Where does one obtain a KUBE_TOKEN and KUBE_CA

[andrewmclagan]

Where does one obtain a KUBE_TOKEN and KUBE_CA

from within GKE environment?

[vallard]

Hmm... Good question, I've never run it on GKE. I'll be able to look at it in March. Might be some other way to authenticate instead. I think the guys over at https://github.com/UKHomeOffice-attic/drone-kubernetes used GKE so might have code there.

[BodySplash]

The simplest way I've found to grab CA and TOKEN from GKE is to go to kube dashboard->secrets->default_token. Here you can find the ca_certificate and token all your pods are using to communicate with the api. It's a little bit hacky though, and sure you can invalidate this token should you need it, but you'll have to restart all your pods afterward.

For now in GKE, basic auth seems to be the way to go, but this trick did the job for me.

[andrewmclagan]

We actually created a specific GCE drone plugin. It uses the gcloud cli and kubectl cli with a service-account key. More inline with official GCE best practices, as this repo is more geared for general K8s setup.

[andrewmclagan]

https://github.com/ethical-jobs/drone-gce