actions-hub / kubectl Goto Github PK

View Code? Open in Web Editor NEW

117.0 3.0 68.0 25 KB

GitHub Action for interacting with kubectl (k8s)

Home Page: https://github.com/marketplace/actions/kuberentes-k8s-cli-kubectl

License: MIT License

Dockerfile 23.34% Shell 76.66%

kubernetes kubectl github-action k8s

kubectl's People

Contributors

Stargazers

Watchers

kubectl's Issues

Executable aws not found

I'm using the latest version and using KUBE_CONFIG way, but getting bellow error. Can somebody help me out here.

Unable to connect to the server: getting credentials: exec: executable aws not found

It looks like you are trying to use a client-go credential plugin that is not installed.

To learn more about this feature, consult the documentation available at:
      https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins

Here is how I'm using the action -

      - name: Setup kubectl
        uses: actions-hub/[email protected]
        env:
          KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
        with:
          args: get pods

Run kubectl kustomize without KUBE_CONFIG or KUBE_HOST

I'd like to use this action in a workflow to test that manifests can be rendered.

kubectl kustomize is a built-in that doesn't require connectivity to a cluster. I get the following error:

No authorization data found. Please provide KUBE_CONFIG or KUBE_HOST variables. Exiting...

kubectl/entrypoint.sh

Lines 35 to 38 in 4eb1c88

 else 

 echo "No authorization data found. Please provide KUBE_CONFIG or KUBE_HOST variables. Exiting..." 

 exit 1 

 fi

k8s in self-hosted github runner - tcp 127.0.0.1:6443: connection refused

Hey everyone!
I was following the tutorial about self-hosted github runner for applying kubectl command and ran into this issue:

E1208 23:53:20.163003 7 memcache.go:265] couldn't get current server API group list: Get "https://127.0.0.1:6443/api?timeout=32s": dial tcp 127.0.0.1:6443: connect: connection refused

I provided base64 encoded .kube/config via secrets

github runner is hosted on the kubernetes control-plane (master) node, kubectl commands are working fine, when i run them from my ssh-terminal at that node, but when github runner does it into docker container, this issue occurs

Could someone please help me out on this?

How to pass manifest file to command

I am trying to create job like this:

  apply-resources:
    runs-on: ubuntu-latest
    environment: ${{ inputs.env }}
    needs: apply-resources
    steps:
    - uses: actions-hub/kubectl@master
      env:
        KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
      with:
        args: apply -f src/k8s/services/my-service.yml

but getting error that file does not exist.

Is it possible to pass manifest file here somehow?

Can only execute one command?

I will report an error when I pass multiple commands for the args parameter

Add option to specify namespace

It would be very convenient to have an option to specify the namespace (be it via env or with) instead of doing args: -n <some-namespace> get pods

Multi Args Support (args sequence)

[Feature] Set `kubectl` output as workflow variable

Currently this action is useful for manipulative operations on a cluster, but not for read operations, since there is no way to receive the output of a command currently.

cluster-info

running CMD "cluster-info" in the Dockerfile prevents users from using a namespace scoped service account without access to list services in kube-system.

Error from server (Forbidden): services is forbidden: User "system:serviceaccount:my-app:github-ci" cannot list resource "services" in API group "" in the namespace "kube-system"

Is there a reason cluster-info is run? or it is just to log info in the github action logs?

Always throws an error "It looks like you are trying to use a client-go credential plugin that is not installed."

It looks like you are trying to use a client-go credential plugin that is not installed.

To learn more about this feature, consult the documentation available at:
      https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins

The error doesn't occur when I use the same kubeconfig secret with azure/setup-kubectl@v3 and azure/k8s-set-context@v3

Feature Request: ignore error flag

It would nice if there were a ignore_error option that could be set to true and default to false.

Use case: I want to execute kubectl delete job <job-name> and not fail if the job doesn't exist, so that in the next stage I can execute kubectl apply -f job.yaml

Here is my current workaround

- name: Delete Migration Job
  if: ${{ contains(fromJSON('["prod"]'), matrix.env) }}
  env:
    KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
  run: |
    set -e
    if [ ! -f "$HOME/.kube/config" ]; then
      if [ ! -z "${KUBE_CONFIG}" ]; then
        mkdir -p $HOME/.kube
        echo "$KUBE_CONFIG" | base64 -d > $HOME/.kube/config
      fi
    fi
    kubectl delete job accounts-migrate-database || true
- name: Run Database Migration Job
  if: ${{ contains(fromJSON('["prod"]'), matrix.env) }}
  uses: actions-hub/kubectl@master
  env:
    KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
  with:
    args: apply -f kube/job-db-migrate.yaml

Why cant this action use the aws cli?

I'm setting up my AWS credentials with aws-actions/configure-aws-credentials@v1 and using the aws-actions/amazon-ecr-login@v1 to log into AWS ECR and yet when I use the kubectl action it cant find aws-cli that was used in the previous step.

"aws": executable file not found in $PATH

Got the following 2 errors

Warning: The `add-path` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/
Unable to connect to the server: getting credentials: exec: exec: "aws": executable file not found in $PATH

I use the following commands to create kubeconfig file in Github Actions, not sure does it breaks anything

    - name: Create kubeconfig
      run: aws eks --region us-west-2 update-kubeconfig --name production-v1

    - name: Setting KUBE_CONFIG environment variable
      run: echo "KUBE_CONFIG=$(cat $HOME/.kube/config | base64 --wrap=0)" >> $GITHUB_ENV

How to annotate deployment?

Tried these:

direct reference to github.event

      - name: Annotate
        uses: actions-hub/kubectl@master
        env:
          KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
        with:
           args: annotate deployment/thttpd kubernetes.io/change-cause="${{ github.event.head_commit.message }}"

got error:

error: all resources must be specified before annotation changes: commit messsage

BTW: {{github.event.head_commit.message}} has an extra \n.

use env

      - name: Annotate
        uses: actions-hub/kubectl@master
        env:
          KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
          COMMIT: ${{ github.event.head_commit.message }}
        with:
          args: annotate deployment/thttpd kubernetes.io/change-cause="${COMMIT}"

the above left these in rollout history:

REVISION  CHANGE-CAUSE
1         <none>
2         <none>
3         <none>
4         <none>
5         ${COMMIT}
6         ${COMMIT}
7         ${COMMIT}
8         ${COMMIT}
9         ${COMMIT}
10        ${COMMIT}
11        ${COMMIT}

Input `redirect-to` is not working

Hello there!

I’m trying to extract secret from k8s using this GH action, but the problem that I can not access the command output.

I checked the actions.yaml there is an undocumented input redirect-to which seems not working properly.

Here is the example:

steps:
  - name: Get secrets
    id: get-secret
    uses: actions-hub/[email protected]
    env:
     KUBE_HOST: ${{ env.KUBE_HOST }}
     KUBE_CERTIFICATE: ${{ env.KUBE_CERTIFICATE }}
     KUBE_TOKEN: ${{ env.KUBE_TOKEN }}
    with:
     args: get secret ${{ inputs.secret-name }} -n ${{ inputs.namespace }} -o json
     redirect-to: secret-content
  
  - name: Print result
    shell: bash
    run: echo "${{ steps.get-secret.outputs.secret-content }}"

And that is debug output:

[GitHub Actions Debug Workflow/actions-debug] [DEBUG] expression 'echo "${{ steps.get-secret.outputs.secret-content }}"' rewritten to 'format('echo "{0}"', steps.get-secret.outputs.secret-content)'
[GitHub Actions Debug Workflow/actions-debug] [DEBUG] evaluating expression 'format('echo "{0}"', steps.get-secret.outputs.secret-content)'
[GitHub Actions Debug Workflow/actions-debug] [DEBUG] expression 'format('echo "{0}"', steps.get-secret.outputs.secret-content)' evaluated to '%!t(string=echo "")'

Executing github action locally with: https://github.com/nektos/act

Unable to connect to the server: getting credentials: exec: executable aws not found

tried to use this action , started with simple "get pods" command.
keep getting the above error and the following description:

Unable to connect to the server: getting credentials: exec: executable aws not found

It looks like you are trying to use a client-go credential plugin that is not installed.

To learn more about this feature, consult the documentation available at:
      https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins

this is my code:

      - name: Rollout Changes In Kubernetes Cluster
        if: ${{github.ref == 'refs/heads/master'}}
        # Load the KubeConfigs from secrets and run the rollout command
        uses: actions-hub/kubectl@master
        env:
          KUBE_CONFIG: ${{ secrets.AWS_KUBECONFIG}}
        with:
          args: get pods

running my action on ubuntu-latest.

the kubeconfig is base64 encoded , using it to connect to am AWS EKS cluster.
using the same config file on my computer works with no problem.
tried to change the command to aws2 (like seen in several posts) but that got me to the same place.

truncated base64 input

I can't use this action and have this one-line error in action :

What is this? I can't understand

Publish Image

It would be nice if the images were published already, instead of building it in every Action where used. This will also spare build minutes.

I would suggest publishing it to ghcr.io and use that directly instead.

Would spare quite some time.

Thanks in advance. If you want, I would be happy to help with a pr for this.

KUBE_CONFIG gets utf-8 error

The Error:

Run actions-hub/kubectl@master
/usr/bin/docker run --name****st.yaml
error: error loading config file "/github/home/.kube/config": yaml: invalid leading UTF-8 octet

The error comes from base64 -d option

if [ ! -z "${KUBE_CONFIG}" ]; then
        echo "$KUBE_CONFIG" | base64 -d > $HOME/.kube/config

        if [ ! -z "${KUBE_CONTEXT}" ]; then

Unable to connect to the server

Hello Team,

When we are trying to deploy to Kubernetes which is hosted in our on prem server using your action template below is the errroe we are encountering: -
Unable to connect to the server: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes")

Can you please help us with the resolution

Not able to connect to docker

Error:- docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.

I am using self hosted runner running on kubernetes.

Github action config
name: Actions Runner Controller Demo
on:
workflow_dispatch:

jobs:
Explore-GitHub-Actions:
runs-on: arc-runner-set
steps:
- name: Check OS Version
run: |
lsb_release -a
shell: bash

  - name: Install Docker
    run: |
      # Add Docker's official GPG key:
      sudo apt-get update
      sudo apt-get install -y --no-install-recommends ca-certificates curl software-properties-common
      curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

      # Add the Docker repository to APT sources:
      echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

      sudo apt-get update
      sudo apt-get install -y docker-ce docker-ce-cli containerd.io
      docker -v
    shell: bash

  - name: Install Node.js
    run: |
      # Install Node.js using NodeSource repository
      curl -fsSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | sudo gpg --dearmor -o /usr/share/keyrings/nodesource-archive-keyring.gpg
      echo "deb [signed-by=/usr/share/keyrings/nodesource-archive-keyring.gpg] https://deb.nodesource.com/node_14.x $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/nodesource.list > /dev/null

      sudo apt-get update
      sudo apt-get install -y nodejs
      node -v
      npm -v
    shell: bash

  - name: Checkout Code
    uses: actions/checkout@v2

  - name: List Files
    run: |
      ls
      docker -v
          
      
    
      

  - uses: actions-hub/kubectl@master
    env:
      KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
    with:
      args: get pods

	else
	echo "No authorization data found. Please provide KUBE_CONFIG or KUBE_HOST variables. Exiting..."
	exit 1
	fi

actions-hub / kubectl Goto Github PK

kubectl's People

Contributors

Stargazers

Watchers

Forkers

kubectl's Issues

direct reference to github.event

use env

Recommend Projects

Recommend Topics

Recommend Org