After upgrading Keda to v2.12.0 the v1beta1.external.metrics.k8s.io API component is not getting updated and its out of sync.

Question

After upgrading Keda to v2.12.0 the v1beta1.external.metrics.k8s.io API component is not getting updated and its out of sync.

vermaprateek695 opened this issue 7 months ago · comments

Expected Behavior

After upgrading Keda to v2.12.0 all the components should be in sync .

Actual Behavior

After upgrading Keda to v2.12.0 the v1beta1.external.metrics.k8s.io API component is not getting updated and it shows out of sync. When looking at the desired and the acutal state of the manifest file we could see the insecureSkipTLSVerify: false this value in desrired manifest is not getting picked up by argocd

PR where insecureSkipTLSVerify: false was added explicitly https://github.com/kedacore/charts/pull/520/files

Steps to Reproduce the Problem

Upgraded the Keda version to v2.12.0
synced the changes with Argocd
v1beta1.external.metrics.k8s.io API component is not getting synced and shows outofsync with difference in the manifest .

Specifications

KEDA Version: * v2.12.0
Platform & Version: Please elaborate
Kubernetes Version: 1.28
Scaler(s): Please elaborate

can you please suggest any workaround which can fix this issue as in production env the Keda application shows outofsync due to this issue and this needs to be resolved at earliest.

FutureMatt · Answer 1 · Thu Oct 19 2023 18:28:40 GMT+0800 (China Standard Time)

Yup, we have the same issue in our ArgoCD. I think the issue here is that it is trying to enforce the default value, so it never appears in the resource (do kubectl get apiservice v1beta1.external.metrics.k8s.io -o yaml and you'll see it isn't there), as a result ArgoCD see this as a difference in the resource manifests. I see a few options here:

Wait it out until it eventually gets removed in a later Helm release
Add a toggle to Helm to enable/disable this via a value
Add that value to ArgoCD's ignore list (this is what we'll probably do)

Geoff Webster · Answer 2 · Wed Oct 25 2023 02:36:43 GMT+0800 (China Standard Time)

Also ran into this, since the value is default and is not configurable in the helm chart should probably just remove it from the manifest. I didn't quite get what the change was fixing during upgrades, though ArgoCD might not have seen this issue since it doesn't use the normal Helm upgrade workflow.

If someone runs into this with ArgoCD you can use this ignoreDifferences config:

ignoreDifferences:
  - group: apiregistration.k8s.io
    kind: APIService
    jsonPointers:
      - /spec/insecureSkipTLSVerify

Zbynek Roubalik · Answer 3 · Fri Oct 27 2023 02:14:54 GMT+0800 (China Standard Time)

@sidewinder12s could you please update our Troubleshooting section in docs with this info?

https://keda.sh/docs/2.12/troubleshooting/
https://github.com/kedacore/keda-docs/tree/main/content/troubleshooting

Geoff Webster · Answer 4 · Fri Oct 27 2023 08:16:05 GMT+0800 (China Standard Time)

Actually turns out ArgoCD does need to apply the manifest as is in the chart. Once the upgrade is through you can apply the ignoreDifferences config however.

So I think users can either ignore it and wait for the workaround to be removed from the chart or use the ignoreDifferences config. I don't think this issue is very important to flag on general troubleshooting for Keda. Either way I can't commit to OSS repos without going through a legal review with my company.

Nasir Amin · Answer 5 · Mon Apr 22 2024 22:49:08 GMT+0800 (China Standard Time)

Has this been fixed in v2.13?