terratest icon indicating copy to clipboard operation
terratest copied to clipboard
verified publisher icon gruntwork-io

no Auth Provider found for name "azure" When using Azure ODIC to login to kubernetes cluster and running a test

Open whume opened this issue 4 years ago • 1 comments

I was testing terratest today and noticed it was unable to authenticate into my K8s clusters using my OIDC for AzureAD that works when I use kubectl / terraform / helm etc. I was unsure if this was a issue with the code or how to troubleshoot it and my googling is failing. The test runs fine on my EKS cluster that uses IAM auth so I was thinking it was something with OIDC via AzureAD.

The test itself is pretty simple just verify a service is there.

package test

import (

	"testing"

	"github.com/stretchr/testify/require"

	"github.com/gruntwork-io/terratest/modules/k8s"
	
)

func TestVaultSvc(t *testing.T) {
	t.Parallel()
	namespaceName := "vault"

	options := k8s.NewKubectlOptions("", "", namespaceName)

	service := k8s.GetService(t, options, "vault-agent-injector-svc")
	require.Equal(t, service.Name, "vault-agent-injector-svc")
}

The config file looks like this with all my stuff redacted

---
kind: Config
apiVersion: v1
preferences: {}
current-context: ''
clusters:
- cluster:
    insecure-skip-tls-verify: true
    server: https://<ip address>:6443
  name: cluster-1
contexts:
- context:
    cluster: cluster-1
    user: [email protected]
  name: cluster-1
current-context: cluster-1
users:
- name: [email protected]
  user:
    auth-provider:
      config:
        apiserver-id: "<api server id>"
        client-id: "<client id>"
        environment: "<environment>"
        tenant-id: "<tenant id>"
      name: azure

When running I get the following error

TestVaultSvc 2021-08-18T21:04:46-04:00 client.go:42: Configuring Kubernetes client using config file /Users/user/.kube/config with context cluster-1
--- FAIL: TestVaultSvc (0.00s)
    service.go:46:
        	Error Trace:	service.go:46
        	            				vault_injector_k8s_service_test.go:49
        	Error:      	Received unexpected error:
        	            	no Auth Provider found for name "azure"
        	Test:       	TestVaultSvc
FAIL
FAIL	command-line-arguments	0.283s
FAIL

Any help would be appreciated. Without this it would be hard to have all our engineers writing tests locally.

Thanks!

whume avatar Aug 19 '21 01:08 whume

:wave: I know this is an old question, but I just recently bumped into this myself and thought I'd drop the answer off. The solution is to make sure that all the auth providers are loaded. That should be as simple as including an import like this in your test:

import _ "k8s.io/client-go/plugin/pkg/client/auth"

tkent avatar May 26 '22 21:05 tkent