SonarQube helm chart configuration error: NEG annotation is invalid

I’m trying to deploy a network endpoint group for SonarQube workload in GKE with Terraform and helm chart.

Here is my helm release resource:

resource "helm_release" "sonar" {
	name = "sq-ee-lb-ext-db"
	chart = "sonarqube/sonarqube"
	namespace = data.kubernetes_namespace.sonarqube.id
	timeout = "360"

	set {
		name = "edition"
		value = "enterprise"
	}

	/**
	 * External postgres database
	 */
	set {
		name = "jdbcOverwrite.enable"
		value = "true"
	}
	set {
		name = "postgresql.enabled"
		value = "false"
	}
	set {
		name = "jdbcOverwrite.jdbcUrl"
		value = "jdbc:postgresql://<db instance private IP>:5432/sq-ee-lb-ext-db"
	}
	set {
		name = "jdbcOverwrite.jdbcUsername"
		value = "<username>"
	}
	set {
		name = "jdbcOverwrite.jdbcPassword"
		value = "<password>"
	}

	/**
	 * Load balancer
	 */
	set {
		name = "service.type"
		value = "NodePort"
	}
	set {
		name = "service.annotations.cloud\\.google\\.com/neg"
		value = "exposed_ports: {80:{}}"
	}
}

However, this is not how service.annotations should be configured. The error I’m receiving is

Error: admission webhook "neg-annotation.common-webhooks.networking.gke.io" denied the request: error parsing value of NEG annotation "cloud.google.com/neg" on service "sq-ee-lb-ext-db"/"sq-ee-lb-ext-db-sonarqube": NEG annotation is invalid.

What I am trying to replicate is something like this:

resource "kubernetes_service" "owaspjuice" {
    metadata {
        name = "owaspjuice"
        annotations = {
            "cloud.google.com/neg" = "{\"exposed_ports\": {\"80\":{}}}"
        }
        
    }
    
    spec {
        selector = {
            test = "owaspjuice"
        }
        session_affinity = "ClientIP"
        port {
            port        = 80
            target_port = 3000
        }
        
        type = "NodePort"
    }
}

This is another project I deployed that successfully created a network endpoint group and I could hook that up with a gcp external load balancer.

I couldn’t find explanation on the internet the correct Terraform syntax.

Any help is appreciated.

I ended up using yaml syntax to set up the network endpoint group.

locals {
	values_config = <<EOT
service:
    annotations:
        cloud.google.com/neg: '{"exposed_ports": {"80":{}}}'
EOT
}
resource "helm_release" "sonar" {
	name = "sonarqube1"
	chart = "sonarqube/sonarqube"
	namespace = data.kubernetes_namespace.sonarqube.id
	timeout = "360"

	values = [
		local.values_config
	]
        .....
1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.