From 05c41a05632a28f08d916a9a868ea36dde36aac1 Mon Sep 17 00:00:00 2001 From: Atharva Mulmuley Date: Tue, 11 May 2021 17:24:45 +0530 Subject: [PATCH] changed spn method to service-principal --- .github/workflows/main.yml | 38 ++++++++++++++++++++++++++++++++++++++ action.yml | 2 +- lib/arc-login.js | 8 ++++---- src/arc-login.ts | 8 ++++---- 4 files changed, 47 insertions(+), 9 deletions(-) create mode 100644 .github/workflows/main.yml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 0000000..b113be7 --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,38 @@ +# This is a basic workflow to help you get started with Actions + +name: k8s-set-context + +# Controls when the action will run. +on: + # Triggers the workflow on push or pull request events but only for the master branch + push: + branches: [ cluster-connect-2 ] + + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "build" + build: + # The type of runner that the job will run on + runs-on: ubuntu-latest + #runs-on: self-hosted + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - uses: actions/checkout@v2 + - uses: azure/login@v1 + with: + creds: ${{ secrets.AZURE_CREDS }} + + - uses: atharvamulmuley/k8s-set-context@cluster-connect-2 + with: + method: 'service-principal' + cluster-type: 'arc' + cluster-name: arcaction + resource-group: atharvatest2 + token: '${{ secrets.SA_TOKEN }}' + - run: | + kubectl get pods -A \ No newline at end of file diff --git a/action.yml b/action.yml index 9cdd172..cf50db3 100644 --- a/action.yml +++ b/action.yml @@ -7,7 +7,7 @@ inputs: required: true default: 'generic' method: - description: 'Acceptable values: kubeconfig or service-account or SPN' + description: 'Acceptable values: kubeconfig or service-account or service-principal' required: true default: 'kubeconfig' kubeconfig: diff --git a/lib/arc-login.js b/lib/arc-login.js index 45402d5..ae57a20 100644 --- a/lib/arc-login.js +++ b/lib/arc-login.js @@ -21,8 +21,8 @@ function getArcKubeconfig() { return __awaiter(this, void 0, void 0, function* () { try { let method = core.getInput('method'); - if (method != 'service-account' && method != 'SPN') { - throw Error("Supported methods for arc cluster are 'service-account' and 'SPN'."); + if (method != 'service-account' && method != 'service-principal') { + throw Error("Supported methods for arc cluster are 'service-account' and 'service-principal'."); } let resourceGroupName = core.getInput('resource-group'); let clusterName = core.getInput('cluster-name'); @@ -49,7 +49,7 @@ function getArcKubeconfig() { if (!saToken) { throw Error("'saToken' is not passed for 'service-account' method."); } - console.log('using service account method for authenticating to arc cluster.'); + console.log("using 'service-account' method for authenticating to arc cluster."); const proc = child_process_1.spawn(azPath, ['connectedk8s', 'proxy', '-n', clusterName, '-g', resourceGroupName, '-f', kubeconfigPath, '--token', saToken], { detached: true, stdio: 'ignore' @@ -57,7 +57,7 @@ function getArcKubeconfig() { proc.unref(); } else { - console.log('using spn method for authenticating to arc cluster.'); + console.log("using 'service-principal' method for authenticating to arc cluster."); const proc = child_process_1.spawn(azPath, ['connectedk8s', 'proxy', '-n', clusterName, '-g', resourceGroupName, '-f', kubeconfigPath], { detached: true, stdio: 'ignore' diff --git a/src/arc-login.ts b/src/arc-login.ts index afb51e4..88e9430 100644 --- a/src/arc-login.ts +++ b/src/arc-login.ts @@ -11,8 +11,8 @@ const kubeconfig_timeout = 120;//timeout in seconds export async function getArcKubeconfig(): Promise { try { let method = core.getInput('method'); - if (method != 'service-account' && method != 'SPN'){ - throw Error("Supported methods for arc cluster are 'service-account' and 'SPN'."); + if (method != 'service-account' && method != 'service-principal'){ + throw Error("Supported methods for arc cluster are 'service-account' and 'service-principal'."); } let resourceGroupName = core.getInput('resource-group'); @@ -40,14 +40,14 @@ export async function getArcKubeconfig(): Promise { if(!saToken){ throw Error("'saToken' is not passed for 'service-account' method.") } - console.log('using service account method for authenticating to arc cluster.') + console.log("using 'service-account' method for authenticating to arc cluster.") const proc=spawn(azPath,['connectedk8s','proxy','-n',clusterName,'-g',resourceGroupName,'-f',kubeconfigPath,'--token',saToken], { detached: true, stdio: 'ignore' }); proc.unref(); } else{ - console.log('using spn method for authenticating to arc cluster.') + console.log("using 'service-principal' method for authenticating to arc cluster.") const proc=spawn(azPath,['connectedk8s','proxy','-n',clusterName,'-g',resourceGroupName,'-f',kubeconfigPath], { detached: true, stdio: 'ignore'