-
Notifications
You must be signed in to change notification settings - Fork 660
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Status shows no key could decrypt secret for successful created secret #1516
Comments
I also found this problem on my sealed-secret installation while using ArgoCD, did you found the solution ? @Gnarfoz |
Hey @WillyRL, there seems to be no permanent solution. It seems like a trivial "out of order" thing... |
It still not working on my setup, may I know your syncPolicy ? syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
- ApplyOutOfSyncOnly=true
- ServerSideApply=true |
I'm not sure what you're asking. This is not a problem with your ArgoCD configuration, it's a bug in Sealed Secrets. |
Which component:
sealed-secret-controller: v0.20.2
Describe the bug
I reproduced an old issue described in #853, where the status message for a sealed secret was "no key could decrypt secret", but the secret was correctly unsealed, and the logs confirmed this as well.
This issue was discovered via ArgoCD, where the sealed secrets were marked as red. The temporary workaround was to restart the sealed-secret-controller pod, and after this, the status was updated correctly.
Steps to reproduce
Could not figure out a way to reproduce the issue (the environment where was discovered is long-lived and we only promote new helm chart versions)
Expected behavior
When the creation was successful the status should show SealedSecret unsealed successfully like the logs and the events.
K8s version
Server Version: v1.25.16-eks-b9c9ed7
The text was updated successfully, but these errors were encountered: