Troubleshoot Secretless Configuration

This topic describes some common configuration troubleshooting issues.

Error

Suggested resolution

Log output

Configuration is not specified or configuration is not found in the expected locations

Ensure you have a readable and valid configuration in one of the following paths:

./secretless.yml

$HOME/.secretless.yml

/etc/secretless.yml 

2019/10/25 12:28:32 Secretless v1.2.0-906f9eb starting up...
2019/10/25 12:28:32 Initializing health check on :5335...
2019/10/25 12:28:32 Initialization of health check done. You can access the endpoint at `/live` and `/ready`.
2019/10/25 12:28:32 [WARN]  Plugin hashes were not provided - tampering will not be detectable!
2019/10/25 12:28:32 Trying to load ./secretless.yml...
2019/10/25 12:28:32 WARN: Could not load ./secretless.yml. Skipping...
2019/10/25 12:28:32 Trying to load /home/secretless/.secretless.yml...
2019/10/25 12:28:32 WARN: Could not load /home/secretless/.secretless.yml. Skipping...
2019/10/25 12:28:32 Trying to load /etc/secretless.yml...
2019/10/25 12:28:32 WARN: Could not load /etc/secretless.yml. Skipping...
2019/10/25 12:28:32 ERROR: Unable to locate any working configuration files

Configuration specified but file not found

Ensure you have specified a readable and valid configuration path, which is passed to the secretless broker-f <path> parameter.

The log output indicates the location that the broker is trying to read.

 
2019/10/25 13:25:44 Secretless v1.2.0-906f9eb starting up...
2019/10/25 13:25:44 Initializing health check on :5335...
2019/10/25 13:25:44 Initialization of health check done. You can access the endpoint at `/live` and `/ready`.
2019/10/25 13:25:44 Trying to load configuration file: notthere.yml
2019/10/25 13:25:44 error reading config file 'notthere.yml': 'open notthere.yml: no such file or directory'

Configuration data in the incorrect format

Ensure you have a valid configuration in the specified path, which is passed to the secretless broker-f <path> parameter.

The log output indicates the location that the broker is trying to read.

 
2019/10/25 13:24:38 Secretless v1.2.0-906f9eb starting up...
2019/10/25 13:24:38 Initializing health check on :5335...
2019/10/25 13:24:38 Initialization of health check done. You can access the endpoint at `/live` and `/ready`.
2019/10/25 13:24:38 Trying to load configuration file: secretless.yml
2019/10/25 13:24:38 unable to load configuration when parsing version 2: 'yaml: unmarshal errors:
line 4: cannot unmarshal !!seq into map[string]*v2.serviceYAML'

Missing custom resource (CR)

  • Ensure you have a Secretless CRD defined, which is accessible in the same namespace as the Secretless broker

    kubectl get crd configurations.secretless.io

  • Ensure that the name provided as the custom resource (CR) name matches the one defined in Kubernetes.

     

    Secretless broker waits until a readable configuration matching the exact name is available and readable.

    		 
2019/10/28 12:25:28 Secretless v1.2.0-906f9eb starting up...
2019/10/28 12:25:28 Initializing health check on :5335...
2019/10/28 12:25:28 Initialization of health check done. You can access the endpoint at `/live` and `/ready`.
2019/10/28 12:25:28 [WARN]  Plugin directory '/usr/local/lib/secretless' not found. Ignoring external plugins...
2019/10/28 12:25:28 k8s/crd: Using home dir config...
2019/10/28 12:25:28 k8s/crd: Registering CRD watcher...
2019/10/28 12:25:28 k8s/crd: Using home dir config...
2019/10/28 12:25:28 [INFO]  Waiting for new configuration...

Custom resource (CR) configuration is not valid

Ensure that the custom resource (CR) definition, which is provided to the Secretless broker is a valid configuration.

You can use kubectl get configurations.secretless.io <name> --output=yaml to see the current CR to ensure validity.

 
2019/10/28 12:31:30 Secretless v1.2.0-906f9eb starting up...
2019/10/28 12:31:30 Initializing health check on :5335...
2019/10/28 12:31:30 Initialization of health check done. You can access the endpoint at `/live` and `/ready`.
2019/10/28 12:31:30 [WARN]  Plugin directory '/usr/local/lib/secretless' not found. Ignoring external plugins...
2019/10/28 12:31:30 k8s/crd: Using home dir config...
2019/10/28 12:31:30 k8s/crd: Registering CRD watcher...
2019/10/28 12:31:30 k8s/crd: Using home dir config...
2019/10/28 12:31:39 k8s/crd: Add configuration event
2019/10/28 12:31:39 secretless-example-config2
2019/10/28 12:31:39 WARN: v1 configuration is now deprecated and will be removed in a future release
2019/10/28 12:31:39 k8s/crd: WARN: New CRD could not be turned into a config.Config!

Using a v2 configuration file with an older version of Secretless causes an error and Secretless is unable to load your configuration file

Update your deployment to use a version of Secretless that is greater than or equal to v0.8.0 and then redeploy your application.

 
2019/07/01 12:42:16 Secretless v1.2.0-906f9eb starting up...
2019/07/01 12:42:16 Initializing health check on :5335...
2019/07/01 12:42:16 Initialization of health check done. You can access the endpoint at `/live` and `/ready`.
2019/07/01 12:42:28 Trying to load configuration file: /etc/secretless/secretless.yml
2019/07/01 12:42:28 Failed to initialize configuration manager 'configfile': Unable to parse configuration: 'yaml: unmarshal errors:
line 1: field version not found in type config.Config
line 3: field services not found in type config.Config'