GitOps runtime issues
Troubleshoot installation/communication issues
Pre-installation checks or runtime collision check failed
Possible cause
You have Argo Project components from other installations in your cluster.
Possible actions
You can either:
- Install Codefresh GitOps Runtime alongside Community Argo CD
OR
- Uninstall the Codefresh GitOps Runtime.
- Remove the Argo Project components from your cluster.
- Reinstall the Codefresh GitOps Runtime.
Job has reached the specified backoff limit error during Helm installation
Possible cause
Validation errors in your values.yaml file.
Before initiating the installation, Codefresh automatically validates the values.yaml file to verify that the supplied values are correct.
Possible actions
- Get more detailed information on the reason for the validation failure by running:
kubectl logs jobs/validate-values -n ${NAMESPACE}
where:
{NAMESPACE}is the namespace of the Hybrid GitOps Runtime. - Fix the errors. The table below describes the settings that are validated in the
valuesfile.
| Setting | Validation |
|---|---|
userToken |
If explicitly defined, or defined as a secretKeyRef which exists in the current k8s context and the defined namespace. |
| Account permissions | If the user has admin permissions for the account in which they are installing the runtime. |
| Runtime name | If defined, and is unique to the account. |
| Access mode |
|
gitCredentials |
When defined, includes a Git password either explicitly, or as a secretKeyRef, similar to userToken. The password or token has the required permissions in the Git provider. |
Pre-installation error: please upgrade to the latest cli version: v<number>
Possible cause
Codefresh has a new CLI version.
Possible actions
Run the appropriate command to upgrade to the latest version:
| Download mode | OS | Command |
|---|---|---|
Curl |
MacOS-x64 | curl -L --output - https://github.com/codefresh-io/cli-v2/releases/latest/download/cf-darwin-amd64.tar.gz | tar zx && mv ./cf-darwin-amd64 /usr/local/bin/cf && cf version |
| MacOS-m1 | curl -L --output - https://github.com/codefresh-io/cli-v2/releases/latest/download/cf-darwin-arm64.tar.gz | tar zx && mv ./cf-darwin-arm64 /usr/local/bin/cf && cf version |
|
| Linux - X64 | curl -L --output - https://github.com/codefresh-io/cli-v2/releases/latest/download/cf-linux-amd64.tar.gz | tar zx && mv ./cf-linux-amd64 /usr/local/bin/cf && cf version |
|
| Linux - ARM | curl -L --output - https://github.com/codefresh-io/cli-v2/releases/latest/download/cf-linux-arm64.tar.gz | tar zx && mv ./cf-linux-arm64 /usr/local/bin/cf && cf version |
|
Brew |
N/A | brew tap codefresh-io/cli && brew install cf2 |
Failed to bootstrap repository: authentication required
Possible cause
The Git runtime token provided for installation is not valid.
Possible actions
- Make sure the token:
- Has a valid expiration date.
- Scope includes
repoandadmin-repo.hook
Failed adding git integration <…> 404 not found
Possible cause
Another process is probably occupying the address you provided as your ingress-host.
Possible actions
- Terminate the process to free up the address.
Failed to create default git integration:…failed making a graphql API call…the HTTP request failed
Possible cause
The Ingress controller does not have a valid SSL certificate. The certificate must be from a Certificate Authority.
Possible actions
- Get a valid CA-signed certificate for the Ingress controller.
- Run the runtime installation.
OR
-
Continue with the runtime installation in
insecuremode:cf intg git add default --api-url https://api.github.com --runtime <runtime_name> --insecure
where:
<runtime_name>is the name of the runtime installation.
Failed to create default git integration:…GraphQL Error (Code: 401): (“response”:{“error”:”Unauthorized: Invalid token.”status”:401, “headers”:{}}..)
Possible cause
The ingress host specified does not point to the cluster selected for runtime installation.
Possible actions
Make sure the ingress host points to the cluster on which the runtime is installed.
Timeout error, either for applications or while waiting for the installation to complete
Possible cause
Cron-executer has identified that not all your applications are synced and healthy. Codefresh runtime installation syncs app status at 10-minute intervals. The timeout occurs if after the last status sync, at least one application is either not synced or healthy.
Possible actions
Without terminating the runtime install, do the following:
- In the Argo CD UI, check the status of your apps:
- Port forward your
argo-cd serverpod using default 8080 ports. - Access it via
localhost:8080with the Usernameadmin, and Password which is the decodedargocd-initial-admin-secretin your cluster.With
k9s, in thesecretsview, pressx.
- Port forward your
- If all apps are perfectly synced and healthy, check the logs of the
cron-executorservice. - If the logs don’t show a cause for the error, try freeing up resources:
- Free up memory with
docker system prune -a --volumes. - Increase the resources allocated to your cluster.
- Free up memory with
Unable to communicate with <runtime-name> or two or more runtimes
Possible cause
This error points to an issue with your browser or with your runtime configuration, and can be due to any of the following:
TIP:
Verify that your internet connection is stable.
- Browser issues
Can occur because of Cross-Origin Request blocked errors. - Missing SSL certificate
Can occur if your runtime is ingress-based, and without an SSL certificate for the ingress controller. - Insecure protocol prefix
Can occur if your runtime is ingress-based, and using HTTP for theingress-hostvalue instead of HTTPS.
Possible actions
Follow the steps for the actions listed below in the order in which they are listed.
Browser issues
Try to identify the issue that is preventing communication by accessing your browser’s Developer Tools and viewing the Console or Network tabs.
For help on identifying the specific error and the corrective action to take for it, read MDN web docs.
Missing SSL certificate
If you need an SSL certificate, copy and install the root CA certificate to the trusted root certificate store on your machine.
OR
Configure the browser to trust the runtime’s URL and receive content:
- If you are not in the GitOps Runtimes page, from the toolbar, click the Settings icon.
- From Configuration in the sidebar, select GitOps Runtimes.
- Select the runtime, and based on your browser, do as required:
- Chrome: Click Advanced and then Proceed to site.
- Firefox: Click Advanced and then Accept the risk and continue.
- Safari: Click Show Certificate, and then select Always allow content from site.
- Edge: Click Advanced, and then select Continue to site(unsafe).
Insecure protocol prefix
To continue using the HTTP protocol for your ingress-host instead of HTTPS, configure your browser to allow mixed content for g.codefresh.io.
The exact steps differ based on your browser.
WARNING:
HTTP connections are unencrypted and less secure.
Be aware that you are using this at your own risk.
Chrome
- To the left of the URL, click the Lock icon, and then select Site settings.
- On the right, scroll down to Insecure content and then select Allow as the default for
g.codefresh.io. - Click Save.
- Reload the page.
Firefox
- To the left of the URL, click the Lock icon.
- Expand Connection Secure, and then click More Information.
- In the Page Info window that appears, click the Security tab.
- Under Connection, do one of the following:
- If available, select Enable HTTP2.
- If not available, select Disable Protection on This Site, and then click OK.
- Reload the page.
Safari
- Go to Preferences > Advanced.
- Select Show Develop menu in menu bar, and close the Preferences window.
- From the menu bar, select Develop, and then select Disable Cross-Origin Restrictions.
- Reload the page.
Edge
- To the left of the URL, click the Lock icon, and then select Permissions for this site.
- Scroll down to Location, and then select Allow as the default for
g.codefresh.io. - Click Save.
- Reload the page.