agreeable-computer-140902/14/2023, 6:27 PM
in a CI environment which was using the old auth mechanism.
The fix for this seems to be to add a
error: failed to initialize discovery client: The gcp auth plugin has been removed. Please use the "gke-gcloud-auth-plugin" kubectl/client-go credential plugin instead. See <https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke> for further details
step before running
gcloud container clusters get-credentials CLUSTER_NAME
. Up until now we'd been allowing Pulumi to generate a random suffix on all Kubernetes resources including the cluster name (and CI didn't need to know what the cluster name is), but it seems like now we will need to explicitly reference a cluster name in CI to authenticate. This seems fine once a cluster has already been created, but for newly created clusters it seems like we'd need to bring the cluster up once manually, get the name that Pulumi generates, and then update CI to reference the correct cluster name. Does that sound like the intended workflow, or is there another way to manage authentication for clusters with randomly generated names?
dry-keyboard-9479502/14/2023, 7:09 PM