This message was deleted Pulumi Community #general

Join Slack

This message was deleted.

# general

sparse-intern-71089

02/21/2023, 3:25 PM

This message was deleted.

billowy-army-68599

02/21/2023, 4:02 PM

Are you installing components into the cluster with Pulumi?

dry-keyboard-94795

02/21/2023, 4:24 PM

it'd be

USE_GKE_GCLOUD_AUTH_PLUGIN: 'false'

(for old auth) Intereting that

install_components

didn't work (this is what we're doing). Maybe it's the version. The current is

v1.1.0

Copy code

- uses: 'google-github-actions/setup-gcloud@v1.1.0'
      name: Setup gcloud SDK
      with:
        install_components: 'gke-gcloud-auth-plugin'

billowy-army-68599

02/21/2023, 4:25 PM

sorry no, are using the kubernetes provider with pulumi?

dry-keyboard-94795

02/21/2023, 4:25 PM

Yes

dry-keyboard-94795

02/21/2023, 4:27 PM

Went through the process of getting gke auth working already when GH Runners updated gcloud a couple of months ago

billowy-army-68599

02/21/2023, 4:32 PM

how do you build your gke provider?

dry-keyboard-94795

02/21/2023, 4:32 PM

2 stacks, one uses a generated kubeconfig with the new gke-auth-plugin explicitly based off the cluster being made. The other uses get-credentials, with gke-auth-plugin being implicit.

billowy-army-68599

02/21/2023, 4:36 PM

okay, have you run a successful update since you made those chances? The issue here is that the provider itself is stored in state., This error:

Copy code

Diagnostics:
    kubernetes:core/v1:ConfigMap (log4j):
      error: failed to initialize discovery client: The gcp auth plugin has been removed.
      Please use the "gke-gcloud-auth-plugin" kubectl/client-go credential plugin instead.
      See <https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke> for further details

is being returned by the Kubernetes API when you try use the cluster. Setting env vars isn’t going to work around that.

billowy-army-68599

02/21/2023, 4:37 PM

it’s difficult to prescribe a fix here because i don’t have code to look at, but essentially you’ll need to make sure your provider instantiation is correct and is using the correct plugin

incalculable-potato-82285

02/21/2023, 4:39 PM

Yes, we‘re installing components. So the fix would be to update the kubernetes provider with correct plugin?

billowy-army-68599

02/21/2023, 4:48 PM

yes, when i saw provider, i mean the provider code.

incalculable-potato-82285

02/21/2023, 4:56 PM

Okay I‘ll check the code and will provide more information tomorrow

incalculable-potato-82285

02/22/2023, 8:16 AM

So basically we`re generating the kubernetes provider like this:

Copy code

export function GetK8sProvider(): k8s.Provider {

	const k8sStackName= config.require("k8s-stack");

	const k8sStack = new pulumi.StackReference(k8sStackName);
	const kubeconfig = k8sStack.getOutput("kubeconfig");

	const k8sProvider = new k8s.Provider("provider", {
		kubeconfig: kubeconfig,
	});

	return k8sProvider;
}

incalculable-potato-82285

02/22/2023, 8:17 AM

Interessting thing is, if we do a "pulumi up" on the local machine, everything works fine - just in GitHub Action we run into the above Error

incalculable-potato-82285

02/22/2023, 8:20 AM

https://github.com/pulumi/examples/blob/d11f2289a3418ad905ee43fa5dfc0104267ac1c9/gcp-ts-gke/cluster.ts#L75 i think i found the solution here - we`re not passing the command: gke-gcloud-auth-plugin to the kubeconfig

👍 1

incalculable-potato-82285

02/22/2023, 4:52 PM

@billowy-army-68599 Thanks a lot again! You´re Hint helped a lot and we got the action running again!

🎉 1

5 Views

Open in Slack

Previous Next