policy-reporter: `secretRef` is not working for Grafana Loki

While sending logs to Grafana Loki, using secretRef giving below error.

ArgoCD Application manifest:

project: default
source:
  repoURL: 'https://kyverno.github.io/policy-reporter'
  targetRevision: 2.18.3
  helm:
    values: |-
      ui:
        enabled: true
      metrics:
        enabled: true
      rest:
        enabled: true
      target:
        loki:
          secretRef: "kyverno-policy-reporter-target-loki"
          minimumPriority: "warning"
  chart: policy-reporter
destination:
  server: 'https://kubernetes.default.svc/'
  namespace: kyverno-policy-reporter
syncPolicy:
  automated:
    prune: true
    selfHeal: true
  syncOptions:
    - CreateNamespace=true

Error: Viewing kyverno-policy-reporter pod log

$ > kubectl logs kyverno-policy-reporter-5855f49cb-rmbrm -f
1.6850868947274184e+09  warn    failed to get secret reference  {"error": "Get \"https://x.x.x.x:443/api/v1/namespaces/kyverno-policy-reporter/secrets/kyverno-policy-reporter-target-loki\": dial tcp x.x.x.x:443: connect: connection refused"}
1.6850868947274933e+09  info    UI configured
1.685086894735476e+09   info    REST api enabled
1.6850868947355518e+09  info    metrics enabled
1.6850868947356982e+09  info    start client    {"worker": 5}

kyverno-policy-reporter-target-loki exists in the kyverno-policy-reporter namespace.
No NetworkPolicy defined.
Kyverno policy reporter RBAC is not tampered.

About this issue

Original URL
State: closed
Created a year ago
Comments: 15 (10 by maintainers)

Most upvoted comments

I close the issue, let me know if still something does not work as expected.

fjogeleit on Jun 3, 2023

@justinwalz @Pavaningithub I released v2.19.2 of the helm chart with the missing mountedSecret mapping as well as the retry mechanism for secretRef.

Let me know if your issues are solved and I can close the issue or feel free to do it yourself.

fjogeleit on May 31, 2023

Thanks sorry I had not much time last week, I try to test it today

fjogeleit on May 29, 2023