pulumi-kubernetes icon indicating copy to clipboard operation
pulumi-kubernetes copied to clipboard

Published 20 hours ago verified publisher icon pulumi

Kustomize from private GitHub repository fails on authentication

Open Dysproz opened this issue 3 years ago • 5 comments

What happened?

I'm trying to deploy Kustomize project using pulumi. My kustomize directory is located in GitHub in private repository. kustomization.yaml file also deploys resources that are located in private repositories.

I've tried to follow this documentation page and set github:token in stack configuration. However, my code fails with error failed to retrieve specified kustomize directory: "https://github.com/private-org/eprivate-repo/tree/main/kustomize-app": failed to get git ref: authentication required

Is it still the right way to provide authentication for GitHub to Kustomize directory in private repositories, or should it be done differently?

Steps to reproduce

kustomize directory definition:

        const kustomizeApp = new Directory("kustomize-app"`, {
            directory: `https://github.com/private-org/eprivate-repo/tree/main/kustomize-app`,
        }, {
            provider: k8sprovider
        });

Expected Behavior

Kustomize application is deployed into the k8s cluster.

Actual Behavior

Code fails with error failed to retrieve specified kustomize directory: "https://github.com/private-org/eprivate-repo/tree/main/kustomize-app": failed to get git ref: authentication required

Versions used

CLI Version 3.28.0 Go Version go1.18 Go Compiler gc

Plugins NAME VERSION aws 4.37.4 command 0.0.3 docker 3.1.0 eks 0.37.1 github 4.11.0 kubernetes 3.16.0 nodejs unknown tls 4.1.0

Host OS darwin Version 12.3.1 Arch x86_64

This project is written in nodejs (/Users/skrasuski/.nvm/versions/node/v17.4.0/bin/node v17.4.0)

Backend Name pulumi.com URL https://app.pulumi.com/Szymon User Szymon Organizations Szymon

NAME VERSION @pulumi/awsx 0.33.0 @pulumi/command 0.0.3 @pulumi/kubernetesx 0.1.6 prettier 2.5.1 @pulumi/aws 4.37.4 @pulumi/kubernetes 3.16.0 @pulumi/pulumi 3.24.1 @types/node 17.0.18 akeyless 2.15.27 authentication-node-client 0.0.1 @pulumi/eks 0.37.1 @pulumi/github 4.11.0 @pulumi/tls 4.1.0 typescript 4.5.5

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

Dysproz avatar Apr 12 '22 14:04 Dysproz

Hi @Dysproz - thank you for filing this issue!

I'm going to ask @viveklak to verify whether we are supporting private repositories for kustomize.

guineveresaenger avatar Apr 18 '22 19:04 guineveresaenger

Ran into the same problem. Could someone please confirm if there is intent to support private repositories for kustomize? This is a big blocker in us adopting the tool

cmarteepants avatar Apr 25 '22 20:04 cmarteepants

Apologies for the delay in responding.

As it stands, the kustomize support will not work with private repositories. Happy to convert this to a feature request to add support for this. However, can't provide a timeline for when this will be supported at the moment. Please note, that the github:token config option is only relevant to the github provider/package and not relevant to the kubernetes provider's support.

A workaround is to consider using a github client relevant to your language to perform a local checkout of the private repository and providing the path to the local directory instead.

viveklak avatar Apr 25 '22 20:04 viveklak

+1

SnoozeFreddo avatar Jan 26 '24 01:01 SnoozeFreddo

Some background information: https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md

Seems like Kustomize uses the locally-installed git tool and I wonder if a possible workaround is to pre-configure your local environment, e.g. to use a credentials helper, as described here.

EronWright avatar Mar 29 '24 23:03 EronWright