
  password: XXXXXX

Expected behavior

It should login correctly to the helm registry

Version

{
    "Version": "v2.5.1+504da42",
    "BuildDate": "2022-11-01T21:14:30Z",
    "GitCommit": "504da424c2c9bb91d7fb2ebf3ae72162e7a5a5be",
    "GitTreeState": "clean",
    "GoVersion": "go1.18.8",
    "Compiler": "gc",
    "Platform": "linux/amd64",
    "KustomizeVersion": "v4.5.7 2022-08-02T16:35:54Z",
    "HelmVersion": "v3.10.1+g9f88ccb",
    "KubectlVersion": "v0.24.2",
    "JsonnetVersion": "v0.18.0"
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions