In CI, with gcp auth plugin I was using gcloud auth activate-service-account ***@developer.gserviceaccount.com --key-file ***.json prior to execute kubectl commands. Now with gke-gcloud-auth-plugin I can't find any equivalent to use a gcp service account key file. I've installed gke-gcloud-auth-plugin
and gke-gcloud-auth-plugin --version
is giving me Kube.netes v1.25.2-alpha+ae91c1fc0c443c464a4c878ffa2a4544483c6d1f
Would you know if there's a way?
I tried to add this command: kubectl config set-credentials my-user --auth-provider=gcp
But I still get:
error: The gcp auth plugin has been removed. Please use the "gke-gcloud-auth-plugin" kubectl/client-go credential plugin instead.
You will need to set the env variable to use the new plugin before doing the get-credentials
:
export USE_GKE_GCLOUD_AUTH_PLUGIN=True
gcloud container clusters get-credentials $CLUSTER \
--region $REGION \
--project $PROJECT \
--internal-ip
I would not have expected the env variable to still be required (now that the gcp auth plugin is completely deprecated) - but it seems it still is.
Your kubeconfig will end up looking like this if the new auth provider is in use.
...
- name: $NAME
user:
exec:
apiVersion: client.authentication.k8s.io/v1beta1
command: gke-gcloud-auth-plugin
installHint: Install gke-gcloud-auth-plugin for use with kubectl by following
https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke
provideClusterInfo: true
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.