kyverno [BUG] Deploying via helm with custom release name fails webhook config Go

Software version numbers * Kubernetes version: (on all) * Kyverno version: 1.3.6

Describe the bug When specifying a helm release name != 'kyverno' , the webhook cannot be configured properly. The logs will show common.go:61] Register "msg"="failed to construct OwnerReference" "error"="deployments.apps \"kyverno\" not found"

To Reproduce 1. deploy using helm-chart, be sure to specify a release name != kyverno 2. observe the pods/deployment getting stuck 3. check the logs

Expected behavior Deployment working happy, webhook configured

Additional context - https://github.com/kyverno/kyverno/blob/main/pkg/webhookconfig/common.go#L61 - https://github.com/kyverno/kyverno/blob/main/pkg/config/config.go#L119 - KYVERNO_DEPLOYMENT variable is not set

  • wondering why it wants the name of the deployment instead of the service?
Asked Oct 07 '21 17:10
avatar hans-d
hans-d
Go kyverno

5 Answer:

@hans-d - thanks for filing the issue. We'll investigate it and keep you posted.

1
Answered Jun 11 '21 at 19:46
avatar of realshuting
realshuting

Hi @hans-d this is usually because you have a different deployment name than kyverno , we don’t allow custom deployment name. currently, We set webhookconfig’s owner to Kyverno deployment:

  ownerReferences:
  - apiVersion: extensions/v1beta1
    kind: Deployment
    name: kyverno
    uid: uid
1
Answered Jun 15 '21 at 09:18
avatar of vyankyGH
vyankyGH

With helmfiles it's quite common do have some release name. In this case, by setting the KYVERNO_DEPLOYMENT in the dpeloyment it should work. Otherwise the helm templates should be adjusted to use a fixed name instead of the release name.

1
Answered Jun 15 '21 at 14:53
avatar of hans-d
hans-d

With helmfiles it's quite common do have some release name. In this case, by setting the KYVERNO_DEPLOYMENT in the dpeloyment it should work. Otherwise the helm templates should be adjusted to use a fixed name instead of the release name.

I agree with that. Since we don't allow custom name of the Deployment, we should change the Helm templates using the fixed name. Would you be interested in contributing a PR?

And can you please log a separate issue to make this name configurable? I recall there were users asking for this feature as well. We'll have to check what needs to be changed in order to get this work.

1
Answered Jun 15 '21 at 21:50
avatar of realshuting
realshuting

Can we get this issue re-opened please? It's not yet fixed.

(cc @NoSkillGirl)

1
Answered Jun 28 '21 at 07:07
avatar of MarcusNoble
MarcusNoble

Read next

Meta

Repository: /
Status: Unknown

Recently posts

Use say command in console may cause connection disconnect. - Java Mindustry ScalaJSON AST first milestone release on scala-platform - Scala json4s Interaction object documentation seems wrong - JavaScript discord-api-docs Not working in Android 10 - Android-FilePicker Allow disabling systemd-sysv-generator warnings about lack of native unit file C ballerina-lang Array size greater than 2,147,483,647 causes error Java Kubernetes is stuck on starting after enabling it on Docker for Windows 10 - for-win moby SWARM Mode - Docker binds ingress ports always on 0.0.0.0 - Go Sorting by date not working - ElasticPress qBittorrent Program No Longer Working - Cplusplus framework APP_KEY not cached unless config:cache is run twice PHP Direction for finding zookeeper issues - Go clickhouse-operator