I have been stuck in deploying airbyte 2.0.1 with helm v2 on GKE with gcs for logging and facing issues with it, i have tried the solution from https://github.com/airbytehq/airbyte/issues/65153 adding

global:
  workloads:
    containerOrchestrator:
      secretName: "airbyte-gcs-logs-creds"
      secretMountPath: "/secrets/gcs-log-creds"

and https://github.com/airbytehq/airbyte/commit/09ebba016695c3b15e06924bc43c019a430c83f1 for correct identifier but still unable to make it work, and this is the output from the container

kubectl exec -it airbyte-workload-api-server-594597677d-pf4jz -n airbytev2 -- bash
[airbyte@airbyte-workload-api-server-594597677d-pf4jz app]$ ls -l /secrets/gcs-log-creds
total 0
drwxrwsrwt 3 root airbyte 100 Oct 30 08:00 gcp.json
[airbyte@airbyte-workload-api-server-594597677d-pf4jz app]$ head -n 5 /secrets/gcs-log-creds/gcp.json
head: error reading '/secrets/gcs-log-creds/gcp.json': Is a directory

Could any one had or have the same issue or solved it, could guide on this :-)

Based on the information from your question and the provided knowledge sources, it appears you are encountering an issue where the GCS credentials secret is being mounted as a directory instead of a file in your Airbyte 2.0.1 deployment on GKE using Helm v2. This is evident from your output:

ls -l /secrets/gcs-log-creds total 0 drwxrwsrwt 3 root airbyte 100 Oct 30 08:00 gcp.json head: error reading '/secrets/gcs-log-creds/gcp.json': Is a directory

### What’s Happening? This issue typically occurs when the Kubernetes secret is created incorrectly—specifically, if the key in the secret is named

gcp.json

but the value is not the actual JSON file content, or if the secret is structured such that

gcp.json

is a directory rather than a file. ### Key Points from Knowledge Sources - The Airbyte Helm chart expects the GCS credentials to be provided as a file named

gcp.json

inside a Kubernetes secret, and this file should contain the service account JSON key, not a directory or a base64-encoded directory structure [[source]](https://docs.airbyte.com/platform/next/deploying-airbyte/integrations/storage#values). - There have been several issues reported about secrets being double base64 encoded or misconfigured, leading to similar mounting problems [[source]](https://github.com/airbytehq/airbyte/issues/68178). - The correct way is to create a Kubernetes secret where the key is

gcp.json

and the value is the raw JSON content of your service account key (not base64-encoded, as kubectl will handle encoding) [[source]](https://docs.airbyte.com/platform/next/deploying-airbyte/integrations/storage#values). ### How to Fix 1. Check Your Secret Creation Command When creating the secret, use:

sh    kubectl create secret generic airbyte-gcs-log-creds \      --from-file=gcp.json=/path/to/your/service-account.json \      -n airbytev2

This ensures that

/secrets/gcs-log-creds/gcp.json

is a file containing your credentials. 2. Verify the Secret in Kubernetes After creating the secret, check it:

sh    kubectl get secret airbyte-gcs-log-creds -n airbytev2 -o yaml

You should see a

gcp.json

key with a base64-encoded value (the content of your JSON file). 3. Helm Values In your

values.yaml

, ensure you reference the secret correctly:

yaml    global:      storage:        type: "GCS"        storageSecretName: airbyte-gcs-log-creds        bucket:          log: your-bucket          state: your-bucket          workloadOutput: your-bucket        gcs:          projectId: your-project-id          credentialsPath: /secrets/gcs-log-creds/gcp.json

(Use

storageSecretName

as the key, not

secretName

, as per recent chart versions and documentation [[source]](https://github.com/airbytehq/airbyte/issues/44525).) 4. Remove Double Encoding Do not manually base64-encode the JSON file before creating the secret with

--from-file

. Let

kubectl

handle the encoding. ### Additional Notes - If you previously created the secret with

--from-literal

or by manually encoding, delete and recreate it using

--from-file

. - If you are using a different secret name or mount path, ensure all references in your Helm values and environment variables are consistent. ### References - [Helm GCS Storage Configuration](https://docs.airbyte.com/platform/next/deploying-airbyte/integrations/storage#values) - [Github Issue: GCS secret mounting problems](https://github.com/airbytehq/airbyte/issues/68178) - [Github Issue: Correct secret key is storageSecretName](https://github.com/airbytehq/airbyte/issues/44525) If you follow these steps and still encounter issues, please share the output of your secret definition (

kubectl get secret ... -o yaml

) and your relevant

values.yaml

section for further troubleshooting.

@kapa.ai The secret yaml form is "kubectl get secret gcs-log-creds -n airbytev2 -o yaml apiVersion: v1 data: gcp.json: ewogI................." and the storage is "storage: storageSecretName: gcs-log-creds type: gcs # Change "GCS" to lowercase #secretName: airbyte-gcs-log-creds bucket: log: airbyte-bucket state: airbyte-bucket workloadOutput: airbyte-bucket activityPayload: airbyte-bucket gcs: projectId: brk-analytics #credentialsJson: "base64encodedjsonkey" credentialsJsonPath: /secrets/gcs-log-creds/gcp.json"

A message from kapa.ai