Operator does not create secret

Question

Installed the connect server and operator using helm:

! helm upgrade --install connect 1password/connect \
! --set-file connect.credentials=1password-credentials.json \
! --set operator.create=true \
! --set operator.token.value="${OP_TOKEN}" \
! --namespace opconnect
Applied the OnePasswordItem but the secret is not created:
! apiVersion: onepassword.com/v1
! kind: OnePasswordItem
! metadata:
!   name: upsteam-apikey
!   namespace: opconnect
! spec:
!   itemPath: "vaults/vault-name/items/item-name"
Operator log:
! {"level":"info","ts":1652465874.4074965,"msg":"Creating Secret upsteam-apikey at namespace 'opconnect'"}
! {"level":"error","ts":1652465874.4126866,"logger":"controller-runtime.controller","msg":"Reconciler error","controller":"onepassworditem-controller","request":"opconnect/upsteam-apikey","error":"Secret \"upsteam-apikey\" is invalid: data[]: Invalid value: \"\": a valid config key must consist of alphanumeric characters, '-', '_' or '.' (e.g. 'key.name',  or 'KEY_NAME',  or 'key-name', regex used for validation is '[-._a-zA-Z0-9]+')","stacktrace":"github.com/go-logr/zapr.(*zapLogger).Error
	/workspace/vendor/github.com/go-logr/zapr/zapr.go:128
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler
	/workspace/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:258
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem
	/workspace/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:232
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).worker
	/workspace/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:211
k8s.io/apimachinery/pkg/util/wait.BackoffUntil.func1
	/workspace/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:155
k8s.io/apimachinery/pkg/util/wait.BackoffUntil
	/workspace/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:156
k8s.io/apimachinery/pkg/util/wait.JitterUntil
	/workspace/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:133
k8s.io/apimachinery/pkg/util/wait.Until
	/workspace/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:90"}

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided

Answer

Hi there,

From this error, it looks like your 1Password item has field names that are not supported by kubernetes. The supported characters are alphanumeric characters, -, _ or .

You'll need to update your field names to conform to this.

Please let me know if this resolves your issue.

Forum Discussion

Operator does not create secret

1 Reply

Recent Discussions

op-ssh-sign fails when passed non-UTF-8 payloads

Ongoing Issues with 1Password & GitKraken Integration – Frequent Unlock Prompts

Problem with 1Password CLI and Service Account

ssh-agent - use specific key for specific hosts

Win11 -> WSL2 -> devcontainer ssh-add not accessible anymore