Headlamp 0.36.0: Plugin manager sidecar crashes with npm permissions error #3999
Description
Describe the bug
The plugin manager sidecar container in Headlamp chart version 0.36.0 fails with npm EACCES permissions error when installing @headlamp-k8s/pluginctl, causing CrashLoopBackOff. The container exits with code 127 (pluginctl: not found) leaving the pod with only 1/2 containers ready.
To Reproduce
- Deploy Headlamp using Helm chart version 0.36.0
- Enable plugin manager:
pluginsManager:
enabled: true
configContent: |
plugins:
- name: flux
source: https://artifacthub.io/packages/headlamp/headlamp-plugins/headlamp_flux
version: 0.4.0- Check pod status:
kubectl get pods -n headlamp - See CrashLoopBackOff with 1/2 Ready
- Check logs:
kubectl logs <pod> -c headlamp-plugin
Environment
- Installation type: Helm (via FluxCD)
- Headlamp Version: 0.36.0
- Other: Talos Linux, containerd
Are you able to fix this issue?
No, but happy to test fixes.
Additional Context
Error logs:
npm error code EACCES
npm error syscall mkdir
npm error path /.npm
npm error errno EACCES
...
/bin/sh: pluginctl: not found
Root cause: The node:lts-alpine image runs as non-root but /.npm directory has incorrect permissions, preventing npm from installing the global package. Despite echoing "Installed successfully", pluginctl binary isn't actually available.
Regression: Yes. Version 0.35.0 worked without this issue. Plugin manager appears to be new in 0.36.0.
Workarounds:
- Roll back to 0.35.0
- Set
pluginsManager.enabled: false
Suggested fixes:
- Set
NPM_CONFIG_CACHEenv var to/tmp/.npm - Add init container to create
/.npmwith proper ownership - Use npm
--cacheflag pointing to writable location