kubectl
kubectl copied to clipboard
steebchen
[Request] Add support for kubeconfig files in github workspace
If I have a kube config in my github workspace, I would love to be able to use it instead of using a value from secrets that is static. My usecase is that I dynamically retrieve my kubeconfig from digital ocean using doctl and store it in the github workspace.
This code has an example of what I am talking about, and the current workaround I'm using. I would rather use your action!
Sounds like a good addition, however I'm pretty swamped right now and personally I don't need it. However, if you or someone else can send a PR, I will happily review and merge it.
Hi Steeb, Thanks for your github action, this is what I was looking for. Still I'm facing an issue while executing it.. I'm trying to build the pipeline - GitHub -> Docker Hub -> IBM Cloud Kubernetes. I'm new at this Github action. Well my issue is; on set image step github is throwing an error "Docker run failed with exit code 2" and "sh: 1: Bad substitution"... I'm not sure how to resolve this issue.. I've created secrets KUBE_CONFIG_DATA as you mentioned in steps.. and added value by cat $KUBECONFIG | base64
secrets.DOCKER_REPO = vjgediya/nodedemoapp
Can you please help me with that as soon as possible?
Thanks.
@VJGediya Can you try reading the value of the kube config data, but instead put the value (already base64 encoded) into a GitHub Actions secret using the repo settings? Also, can you make sure your line in "set image" works; ${GITHUB_SHA::8} seems like bash and may not be supported in sh/posix.
Well I’ve already encoded the value of KUBECONFIG and set that into secret.. I’ve encoded using;
cat $KUBECONFIG | base64
And to answer your second question, ${GITHUB_SHA::8} does work as I am using it to tag docker image and it’s successfully gives output as first 8 character of commit.
run: docker build -t ${{ secrets.DOCKER_REPO }}:${GITHUB_SHA::8} .
I’m not sure why is it still not working.. I’ve been stuck at this step for 3 days.. it’s so annoying 😣
Uff, though... Can you try hardcoding the ${GITHUB_SHA::8} part temporarily? Also, maybe try quoting the DOCKER_REPO secret, i.e. set image --record deployment/demo-nodeapp nodeapp="${{ secrets.DOCKER_REPO }}":"${GITHUB_SHA::8}"
Ahhh wait, did you maybe forget to supply DOCKER_REPO in the env config?
Here, you just declare KUBE_CONFIG_DATA, but not DOCKER_REPO
Oh mann!!! So this is this works? Like I have to declare each secrets as env variables? Like; env: KUBE_CONFIG...... DOCKER_REPO: ${{secrets. DOCKER_REPO}}
And then I can use the arg? i.e. set image --record deployment/demo-nodeapp nodeapp=$DOCKER_REPO:"${GITHUB_SHA::8}"
Yep, all secrets you have defined in your repo secrets you have to declare in each action explicitly if you want to use them EDIT: actually probably not true unless you really want to use them as an env var. sorry
Oh man...🤦🏻♂️ You gave me hope man.. I’ll try that and let you know what happens.. You’re legend man.. Thank you so much for quick replies. Appreciate it.
As I've understood till now that It's trying to read the CA certificate which is defined in KUBECONFIG file under cluster section -> certificate-autho and server's value... But somehow it can't reach or find the file.. I'm not sure why?
@steebchen : or would it be possible to provide the path to the KUBECONFIG file? At the moment passing the value into env KUBECONFIG (not out of secrets) is a security vulnerability since it shows up in the Action logs which are public..
Maybe you can just try setting --kubeconfig=.... by yourself in the command? If that doesn't work and you need the functionality in this repository feel free to send a PR and I'll merge it.