https://pulumi.com logo
Title
c

cool-egg-852

07/02/2021, 6:41 PM
Does anyone know how to use a
kubeconfig
per the examples given from a
ManagedCluster
as an input to a provider when using
aad
integration? When trying this, we end up with a URL for devicelogin we need to go to and enter a code in, but this doesn’t work for automation.
f

future-kite-91191

07/03/2021, 4:28 AM
Try remove kubeconfig from your Pulumi provider instance. And use
kubelogin
locally and in DevOps?
b

better-shampoo-48884

07/03/2021, 3:41 PM
if you really want to use aad integration for your ci/cd connection, you're forced into devicelogin. Alternatively, you can just bypass it by getting administrative credentials
This is how I pull it:
return azure.containerservice.listManagedClusterAdminCredentials({
    resourceGroupName: rgName,
    resourceName: clusterName,
},{
    provider: azureProvider
})
c

cool-egg-852

07/03/2021, 3:43 PM
I'm happy to bypass aad integration for CI, I'm just not sure how. But with what you've said it gives me a bit of a hint to look into. We're new to Azure (coming from GCP) so it's a bit more complicated.
b

better-shampoo-48884

07/03/2021, 3:43 PM
I feel you. I wish you the absolute best of luck there.
c

cool-egg-852

07/03/2021, 3:43 PM
That code is exactly how we are doing it but when using that kubeconfig it asks for devicelogin
b

better-shampoo-48884

07/03/2021, 3:44 PM
are you certain you\re using the ADMIN part?
listManagedCluster-ADMIN-Credentials
?
c

cool-egg-852

07/03/2021, 3:44 PM
Oh maybe not. I will confirm again on Tuesday when I'm back on the office.
Thank you so much!
b

better-shampoo-48884

07/03/2021, 3:44 PM
becuase if you use listManagedClusterUserCredentials - that's the one which requires devicelogin 😉
np - best of luck - ping me if you need anything else wrt this - I've been through enough pain it feels nice to talk about it 😄
c

cool-egg-852

07/03/2021, 3:46 PM
Thank you. I understand the feeling.
It worked, thank you!