K
Q

Concourse CI can't find kubernetes secrets

3/22/2018

I'm receiving the following error when the runner is trying to retrieve a resource:

checking failed -
Expected to find variables: git

my resource looks similar to:

- name: resource-repo
  type: git
  source:
    uri: https://[url]
    branch: master
    tag_filter: '*'
    username: ((git.username))
    password: ((git.password))

my values.yaml for the helm chart includes:

rbac:
  create: false

credentialManager:
  kubernetes:
    namespacePrefix: concourse

(regardless, the release name is concourse)

under namespace concourse-main i have the the secret:

Details
Name: git
Namespace: concourse-main
Type: Opaque

Data
password:  bytes
username:  bytes

further information:

  • k8s 1.8.6
  • kops 1.8.1
  • weavenet
  • Concourse 3.9.1
-- Deano
concourse
kubernetes
kubernetes-secrets

Similar Questions

Running A cronjob in a pod in Kubernetes
Forward to ExternalName with traefik in kubernetes as the documenation suggests
kubernetes copy command does not respond
"Failed create pod sandbox" pod error in AWS Kubernetes cluster

1 Answer

3/22/2018

Based on information from the documentation:

By default, this chart will use Kubernetes Secrets as a credential manager. For a given Concourse team, a pipeline will look for secrets in a namespace named [namespacePrefix][teamName]. The namespace prefix is the release name hyphen by default, and can be overridden with the value credentialManager.kubernetes.namespacePrefix.

In your configuration, I see the secret in a namespace of your secret is concourse-main, but a default namespacePrefix is concourse.

So, Concourse trying to get your secret from a wrong namespace.

You can fix it using two ways:

  1. Create a secret in the namespace concourse.
  2. Change namespacePrefix to concourse-main.
-- Anton Kostenko
Source: StackOverflow