Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Setting up helm chart with external MySQL throws error on secretName #570

Open
esn89 opened this issue Sep 30, 2024 · 2 comments
Open

[Bug] Setting up helm chart with external MySQL throws error on secretName #570

esn89 opened this issue Sep 30, 2024 · 2 comments
Labels
bug Something isn't working

Comments

@esn89
Copy link

esn89 commented Sep 30, 2024
edited
Loading

What are you really trying to do?

Trying to run temporal with MySQL hosted as CloudSQL instance on GCP, with Cloud Proxy Sidecar

Describe the bug

Deploying it via ArgoCD like so:

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  annotations:
    argocd.argoproj.io/sync-wave: "4"
  name: 'temporal-{{ .Values.project }}-{{ .Values.clusterName }}'
  namespace: argocd
spec:
  destination:
    namespace: temporal
    server: {{ .Values.clusterAddress }}
  project: sre-management
  source:
    repoURL: https://temporalio.github.io/helm-charts
    targetRevision: 0.46.0
    chart: temporal
    helm:
      parameters:
      - name: serviceAccount.name
        value: temporal-sa
      - name: server.sidecarContainers.name
        value: cloud-sql-proxy
      - name: server.sidecarContainers.image
        value: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.13.0
      - name: 'server.sidecarContainers.command[0]'
        value: '--auto-iam-authn'
      - name: 'server.sidecarContainers.command[1]'
        value: '--private-ip'
      - name: 'server.sidecarContainers.command[2]'
        value: 'my-gcp-project:us-central1:temporal-mysql'
      - name: server.sidecarContainers.securityContext.runAsNonRoot
        value: 'true'
      - name: mysql.enabled
        value: 'false'
      - name: cassandra.enabled
        value: 'false'
      - name: grafana.enabled
        value: 'false'
      - name: prometheus.enabled
        value: 'false'
      - name: elasticsearch.enabled
        value: 'false'
      - name: server.config.persistence.default.driver
        name: 'mysql'
      - name: server.config.persistence.default.sql.driver
        value: 'mysql'
      - name: server.config.persistence.default.sql.host
        value: '127.0.0.1'
      - name: server.config.persistence.default.sql.port
        value: '3306'
      - name: server.config.persistence.default.sql.database
        value: 'temporal'
      - name: server.config.persistence.default.sql.user
        value: 'temporal-sa'
      - name: server.config.persistence.default.sql.secretName
        value: 'tttsa'
      - name: server.config.persistence.visibility.driver
        value: 'mysql'
      - name: server.config.persistence.visibility.sql.driver
        value: 'mysql'
      - name: server.config.persistence.visibility.sql.host
        value: '127.0.0.1'
      - name: server.config.persistence.visibility.sql.port
        value: '3306'
      - name: server.config.persistence.visibility.sql.database
        value: 'temporal_visibility'
      - name: server.config.persistence.visibility.sql.user
        value: 'temporal-sa'
      - name: server.config.persistence.visibility.sql.secretName
        value: 'asdasdf'
  syncPolicy:
    syncOptions:
      - CreateNamespace=true

I don't expect have to pass in the "password", nor an "existingSecret" because this is the password-less way to authenticate (workload identity #498) to CloudSQL. I know that it is supported because I saw the code here:

https://github.com/temporalio/helm-charts/blob/main/charts/temporal/values/values.cloudsqlproxy.yaml

On top of that since I am not deploying a cluster-version of MySQL, I didn't pass in secretName. However, in my code above, I passed in something just as a placeholder to see if the error would go away.

Because of all this, I am getting an error of:

Error: template: temporal/templates/server-secret.yaml:10:53: executing "temporal/templates/server-secret.yaml" at <include "temporal.persistence.secretName" (list $ $store)>: error calling include: template: temporal/templates/_helpers.tpl:367:4: executing "temporal.persistence.secretName" at <include (printf "temporal.persistence.%s.secretName" (include "temporal.persistence.driver" (list $global $store))) (list $global $store)>: error calling include: template: no template "temporal.persistence.mysql.secretName" associated with template "gotpl" Use --debug flag to render out invalid YAML

nor a "secretName" (

Minimal Reproduction

Environment/Versions

GKE Cluster version 1.29

Using this chart: https://artifacthub.io/packages/helm/temporalio/temporal

Additional context
@esn89 esn89 added the bug Something isn't working label Sep 30, 2024
@heytrav
Copy link

heytrav commented Nov 8, 2024

I'm also encountering this while attempting to run parallel to mysql in a local cluster.

@heytrav
Copy link

heytrav commented Nov 8, 2024

I'm also encountering this while attempting to run parallel to mysql in a local cluster.

Actually I notice from one of the examples that they use driver: sql for the mysql installation. I also used driver: mysql initially (because that's what it looks like you should do) and got the same error message.

Switching to driver: sql it installed cleanly (although I also did have placeholders in for secretName.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@heytrav @esn89