Status shows no key could decrypt secret for successful created secret #1516

alita1991 · 2024-04-23T09:26:46Z

Which component:
sealed-secret-controller: v0.20.2

Describe the bug
I reproduced an old issue described in #853, where the status message for a sealed secret was "no key could decrypt secret", but the secret was correctly unsealed, and the logs confirmed this as well.

This issue was discovered via ArgoCD, where the sealed secrets were marked as red. The temporary workaround was to restart the sealed-secret-controller pod, and after this, the status was updated correctly.

Steps to reproduce
Could not figure out a way to reproduce the issue (the environment where was discovered is long-lived and we only promote new helm chart versions)

Expected behavior
When the creation was successful the status should show SealedSecret unsealed successfully like the logs and the events.

K8s version
Server Version: v1.25.16-eks-b9c9ed7

Gnarfoz · 2024-04-26T07:18:37Z

This appears to also be the same issue as #739 and #1354, #1355 , etc. :-(
Seems like the issue is hard to eliminate.

We're facing this even with 0.26.2, and on 0.25.0.
We were on 0.18.1 before that, which didn't have this problem.

alita1991 added the triage Issues/PRs that need to be reviewed label Apr 23, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Status shows no key could decrypt secret for successful created secret #1516

Status shows no key could decrypt secret for successful created secret #1516

alita1991 commented Apr 23, 2024

Gnarfoz commented Apr 26, 2024

Status shows no key could decrypt secret for successful created secret #1516

Status shows no key could decrypt secret for successful created secret #1516

Comments

alita1991 commented Apr 23, 2024

Gnarfoz commented Apr 26, 2024