Re: Issues when going through the Kritis Installation

[Aysylu Greenberg]

Hi Jason,

This should have been fixed (commit). Is your repository up-to-date?

Cheers,

Aysylu

On Wed, Mar 13, 2019 at 2:48 PM Jason Fisher <fis...@synopsys.com> wrote:

Hello:

I am trying to follow the instructions to install and enable Kritis in my project. Everything is going smoothly until I get to the point of actually installing Kritis to my cluster from the Helm charts. The command I issue (from the instructions) is:

helm install https://storage.googleapis.com/kritis-charts/repository/kritis-charts-0.1.0.tgz

I am supposed to see the kritis-preinstall and kritis-postinstall pods in the Completed state and the kritis-validation-hook-xxx pod in the Running state. I am seeing the preinstall and postinstall pods in the Error state. When I do a `kubectl logs kritis-preinstall` I get the following:

time="2019-03-13T20:31:11Z" level=info msg="contents of /var/run/secrets/kubernetes.io/serviceaccount/namespace: default"
time="2019-03-13T20:31:11Z" level=info msg="running preinstall\nversion v0.1.0\ncommit: c0715fe5eadf3b507318edda2a45859343bb03f2"
Error from server (NotFound): certificatesigningrequests.certificates.k8s.io "tls-webhook-secret-cert" not found
Error from server (NotFound): secrets "tls-webhook-secret" not found
time="2019-03-13T20:31:11Z" level=info msg="[cfssl genkey -]"
time="2019-03-13T20:31:11Z" level=info msg="{\"csr\":\"-----BEGIN CERTIFICATE REQUEST-----\\nMIICFjCCAbwCAQAwADBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJD9umrnm/GS\\n6p8YlrtXTu+ClwCNOEGsC9UN/L4CEahU9lN7s7XVhnX5Lye4cl+4NoeGCc3SDgdg\\n9R3CbDzdq9GgggFYMIIBVAYJKoZIhvcNAQkOMYIBRTCCAUEwggE9BgNVHREEggE0\\nMIIBMIIWa3JpdGlzLXZhbGlkYXRpb24taG9va4Iia3JpdGlzLXZhbGlkYXRpb24t\\naG9vay5rdWJlLXN5c3RlbYIea3JpdGlzLXZhbGlkYXRpb24taG9vay5kZWZhdWx0\\ngiJrcml0aXMtdmFsaWRhdGlvbi1ob29rLmRlZmF1bHQuc3ZjgiJrcml0aXMtdmFs\\naWRhdGlvbi1ob29rLWRlcGxveW1lbnRzgi5rcml0aXMtdmFsaWRhdGlvbi1ob29r\\nLWRlcGxveW1lbnRzLmt1YmUtc3lzdGVtgiprcml0aXMtdmFsaWRhdGlvbi1ob29r\\nLWRlcGxveW1lbnRzLmRlZmF1bHSCLmtyaXRpcy12YWxpZGF0aW9uLWhvb2stZGVw\\nbG95bWVudHMuZGVmYXVsdC5zdmMwCgYIKoZIzj0EAwIDSAAwRQIhALPZzn1lY0DS\\nJIeLn7HVtGq825YQFFnjN6GZg4NFbUElAiBtxjfTp855OaERk8MdvVINVDFc3SnV\\neDTPbRCN5fe72w==\\n-----END CERTIFICATE REQUEST-----\\n\",\"key\":\"-----BEGIN EC PRIVATE KEY-----\\nMHcCAQEEIGwMXr+GYML2RhdgDi/ub3bjn7Bm3RN5lL6qZQ1eosNvoAoGCCqGSM49\\nAwEHoUQDQgAEkP26aueb8ZLqnxiWu1dO74KXAI04QawL1Q38vgIRqFT2U3uztdWG\\ndfkvJ7hyX7g2h4YJzdIOB2D1HcJsPN2r0Q==\\n-----END EC PRIVATE KEY-----\\n\"}\n"
time="2019-03-13T20:31:11Z" level=info msg="[cfssljson -bare server]"
time="2019-03-13T20:31:11Z" level=info
apiVersion: certificates.k8s.io/v1beta1
kind: CertificateSigningRequest
metadata:
    name: tls-webhook-secret-cert
spec:
    groups:
    - system:authenticated
    request: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQ0ZqQ0NBYndDQVFBd0FEQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJKRDl1bXJubS9HUwo2cDhZbHJ0WFR1K0Nsd0NOT0VHc0M5VU4vTDRDRWFoVTlsTjdzN1hWaG5YNUx5ZTRjbCs0Tm9lR0NjM1NEZ2RnCjlSM0NiRHpkcTlHZ2dnRllNSUlCVkFZSktvWklodmNOQVFrT01ZSUJSVENDQVVFd2dnRTlCZ05WSFJFRWdnRTAKTUlJQk1JSVdhM0pwZEdsekxYWmhiR2xrWVhScGIyNHRhRzl2YTRJaWEzSnBkR2x6TFhaaGJHbGtZWFJwYjI0dAphRzl2YXk1cmRXSmxMWE41YzNSbGJZSWVhM0pwZEdsekxYWmhiR2xrWVhScGIyNHRhRzl2YXk1a1pXWmhkV3gwCmdpSnJjbWwwYVhNdGRtRnNhV1JoZEdsdmJpMW9iMjlyTG1SbFptRjFiSFF1YzNaamdpSnJjbWwwYVhNdGRtRnMKYVdSaGRHbHZiaTFvYjI5ckxXUmxjR3h2ZVcxbGJuUnpnaTVyY21sMGFYTXRkbUZzYVdSaGRHbHZiaTFvYjI5cgpMV1JsY0d4dmVXMWxiblJ6TG10MVltVXRjM2x6ZEdWdGdpcHJjbWwwYVhNdGRtRnNhV1JoZEdsdmJpMW9iMjlyCkxXUmxjR3h2ZVcxbGJuUnpMbVJsWm1GMWJIU0NMbXR5YVhScGN5MTJZV3hwWkdGMGFXOXVMV2h2YjJzdFpHVncKYkc5NWJXVnVkSE11WkdWbVlYVnNkQzV6ZG1Nd0NnWUlLb1pJemowRUF3SURTQUF3UlFJaEFMUFp6bjFsWTBEUwpKSWVMbjdIVnRHcTgyNVlRRkZuak42R1pnNE5GYlVFbEFpQnR4amZUcDg1NU9hRVJrOE1kdlZJTlZERmMzU25WCmVEVFBiUkNONWZlNzJ3PT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUgUkVRVUVTVC0tLS0tCg==
    usages:
    - digital signature
    - key encipherment
    - server auth
time="2019-03-13T20:31:12Z" level=info msg="[kubectl apply -f -]"
time="2019-03-13T20:31:12Z" level=info msg="certificatesigningrequest.certificates.k8s.io \"tls-webhook-secret-cert\" created\n"
time="2019-03-13T20:31:12Z" level=info msg="[kubectl certificate approve tls-webhook-secret-cert]"
time="2019-03-13T20:31:12Z" level=info msg="certificatesigningrequest.certificates.k8s.io \"tls-webhook-secret-cert\" approved\n"
time="2019-03-13T20:31:12Z" level=info msg="[kubectl get csr tls-webhook-secret-cert -o jsonpath='{.status.certificate}' --namespace default]"
time="2019-03-13T20:31:12Z" level=info msg="'LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURSekNDQWkrZ0F3SUJBZ0lSQU5yVDFERklsMHV1VDZyWU5pL3pHNVl3RFFZSktvWklodmNOQVFFTEJRQXcKTHpFdE1Dc0dBMVVFQXhNa05qSmhNek0yTVRRdE5UZzVaUzAwWVdZekxUazBPR010T0RFM01UbGlNek16TXpsaQpNQjRYRFRFNU1ETXhNekl3TXpFeE1sb1hEVEkwTURNeE1USXdNekV4TWxvd0FEQlpNQk1HQnlxR1NNNDlBZ0VHCkNDcUdTTTQ5QXdFSEEwSUFCSkQ5dW1ybm0vR1M2cDhZbHJ0WFR1K0Nsd0NOT0VHc0M5VU4vTDRDRWFoVTlsTjcKczdYVmhuWDVMeWU0Y2wrNE5vZUdDYzNTRGdkZzlSM0NiRHpkcTlHamdnRldNSUlCVWpBTUJnTlZIUk1CQWY4RQpBakFBTUlJQlFBWURWUjBSQVFIL0JJSUJORENDQVRDQ0ZtdHlhWFJwY3kxMllXeHBaR0YwYVc5dUxXaHZiMnVDCkltdHlhWFJwY3kxMllXeHBaR0YwYVc5dUxXaHZiMnN1YTNWaVpTMXplWE4wWlcyQ0htdHlhWFJwY3kxMllXeHAKWkdGMGFXOXVMV2h2YjJzdVpHVm1ZWFZzZElJaWEzSnBkR2x6TFhaaGJHbGtZWFJwYjI0dGFHOXZheTVrWldaaApkV3gwTG5OMlk0SWlhM0pwZEdsekxYWmhiR2xrWVhScGIyNHRhRzl2YXkxa1pYQnNiM2x0Wlc1MGM0SXVhM0pwCmRHbHpMWFpoYkdsa1lYUnBiMjR0YUc5dmF5MWtaWEJzYjNsdFpXNTBjeTVyZFdKbExYTjVjM1JsYllJcWEzSnAKZEdsekxYWmhiR2xrWVhScGIyNHRhRzl2YXkxa1pYQnNiM2x0Wlc1MGN5NWtaV1poZFd4MGdpNXJjbWwwYVhNdApkbUZzYVdSaGRHbHZiaTFvYjI5ckxXUmxjR3h2ZVcxbGJuUnpMbVJsWm1GMWJIUXVjM1pqTUEwR0NTcUdTSWIzCkRRRUJDd1VBQTRJQkFRQnJTVDFkZXZFTUp1bjRVZVhXblpPT3F6cnJZQzFFWDJsMlJqbDNTWmN6V01UQ1hCR0UKOVhVS2Qra3hxRitiV043MWh2cXZBNVJCa1BSUkNkR2VWWjNYcFpMSE5YbWRERit4dVJBV2hOcWZISFhqQUxLSAoyY090SWtxcS9sYkxkd2w3NllkQUt3L1hTT3h1WnpHQm5xd3BwOWNvMXdMRk9Jem5iUFhCL2lISFcvMXAwb2xZCjF1Q0c5bmR1aVprL2pvL3cxbGhoN09BTE05WGVmemZSaVdqOFA1TXJhamtWNjY5b295WUhQMlFVUVpjdWNDa3UKbEdvTFMrUWxabVhKQk1iT3hLT3pyMXN4MHh4TmozMXpmOGRjakhlQjFqQkdOdENlTFd3RHdReU9ZcGlIODF6dQpzUEtBUXh4ZWlYRGdaMFZFdDRDUVV5c3lTVTA2UUVCaFFWbGYKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo='"
time="2019-03-13T20:31:12Z" level=info msg="[kubectl create secret tls tls-webhook-secret --cert=server.crt --key=server-key.pem --namespace default]"
time="2019-03-13T20:31:12Z" level=info msg="secret \"tls-webhook-secret\" created\n"
time="2019-03-13T20:31:13Z" level=info msg="[kubectl apply -f -]"
time="2019-03-13T20:31:13Z" level=info msg="customresourcedefinition.apiextensions.k8s.io \"attestationauthorities.kritis.grafeas.io\" created\n"
time="2019-03-13T20:31:13Z" level=info msg="[kubectl apply -f -]"
time="2019-03-13T20:31:13Z" level=info
time="2019-03-13T20:31:13Z" level=error msg="error: error validating \"STDIN\": error validating data: [ValidationError(CustomResourceDefinition.spec.names): unknown field \"scope\" in io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionNames, ValidationError(CustomResourceDefinition.spec): missing required field \"scope\" in io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionSpec]; if you choose to ignore these errors, turn validation off with --validate=false\n"

time="2019-03-13T20:31:13Z" level=fatal msg="exit status 1" 

I think the issue is at the end of the log (highlighted above). It is complaining the CRD is missing the required 'scope' field. Has anybody encountered this before? Are the instructions I am using current or can somebody point me to new ones? How can I get around this issue so the preinstall and postinstall pods get to the Completed state?

Thanks,

Jason 

--
You received this message because you are subscribed to the Google Groups "Grafeas Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to grafeas-dev...@googlegroups.com.
To post to this group, send email to grafe...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/grafeas-dev/1ec53f3a-a075-4f13-9240-7e0dfcf4dc02%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Jason Fisher]

Aysylu:

 

Thank you for getting back to me. I think I may have inadvertently posted this to the “Developers” group instead of the “Users” group. But to answer your question, I do not have any repository cloned, and am just following the instructions (for installation and the tutorial) from the Kritis GitHub page.

 

Thanks,

Jason

 

-- 

 
Jason Fisher
Senior Software Engineer
Ph: 781.313.6703
E: fis...@blackducksoftware.com 
blackducksoftware.com

[Aysylu Greenberg]

Jason,

Thanks for reporting this issue. We're working on cutting a new release that'll include the fix. I'm hoping to have it out this week.

Thanks for your patience!

Cheers,

Aysylu

On Thursday, March 14, 2019 at 11:10:09 AM UTC-4, Jason Fisher wrote:

Aysylu:

 

Thank you for getting back to me. I think I may have inadvertently posted this to the “Developers” group instead of the “Users” group. But to answer your question, I do not have any repository cloned, and am just following the instructions (for installation and the tutorial) from the Kritis GitHub page.

 

Thanks,

Jason

 

-- 

 

Jason Fisher
Senior Software Engineer
Ph: 781.313.6703

E: fisherj@blackducksoftware.com 
blackducksoftware.com

[Aysylu Greenberg]

Hi Jason,

The new version should now be available. Could you please confirm that it now works for you?

Thanks,

Aysylu

[AllenDevon De Villa]

Hi Aysylu,

Good day.

I am facing the same issue installing the below kritis-chart.

helm install kritis https://storage.googleapis.com/kritis-charts/repository/kritis-charts-0.2.2.tgz

Error: unable to build kubernetes objects from release manifest: [unable to recognize "": no matches for kind "Deployment" in version "apps/v1beta2", error validating "": error validating data: ValidationError(ClusterRole.metadata): unknown field "kritis.grafeas.io/install" in io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta]

[devon@localhost kritis-master]$ helm install kritis https://storage.googleapis.com/kritis-charts/repository/kritis-charts-0.2.2.tgz

W1128 22:18:06.118701   80564 warnings.go:67] rbac.authorization.k8s.io/v1beta1 ClusterRoleBinding is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 ClusterRoleBinding

W1128 22:18:06.190784   80564 warnings.go:67] rbac.authorization.k8s.io/v1beta1 ClusterRoleBinding is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 ClusterRoleBinding

W1128 22:18:06.203747   80564 warnings.go:67] rbac.authorization.k8s.io/v1beta1 ClusterRoleBinding is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 ClusterRoleBinding

Error: failed pre-install: pod kritis-preinstall failed

[devon@localhost kritis-master]$ kubectl get pods

NAME                             READY   STATUS      RESTARTS   AGE

grafeas-server-d7f65594b-d4s5g   1/1     Running     0          80m

kritis-predelete                 0/1     Completed   0          24m

kritis-preinstall                0/1     Error       0          28s

kritis-preinstall                0/1     Error       0          28s

[devon@localhost kritis-master]$ kubectl logs -f kritis-preinstall

time="2020-11-28T14:18:08Z" level=info msg="contents of /var/run/secrets/kubernetes.io/serviceaccount/namespace: default"

time="2020-11-28T14:18:08Z" level=info msg="running preinstall\nversion v0.2.2\ncommit: bea073f2a2f299af94363dc399b7780fde8f2afc"

Error from server (NotFound): certificatesigningrequests.certificates.k8s.io "tls-webhook-secret-cert" not found

Error from server (NotFound): secrets "tls-webhook-secret" not found

time="2020-11-28T14:18:08Z" level=info msg="[cfssl genkey -]"

time="2020-11-28T14:18:08Z" level=info msg="{\"csr\":\"-----BEGIN CERTIFICATE REQUEST-----\\nMIICFzCCAbwCAQAwADBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGMvEohqclZF\\nS8m6BNfOgHRzE3ntZYi3K6CkOFfFwpONFIiIbHvQxTTGamg2SZ3w6m7h4XQME5v6\\nxLfbfvmIrJugggFYMIIBVAYJKoZIhvcNAQkOMYIBRTCCAUEwggE9BgNVHREEggE0\\nMIIBMIIWa3JpdGlzLXZhbGlkYXRpb24taG9va4Iia3JpdGlzLXZhbGlkYXRpb24t\\naG9vay5rdWJlLXN5c3RlbYIea3JpdGlzLXZhbGlkYXRpb24taG9vay5kZWZhdWx0\\ngiJrcml0aXMtdmFsaWRhdGlvbi1ob29rLmRlZmF1bHQuc3ZjgiJrcml0aXMtdmFs\\naWRhdGlvbi1ob29rLWRlcGxveW1lbnRzgi5rcml0aXMtdmFsaWRhdGlvbi1ob29r\\nLWRlcGxveW1lbnRzLmt1YmUtc3lzdGVtgiprcml0aXMtdmFsaWRhdGlvbi1ob29r\\nLWRlcGxveW1lbnRzLmRlZmF1bHSCLmtyaXRpcy12YWxpZGF0aW9uLWhvb2stZGVw\\nbG95bWVudHMuZGVmYXVsdC5zdmMwCgYIKoZIzj0EAwIDSQAwRgIhAInwl/CAC0K7\\nDyonxmGJKL3kzh+n8cTAcKFCQ3+V0lLbAiEAz2Jl2SXyAfapYpKu9Xa0l8hIsmPu\\nm+FvGyj7F1un1fc=\\n-----END CERTIFICATE REQUEST-----\\n\",\"key\":\"-----BEGIN EC PRIVATE KEY-----\\nMHcCAQEEIDXCTVTm5VW5bFPdbLr+KUtkorEiTGDt1px0tW/+gQWBoAoGCCqGSM49\\nAwEHoUQDQgAEYy8SiGpyVkVLyboE186AdHMTee1liLcroKQ4V8XCk40UiIhse9DF\\nNMZqaDZJnfDqbuHhdAwTm/rEt9t++Yismw==\\n-----END EC PRIVATE KEY-----\\n\"}\n"

time="2020-11-28T14:18:08Z" level=info msg="[cfssljson -bare server]"

time="2020-11-28T14:18:08Z" level=info

apiVersion: certificates.k8s.io/v1beta1

kind: CertificateSigningRequest

metadata:

    name: tls-webhook-secret-cert

    labels:

        kritis.grafeas.io/install: ""

spec:

    groups:

    - system:authenticated

    request: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQ0Z6Q0NBYndDQVFBd0FEQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJHTXZFb2hxY2xaRgpTOG02Qk5mT2dIUnpFM250WllpM0s2Q2tPRmZGd3BPTkZJaUliSHZReFRUR2FtZzJTWjN3Nm03aDRYUU1FNXY2CnhMZmJmdm1Jckp1Z2dnRllNSUlCVkFZSktvWklodmNOQVFrT01ZSUJSVENDQVVFd2dnRTlCZ05WSFJFRWdnRTAKTUlJQk1JSVdhM0pwZEdsekxYWmhiR2xrWVhScGIyNHRhRzl2YTRJaWEzSnBkR2x6TFhaaGJHbGtZWFJwYjI0dAphRzl2YXk1cmRXSmxMWE41YzNSbGJZSWVhM0pwZEdsekxYWmhiR2xrWVhScGIyNHRhRzl2YXk1a1pXWmhkV3gwCmdpSnJjbWwwYVhNdGRtRnNhV1JoZEdsdmJpMW9iMjlyTG1SbFptRjFiSFF1YzNaamdpSnJjbWwwYVhNdGRtRnMKYVdSaGRHbHZiaTFvYjI5ckxXUmxjR3h2ZVcxbGJuUnpnaTVyY21sMGFYTXRkbUZzYVdSaGRHbHZiaTFvYjI5cgpMV1JsY0d4dmVXMWxiblJ6TG10MVltVXRjM2x6ZEdWdGdpcHJjbWwwYVhNdGRtRnNhV1JoZEdsdmJpMW9iMjlyCkxXUmxjR3h2ZVcxbGJuUnpMbVJsWm1GMWJIU0NMbXR5YVhScGN5MTJZV3hwWkdGMGFXOXVMV2h2YjJzdFpHVncKYkc5NWJXVnVkSE11WkdWbVlYVnNkQzV6ZG1Nd0NnWUlLb1pJemowRUF3SURTUUF3UmdJaEFJbndsL0NBQzBLNwpEeW9ueG1HSktMM2t6aCtuOGNUQWNLRkNRMytWMGxMYkFpRUF6MkpsMlNYeUFmYXBZcEt1OVhhMGw4aElzbVB1Cm0rRnZHeWo3RjF1bjFmYz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUgUkVRVUVTVC0tLS0tCg==

    usages:

    - digital signature

    - key encipherment

    - server auth

time="2020-11-28T14:18:08Z" level=info msg="[kubectl apply -f -]"

time="2020-11-28T14:18:08Z" level=info msg="certificatesigningrequest.certificates.k8s.io/tls-webhook-secret-cert created\n"

time="2020-11-28T14:18:09Z" level=info msg="[kubectl certificate approve tls-webhook-secret-cert]"

time="2020-11-28T14:18:09Z" level=info msg="No resources found\n"

time="2020-11-28T14:18:09Z" level=error msg="error: no kind \"CertificateSigningRequest\" is registered for version \"certificates.k8s.io/v1\" in scheme \"k8s.io/kubectl/pkg/scheme/scheme.go:28\"\n"

time="2020-11-28T14:18:09Z" level=fatal msg="exit status 1"

Not sure if I am missing some pre-requisite steps here based on the instruction. Thank you in advance for the asssistance.

kritis/install.md at master · grafeas/kritis (github.com) 

Regards,

Allan 

On Wednesday, 20 March 2019 at 03:08:00 UTC+8 ays...@google.com wrote:

Hi Jason,

The new version should now be available. Could you please confirm that it now works for you?

Thanks,

Aysylu

On Tuesday, March 19, 2019 at 1:32:43 PM UTC-4, Aysylu Greenberg wrote:

Jason,

Thanks for reporting this issue. We're working on cutting a new release that'll include the fix. I'm hoping to have it out this week.

Thanks for your patience!

Cheers,

Aysylu

On Thursday, March 14, 2019 at 11:10:09 AM UTC-4, Jason Fisher wrote:

Aysylu:

 

Thank you for getting back to me. I think I may have inadvertently posted this to the “Developers” group instead of the “Users” group. But to answer your question, I do not have any repository cloned, and am just following the instructions (for installation and the tutorial) from the Kritis GitHub page.

 

Thanks,

Jason

 

-- 

 

Jason Fisher
Senior Software Engineer
Ph: 781.313.6703

E: fis...@blackducksoftware.com 
blackducksoftware.com

[Eduardo Munari]

Hey Allan, good day!

What's your k8s version?
I faced the same issue when trying to install the 0.2.2 kritis chart on k8s v1.19.x. Not sure if I tried to install on v1.18.x, either.

Can you try installing on v1.17.x cluster and see if it works?

Looking at this line:

rbac.authorization.k8s.io/v1beta1 ClusterRoleBinding is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 ClusterRoleBinding

It seems like an API version problem on the resources due to k8s version. Did you try changing it?

Btw, the cluster I'm working on is still at v1.17.x and the 0.2.2 chart works fine, so I didn't go further to investigate it yet, sorry.

Regards,

You received this message because you are subscribed to the Google Groups "Kritis users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kritis-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kritis-users/ffbef687-3132-41fb-875b-1f6902b560d8n%40googlegroups.com.

--

Eduardo Munari

Bacharel em Ciência da Computação

UNESP - IBILCE - São José do Rio Preto