-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[JENKINS-49817] Support kubeconfig from secretFile credentials #294
[JENKINS-49817] Support kubeconfig from secretFile credentials #294
Conversation
The code was merged in |
so this depends on #271 |
Great! I hadn't seen that you'd sent a PR for that already. I had patched up any other API breakages myself in this PR as well.
|
da07e9a
to
acc68a8
Compare
Hello @carlossg. The fabric8 folks have released
|
kubeconfig
from secretFile credskubeconfig
from secretFile creds
(Updating PR title and description, it's no longer a WIP.) |
you would need to also add the option to
And add some tests |
kubeconfig
from secretFile creds
The change to What is I'll work on tests. |
Actually, I see what KubectlBuildWrapper is, it already works with kubeconfig so this is straightforward. Any pointers on what test(s) you are looking for? The net change boils down to calling a single method from the client package and I don't see any existing auth-related tests. |
e467be5
to
26ee3e2
Compare
With the latest commit, I have tested a declarative pipeline and a freestyle script with the kubectl wrapper. Both are working as expected. |
String kubeconfigContents = reader.lines().collect(Collectors.joining("\n")); | ||
Config config = Config.fromKubeconfig(kubeconfigContents); | ||
builder = new ConfigBuilder(config); | ||
reader.close(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the block should be in a try/catch/finally
BufferedReader reader = new BufferedReader(new InputStreamReader(configStream, StandardCharsets.UTF_8)); | ||
String kubeconfigContents = reader.lines().collect(Collectors.joining("\n")); | ||
configFile.write(kubeconfigContents, null); | ||
reader.close(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the block should be in a try/catch/finally
1b7f3f0
to
a565ff6
Compare
I fixed up both of those spots. |
and reorder Config creation flow
I have switched to try with resources and simplify a bit the code. |
Thanks @carlossg, I like the commit you made. |
Note: this is a WIP because it is blocked by this PR on the fabric8 kubernetes-client: config: support loading from kubeconfig string.* Updates to the 3.x version of thekubernetes-client
packagekubeconfig
files (secretFile
credentails) as cluster credentialsI have (minimally) tested it, however. Sending it now so people can take a look. I'll update the title when it's no longer blocked.
This is my preferred way of handling all credentials for kubernetes clusters, whenever the credentials are "portable" and sealed. For example, when producing limiting service accounts in remote namespaces and then generating kubeconfigs for them.
Fixes: JENKINS-49817