Operator failing when creating the secret "Invalid data[]: Invalid value \"\"

jcodejcode
Community Member

Hello there,

i have set up 1p connect + operator using the connect-helm-charts my installation command looked like this:

helm upgrade --install connect 1password/connect --set-file connect.credentials=1password-credentials.json --set operator.create=true --set operator.token.value="${OP_TOKEN}" --set "operator.watchNamespace={opconnect,default}" --namespace opconnect

connect and operator are deployed successfully. However, when I create a secret I get the error message in the operator pod logs:

{"level":"error","ts":1663149588.6879878,"logger":"controller-runtime.controller","msg":"Reconciler error","controller":"onepassworditem-controller","request":"default/onepw","error":"Secret \"onepw\" is invalid: data[]: Invalid value: \"\": a valid config key must consist of alphanumeric characters, '-', '_' or '.' (e.g. 'key.name', or 'KEY_NAME', or 'key-name', regex used for validation is '[-._a-zA-Z0-9]+')","stacktrace":"github.com/go-logr/zapr.(*zapLogger).Error\n\t/workspace/vendor/github.com/go-logr/zapr/zapr.go:128\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/workspace/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:258\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/workspace/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:232\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).worker\n\t/workspace/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:211\nk8s.io/apimachinery/pkg/util/wait.BackoffUntil.func1\n\t/workspace/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:155\nk8s.io/apimachinery/pkg/util/wait.BackoffUntil\n\t/workspace/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:156\nk8s.io/apimachinery/pkg/util/wait.JitterUntil\n\t/workspace/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:133\nk8s.io/apimachinery/pkg/util/wait.Until\n\t/workspace/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:90"}

My secret looks like this (it's copied from https://github.com/1Password/onepassword-operator#usage):

apiVersion: onepassword.com/v1
kind: OnePasswordItem
metadata:
  name: onepw
spec:
  itemPath: "vaults/vault-name/items/secret-name" 

this is the output from kubectl describe onepassworditem onepw:

Name:         onepw
Namespace:    default
Labels:       <none>
Annotations:  <none>
API Version:  onepassword.com/v1
Kind:         OnePasswordItem
Metadata:
  Creation Timestamp:  2022-09-14T11:28:20Z
  Finalizers:
    onepassword.com/finalizer.secret
  Generation:  1
  Managed Fields:
    API Version:  onepassword.com/v1
    Fields Type:  FieldsV1
    fieldsV1:
      f:metadata:
        f:annotations:
          .:
          f:kubectl.kubernetes.io/last-applied-configuration:
      f:spec:
        .:
        f:itemPath:
    Manager:      kubectl-client-side-apply
    Operation:    Update
    Time:         2022-09-14T11:28:20Z
    API Version:  onepassword.com/v1
    Fields Type:  FieldsV1
    fieldsV1:
      f:metadata:
        f:finalizers:
          .:
          v:"onepassword.com/finalizer.secret":
    Manager:      manager
    Operation:    Update
    Time:         2022-09-14T11:28:20Z
    API Version:  onepassword.com/v1
    Fields Type:  FieldsV1
    fieldsV1:
      f:status:
        .:
        f:conditions:
    Manager:         manager
    Operation:       Update
    Subresource:     status
    Time:            2022-09-14T11:28:20Z
  Resource Version:  47191
  UID:               b1812280-44d9-4316-a1bf-f4c6d20782ce
Spec:
  Item Path:  vaults/vault-name/items/secret-name
Status:
  Conditions:
    Last Transition Time:  2022-09-14T11:28:20Z
    Message:               Secret "onepw" is invalid: data[]: Invalid value: "": a valid config key must consist of alphanumeric characters, '-', '_' or '.' (e.g. 'key.name',  or 'KEY_NAME',  or 'key-name', regex used for validation is '[-._a-zA-Z0-9]+')
    Status:                False
    Type:                  Ready
Events:                    <none>

I have no idea where the invalid value could come from. Any help is much appreciated.

Images used:

  • 1password/onepassword-operator:1.5.0
  • 1password/connect-api:1.5.6
  • 1password/connect-sync:1.5.6

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file