not finding my kubeconfig
Closed this issue · 2 comments
These are my steps. I'm authenticating into an IAM role with EKS perms. Then I use aws cli to pull my kubeconfig. That should have my credentials in it.
` name: AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: arn:aws:iam::<redacted_acc_no>:role/<redacted_role_name>
role-session-name: ci-run-${{ github.run_id }}
aws-region: ${{ env.AWS_REGION }}
audience: sts.amazonaws.com
-
name: Get kubeconfig
run: |
aws eks update-kubeconfig --name ${{ env.CLUSTER_NAME }} --region ${{ env.AWS_REGION }} --kubeconfig ~/.kube/config
echo 'KUBE_CONFIG_DATA<<EOF' >> $GITHUB_ENV
echo $(cat ~/.kube/config | base64) >> $GITHUB_ENV
echo 'EOF' >> $GITHUB_ENV
-
name: Install Helm Chart (Staging)
uses: bitovi/github-actions-deploy-eks-helm@v1.2.4
with:
action: install
name: <redacted_severicename>-service-${{ env.environment }}
aws-region: ${{ env.AWS_REGION }}
cluster-name: ${{ env.CLUSTER_NAME }}-prod
namespace: ${{ env.environment }}
values: "image.tag=${{steps.image_tag.outputs.tag}}"
config-files: k8s/<redacted_severicename>/values-${{ env.environment }}.yaml
chart-path: k8s/<redacted_severicename>/Chart.yaml `
The plugin, however, seems to be pulling from (and writing to) kubeconfig data from /github/home/.kube/config, which is a directory I don't have the perms to access.
The output of your (failed) step is:
Error: Kubernetes cluster unreachable: the server has asked for the *** to provide credentials
Those credentials should be in my kubeconfig, but I think your runner is pulling them from a place to which I can't write.
Hi @jsmith-itscovered ! First of all, thanks for submitting an issue.
Our GitHub Action will take care of pulling the kubeconfig file for you, so you might want to skip the Get kubeconfig step completely.
Please test that and let us know how it goes!
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: arn:aws:iam::${{ env.aws-account-id }}:role/${{ env.aws-assume-role }}
aws-region: ${{ env.aws-region }}
- name: Install Helm Chart
uses: bitovi/github-actions-deploy-eks-helm@v1.2.4
with:
aws-region: ${{ env.aws-region }}
cluster-name: eks-cluster-${{ env.environment }}
... (put your other arguments here)
You can also find us in Discord if you need more help!
This ended up being a problem with our aws-auth. Thanks for your willingness to help.