Connect Operator: Secret already exists

jbenamy
jbenamy
Community Member
edited July 2023 in Secrets Automation

We are having consistent issues with Helm upgrades of our applications failing due to this error with 1Password secrets.

Helm error:

Error: UPGRADE FAILED: release NAME failed, and has been rolled back due to atomic being set: pre-upgrade hooks failed: warning: Hook pre-upgrade api/templates/1password-items.yaml failed: 1 error occurred:

12:20:50 * object is being deleted: onepassworditems.onepassword.com "SECRETNAME" already exists

Log from the 1Password Connect pod in kubernetes:

Secret with name SECRETNAME and version NUMBER already exists

Helmfile for our app chart:

apiVersion: onepassword.com/v1
kind: OnePasswordItem
metadata:
  name: {{ $secretName | quote }}
  labels: {{ include "api.labels" $ | nindent 4 }}
  annotations:
    "helm.sh/hook": pre-install,pre-upgrade
    "helm.sh/hook-weight": "-1"
spec:
  itemPath: {{ $secret.item | quote }}
{{- end }}
{{- end }}

This occurs for multiple secrets. After deleting the custom resource for the secret in this state, the deploy succeeds until the next deploy in which it fails again. Using official Connect Helm chart 1.12.0.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

This discussion has been closed.