actions/k8s-set-context
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

changed spn method to service-principal

Browse Source
This commit is contained in:
Atharva Mulmuley 2021-05-11 17:24:45 +05:30
parent e64d948639
commit 05c41a0563
4 changed files with 47 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
.github/workflows/main.yml vendored Normal file
View File

@ -0,0 +1,38 @@
# This is a basic workflow to help you get started with Actions
name: k8s-set-context
# Controls when the action will run.
on:
# Triggers the workflow on push or pull request events but only for the master branch
push:
branches: [ cluster-connect-2 ]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
#runs-on: self-hosted
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v2
- uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDS }}
- uses: atharvamulmuley/k8s-set-context@cluster-connect-2
with:
method: 'service-principal'
cluster-type: 'arc'
cluster-name: arcaction
resource-group: atharvatest2
token: '${{ secrets.SA_TOKEN }}'
- run: |
kubectl get pods -A

2
action.yml
View File

@ -7,7 +7,7 @@ inputs:
required: true required: true
default: 'generic' default: 'generic'
method: method:
description: 'Acceptable values: kubeconfig or service-account or SPN' description: 'Acceptable values: kubeconfig or service-account or service-principal'
required: true required: true
default: 'kubeconfig' default: 'kubeconfig'
kubeconfig: kubeconfig:

8
lib/arc-login.js
View File

@ -21,8 +21,8 @@ function getArcKubeconfig() {
return __awaiter(this, void 0, void 0, function* () { return __awaiter(this, void 0, void 0, function* () {
try { try {
let method = core.getInput('method'); let method = core.getInput('method');
if (method != 'service-account' && method != 'SPN') { if (method != 'service-account' && method != 'service-principal') {
throw Error("Supported methods for arc cluster are 'service-account' and 'SPN'."); throw Error("Supported methods for arc cluster are 'service-account' and 'service-principal'.");
} }
let resourceGroupName = core.getInput('resource-group'); let resourceGroupName = core.getInput('resource-group');
let clusterName = core.getInput('cluster-name'); let clusterName = core.getInput('cluster-name');
@ -49,7 +49,7 @@ function getArcKubeconfig() {
if (!saToken) { if (!saToken) {
throw Error("'saToken' is not passed for 'service-account' method."); throw Error("'saToken' is not passed for 'service-account' method.");
} }
console.log('using service account method for authenticating to arc cluster.'); console.log("using 'service-account' method for authenticating to arc cluster.");
const proc = child_process_1.spawn(azPath, ['connectedk8s', 'proxy', '-n', clusterName, '-g', resourceGroupName, '-f', kubeconfigPath, '--token', saToken], { const proc = child_process_1.spawn(azPath, ['connectedk8s', 'proxy', '-n', clusterName, '-g', resourceGroupName, '-f', kubeconfigPath, '--token', saToken], {
detached: true, detached: true,
stdio: 'ignore' stdio: 'ignore'
@ -57,7 +57,7 @@ function getArcKubeconfig() {
proc.unref(); proc.unref();
} }
else { else {
console.log('using spn method for authenticating to arc cluster.'); console.log("using 'service-principal' method for authenticating to arc cluster.");
const proc = child_process_1.spawn(azPath, ['connectedk8s', 'proxy', '-n', clusterName, '-g', resourceGroupName, '-f', kubeconfigPath], { const proc = child_process_1.spawn(azPath, ['connectedk8s', 'proxy', '-n', clusterName, '-g', resourceGroupName, '-f', kubeconfigPath], {
detached: true, detached: true,
stdio: 'ignore' stdio: 'ignore'

8
src/arc-login.ts
View File

@ -11,8 +11,8 @@ const kubeconfig_timeout = 120;//timeout in seconds
export async function getArcKubeconfig(): Promise<string> { export async function getArcKubeconfig(): Promise<string> {
try { try {
let method = core.getInput('method'); let method = core.getInput('method');
if (method != 'service-account' && method != 'SPN'){ if (method != 'service-account' && method != 'service-principal'){
throw Error("Supported methods for arc cluster are 'service-account' and 'SPN'."); throw Error("Supported methods for arc cluster are 'service-account' and 'service-principal'.");
} }
let resourceGroupName = core.getInput('resource-group'); let resourceGroupName = core.getInput('resource-group');
@ -40,14 +40,14 @@ export async function getArcKubeconfig(): Promise<string> {
if(!saToken){ if(!saToken){
throw Error("'saToken' is not passed for 'service-account' method.") throw Error("'saToken' is not passed for 'service-account' method.")
} }
console.log('using service account method for authenticating to arc cluster.') console.log("using 'service-account' method for authenticating to arc cluster.")
const proc=spawn(azPath,['connectedk8s','proxy','-n',clusterName,'-g',resourceGroupName,'-f',kubeconfigPath,'--token',saToken], { const proc=spawn(azPath,['connectedk8s','proxy','-n',clusterName,'-g',resourceGroupName,'-f',kubeconfigPath,'--token',saToken], {
detached: true, detached: true,
stdio: 'ignore' stdio: 'ignore'
}); });
proc.unref(); proc.unref();
} else{ } else{
console.log('using spn method for authenticating to arc cluster.') console.log("using 'service-principal' method for authenticating to arc cluster.")
const proc=spawn(azPath,['connectedk8s','proxy','-n',clusterName,'-g',resourceGroupName,'-f',kubeconfigPath], { const proc=spawn(azPath,['connectedk8s','proxy','-n',clusterName,'-g',resourceGroupName,'-f',kubeconfigPath], {
detached: true, detached: true,
stdio: 'ignore' stdio: 'ignore'