fix(on-prem): use the .spec.kubernetes.advanced.users.org parameter for kubernetes users creation
#275
Conversation
… for kubernetes users creation
There was a problem hiding this comment.
Unfortunately this change is not working for me.
This is what I did:
- Cleaned up local files and the
.furyctlfolder. - Added a user to the list in the furyctl.yaml file under
.spec.kubernetes.advanced.users.namesand set.spec.kubernetes.advanced.users.orgto a custom value. - Run
furyctl apply --phase kubernetes - I checked the
<username>.kubeconfigfile that gets copied in the current folder for the Organization property in the certificates with the following command:
yq '.users[0].user.client-certificate-data' <username>.kubeconfig | base64 -d | openssl x509 -text | grep Subject:I got O=sighup, CN=<username> as value.
I expected the additional user to have the O=<org I set in the furyctl.yaml>.
Closes #256
I think you meant #265 ;)
There was a problem hiding this comment.
As you wisely pointed out to me, this change was being overridden by furyctl compatibility patches in my test 🤕 .
Re testing these changes without the compatibility patches, the organization is set properly for the additional users.
well done @speziato 🎉
Yep, but I tested it in a wrong way: I edited the compatibility patch in furyctl and built it locally to test with KFD v1.29.4, saw that it was working and pushed the change here. The test I did was not as good as @ralgozino's one. Basically, to test locally you can just clone this repo, checkout this branch, change the git clone https://github.com/sighupio/fury-distribution --branch=fix/on-prem-user-org
cd fury-distribution
sed -I "" -r 's#^(version:\ ).*#\1v1.29.5#g' kfd.yaml
furyctl create config --kind OnPremises --version v1.29.5 --distro-location .
# add the advanced.users.names and advanced.users.org properties to the furyctl.yaml
furyctl apply --distro-location . --phase kubernetes
yq '.users[0].user.client-certificate-data' <username>.kubeconfig | base64 -d | openssl x509 -text | grep Subject: |
Closes #265