Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PWX-31339: Install kubelogin in stork container #1448

Merged
merged 1 commit into from
Jun 29, 2023

Conversation

pp511
Copy link
Contributor

@pp511 pp511 commented Jun 28, 2023

What type of PR is this?

feature

What this PR does / why we need it:
Using AAD will require using kubelogin to generate kubeconfig

Does this PR change a user-facing CRD or CLI?:
no

Is a release note needed?:
yes

Updated kubelogin in Stork container.

Does this change need to be cherry-picked to a release branch?:
yes, 23.7

Notes

  • Enabled AAD for the cluster from Azure UI and tried to generate kubeconfig from cli
 $az aks get-credentials --resource-group ppandey-dev2 --name ppandey-dev2
 $kubectl get nodes

Unable to connect to the server: getting credentials: exec: executable kubelogin not found
It looks like you are trying to use a client-go credential plugin that is not installed.

To learn more about this feature, consult the documentation available at:
      https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins


kubelogin is not installed which is required to connect to AAD enabled cluster.

To learn more, please go to https://aka.ms/aks/kubelogin
  • Followed the steps added in the Dockerfile to install kubelogin locally
[deployments/azure/Latest]$ kubelogin --version
$kubelogin version 
git hash: v0.0.30/f9291df8538a4f8d3eb1957d75027199bbea0481
Go version: go1.19.10
Build time: 2023-06-07T00:35:03Z
Platform: linux/amd64

$kubectl get nodes
NAME                                STATUS   ROLES   AGE   VERSION
aks-nodepool1-30608238-vmss000000   Ready    agent   35m   v1.26.0
aks-nodepool1-30608238-vmss000001   Ready    agent   35m   v1.26.0
aks-nodepool1-30608238-vmss000002   Ready    agent   35m   v1.26.0

  • exec in the updated container and kubelogin is available
$kn exec -it stork-6df7869cb5-2qf7r  -- /bin/sh
#kubelogin version 
git hash: v0.0.30/f9291df8538a4f8d3eb1957d75027199bbea0481
Go version: go1.19.10
Build time: 2023-06-07T00:35:03Z
Platform: linux/amd64

Signed-off-by: Priyanshu Pandey <ppandey@purestorage.com>
@pp511 pp511 added the release-note Information about this change needs to be added to the release note label Jun 28, 2023
@cnbu-jenkins
Copy link
Collaborator

Can one of the admins verify this patch?

@codecov
Copy link

codecov bot commented Jun 28, 2023

Codecov Report

Patch coverage has no change and project coverage change: +0.06 🎉

Comparison is base (655a882) 68.86% compared to head (127b563) 68.93%.

Additional details and impacted files
@@            Coverage Diff             @@
##           master    #1448      +/-   ##
==========================================
+ Coverage   68.86%   68.93%   +0.06%     
==========================================
  Files          43       43              
  Lines        4738     4738              
==========================================
+ Hits         3263     3266       +3     
+ Misses       1156     1154       -2     
+ Partials      319      318       -1     

see 1 file with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

Copy link
Contributor

@adityadani adityadani left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hopefully the newly added packages and kubelogin binaries don't add new vulnerabilities.

@pp511
Copy link
Contributor Author

pp511 commented Jun 29, 2023

Vulnerabililty scan report of 23.6.0 -> https://aetos.pwx.purestorage.com/security/Stork/23-6-0/2023-06-29-20-16-38-487215
Vulnerabililty scan report Stork master with this commit -> https://aetos.pwx.purestorage.com/security/Stork/23-7-dev/2023-06-29-19-42-39-705069
No new vulnerabilities with sev critical or high were introduced with this change

@pp511 pp511 merged commit 133d984 into master Jun 29, 2023
Rohit-PX pushed a commit to Rohit-PX/stork that referenced this pull request Jul 12, 2023
Signed-off-by: Priyanshu Pandey <ppandey@purestorage.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
release-note Information about this change needs to be added to the release note
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants