I am running into the same problem. I am running Kong (3.4, but also tried 3.3) in Kubernetes in DB-less mode, deployed with the official Kong Helm chart in version 2.26.5. I have validated that my KongConsumer and Secret are in the same namespace but the consumer still fails to fetch the referenced secret in the same way @utkarsh079 mentioned.
Error: resource processing failed: credential \"kong-secret-kafka-consumer\" failure: failed to fetch secret: Secret sq-platform/kong-secret-kafka-consumer not found. While kubectl get secret -n sq-platform kong-secret-kafka-consumer yields
NAME TYPE DATA AGE
kong-secret-kafka-consumer Opaque 2 16m
@utkarsh079 did you figure out the root cause and or a solution for this problem? Otherwise, is there anybody else who might be able to help?
Hello everyone, I wanted to circle back and provide an update on the issue. After further investigation and some helpful pointers from the community, I’ve managed to identify and resolve the problem.
The root cause of the issue was related to the way I was deploying and upgrading Kong. I used the official Kong Helm Charts. While Helm does install Custom Resource Definitions (CRDs) at the initial installation of a chart, it does not automatically update them during subsequent upgrades. This is a known behavior of Helm, which requires manual intervention to update the CRDs. While not a problem with the Kong Helmd Charts per se, the team is actively discussing how to improve the visibility of this issue or even resolve it.
Here’s what I missed: Some releases of the Kong Helm Chart include changes to the CRDs that must be applied for the upgrade to succeed. Because I hadn’t manually updated the CRDs after upgrading the Helm chart, Kong could not correctly process the resources, hence the errors when fetching the secrets.