Skip to content

Backstage instance doesn't spin-up #3

Description

@yusakh

Template "pe-course-cnoe" has an issue which doesn't allow it to start Backstage instance.
Top level issue: argocd application "backstage" https://cnoe.localtest.me:8443/argocd/applications/argocd/backstage fails with few related objects creations failed:
Deployment 'backstage' : Resource not found in cluster: apps/v1/Deployment:backstage
StatefulSet 'postgresql' : Resource not found in cluster: apps/v1/StatefulSet:postgresql
Externalsecret 'backstage-oidc': error retrieving secret at .data[0], key: keycloak-clients, err: secrets "keycloak-clients" not found

Main problem is that "keycloak-clients" secret is not created with following errors in log:

  • BACKSTAGE_CLIENT_SECRET=******
    ++ ./kubectl -n argocd get secret argocd-initial-admin-secret -o 'go-template={{.data.password | base64decode }}'
    ./kubectl: line 1: syntax error near unexpected token <'
    ./kubectl: line 1: NoSuchKeyThe specified key does not exist.
    DetailsNo such object: 767373bbdcb8270361b96548387bf2a9ad0d48758c35/release/v1.28.3//bin/linux/amd64/kubectl
    '
  • ARGOCD_PASSWORD=

Likely it's due to double-slash in command ("...v1.28.3//bin...").

Short summary:

  • Root cause — the Keycloak config job had a double-slash typo in the kubectl download URL (v1.28.3//bin/linux/amd64/kubectl), causing it to download an XML error page instead of the binary
  • Consequence — kubectl never worked inside the job, so the keycloak-clients secret was never created, blocking both Backstage and Argo Workflows via their ExternalSecret resources
  • Workaround — manually extracted the Keycloak client secrets and ArgoCD session token, created the secret by hand, then force-triggered the ExternalSecret reconciliation with the annotation trick

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions