kodermax / kubectl-aws-eks Goto Github PK
View Code? Open in Web Editor NEWA Github action for kubectl, the Kubernetes CLI
A Github action for kubectl, the Kubernetes CLI
While running my Github Action, I receive the following:
Unable to connect to the server: getting credentials: exec plugin is configured to use API version client.authentication.k8s.io/v1alpha1, plugin returned version client.authentication.k8s.io/v1beta1
I have been running my kubernetes deployment for over a year just fine and my script has not been modified. The relevant block from my actions script:
- name: deploy to cluster
uses: kodermax/kubectl-aws-eks@master
env:
KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_DATA }}
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ${{ secrets.PROJECT_NAME }}
IMAGE_TAG: ${{ github.sha }}
with:
args: set image -n kube-system deployment/repo-name $ECR_REPOSITORY=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
I was faced with this error morning. Before everything was working
Related code section
- name: Update deployments
uses: kodermax/kubectl-aws-eks@master
env:
KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_DATA }}
with:
args: apply -f k8s/dev/application.yml ```
I see there were some pushes today. Earlier in the day the action worked fine but now i get the error
Unable to parse config file: /github/home/.aws/credentials
Unable to connect to the server: getting credentials: exec: executable aws failed with exit code 255
In the initial step of the GitHub actions, the Dockerfile is built based on the Dockerfile image.
The 4th step, which would normally download kubectl and aws-iam-authentificator doesn't seem to have the correct links, resulting in the docker build falling and the GitHub action.
Possible fixes:
Hey there,
Thanks so much for the great project! We have been using it extensively. Since today, we get an error when running it:
#8 [3/5] RUN chmod +x /usr/bin/jq
#8 DONE 0.4s
#9 [4/5] RUN curl -sL -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && curl -sL -o /usr/bin/aws-iam-authenticator $(curl -s https://api.github.com/repos/kubernetes-sigs/aws-iam-authenticator/releases/latest | jq -r ' .assets[] | select(.name | contains("linux_amd64") )' | jq -r '.browser_download_url') && chmod +x /usr/bin/aws-iam-authenticator && chmod +x /usr/bin/kubectl
#9 0.740 curl: (2) no URL specified
#9 0.740 curl: try 'curl --help' or 'curl --manual' for more information
#9 ERROR: process "/bin/sh -c curl -sL -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && curl -sL -o /usr/bin/aws-iam-authenticator $(curl -s https://api.github.com/repos/kubernetes-sigs/aws-iam-authenticator/releases/latest | jq -r ' .assets[] | select(.name | contains(\"linux_amd64\") )' | jq -r '.browser_download_url') && chmod +x /usr/bin/aws-iam-authenticator && chmod +x /usr/bin/kubectl" did not complete successfully: exit code: 2
------
> [4/5] RUN curl -sL -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && curl -sL -o /usr/bin/aws-iam-authenticator $(curl -s https://api.github.com/repos/kubernetes-sigs/aws-iam-authenticator/releases/latest | jq -r ' .assets[] | select(.name | contains("linux_amd64") )' | jq -r '.browser_download_url') && chmod +x /usr/bin/aws-iam-authenticator && chmod +x /usr/bin/kubectl:
(2) no URL specified
0.[74](https://github.com/Kittl/py/actions/runs/7032353563/job/19135945051#step:2:74)0 curl: try 'curl --help' or 'curl --manual' for more information
------
Dockerfile:4
--------------------
3 | RUN chmod +x /usr/bin/jq
4 | >>> RUN curl -sL -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && \
5 | >>> curl -sL -o /usr/bin/aws-iam-authenticator $(curl -s https://api.github.com/repos/kubernetes-sigs/aws-iam-authenticator/releases/latest | jq -r ' .assets[] | select(.name | contains("linux_amd64") )' | jq -r '.browser_download_url') && \
6 | >>> chmod +x /usr/bin/aws-iam-authenticator && \
7 | >>> chmod +x /usr/bin/kubectl
8 |
--------------------
ERROR: failed to solve: process "/bin/sh -c curl -sL -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && curl -sL -o /usr/bin/aws-iam-authenticator $(curl -s https://api.github.com/repos/kubernetes-sigs/aws-iam-authenticator/releases/latest | jq -r ' .assets[] | select(.name | contains(\"linux_amd64\") )' | jq -r '.browser_download_url') && chmod +x /usr/bin/aws-iam-authenticator && chmod +x /usr/bin/kubectl" did not complete successfully: exit code: 2
Warning: Docker build failed with exit code 1, back off 7.308 seconds before retry.
This happens before even running any of our steps in the workflow. This is happening right after the "Setup job" step of gha:
Any ideas on how to solve this? or does it needs update from this repo side? Thanks so much!
Hi Team,
I'm currently running arm64 self-hosted build runners (without QEMU) and found arm64 is not supported.
as a workaround, I currently forked and modify Dockerfile and shell script to run it (see: https://github.com/christallire/kubectl-aws-eks)
and I'm wondering arm64 architecture is ever going to be supported.
It would be a great addition to gihub action runner communities ๐๐ฟ
as per the documentation job got deployed as successfuly but changes not reflected
I'd like to run the following:
echo "POD_NAME=$(kubectl get pods --all-namespaces|grep ${{ github.event.repository.name }}-development|awk '{print $2}')" >> $GITHUB_ENV
Is there a way to do that using this action?
We use this package as part of our build process ...
This error started occurring either last night or this morning. (New york EST)
More a question than a bug (or may be a feature request?). How would one handle an image deployment to a specific cluster? For instance, if I have multiple clusters how would I tell the workflow to just push to cluster A and not cluster B?
Due to recent changes done 2 hours ago, github action is failing with below:
ERROR: failed to solve: process "/bin/sh -c curl -sL -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && curl -sL -o /usr/bin/aws-iam-authenticator $(curl -s https://api.github.com/repos/kubernetes-sigs/aws-iam-authenticator/releases/latest | jq -r ' .assets[] | select(.name | contains(\"linux_amd64\") )' | jq -r '.browser_download_url') && chmod +x /usr/bin/aws-iam-authenticator && chmod +x /usr/bin/kubectl" did not complete successfully: exit code: 2
Error: Docker build failed with exit code 1
Hey there,
I've been using this action pretty extensively and it has worked wonders, I created a new repository today for my EKS cluster and made the following rolling deployment change.
- name: Rolling Deployment for Backend
uses: kodermax/kubectl-aws-eks@master
env:
KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_DATA_STAGING }}
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: {{ REPO }}
IMAGE_TAG: ${{ github.sha }}
with:
args: set image deployment {{ REPO }} {{ REPO }}=${{ steps.login-ecr.outputs.registry }}/{{ REPO }}:${{ github.sha }} --record
I received the following error form the pipeline:
Run kodermax/kubectl-aws-eks@master
with:
args: set image deployment safewords-backend safewords-backend=***.dkr.ecr.eu-west-2.amazonaws.com/safewords:a31f52e5b9da06fc1447f8926c3d9ac2ab9ed25d --record
env:
AWS_DEFAULT_REGION: eu-west-2
AWS_REGION: eu-west-2
KUBE_CONFIG_DATA:
ECR_REGISTRY: ***.dkr.ecr.eu-west-2.amazonaws.com
ECR_REPOSITORY: [REPO]
IMAGE_TAG: a31f52e5b9da06fc1447f8926c3d9ac2ab9ed25d
/usr/bin/docker run --name b1cbc5c3a06d339ad242069d90bf6f1cb78e93_ab9e55 --label b1cbc5 --workdir /github/workspace --rm -e AWS_DEFAULT_REGION -e AWS_REGION -e KUBE_CONFIG_DATA -e ECR_REGISTRY -e ECR_REPOSITORY -e IMAGE_TAG -e INPUT_ARGS -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/_work/_temp/_github_home":"/github/home" -v "/home/runner/_work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/_work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/_work/[repo]/[repo]":"/github/workspace" b1cbc5:c3a06d339ad242069d90bf6f1cb78e93 set image deployment [repo] [repo]=***.dkr.ecr.eu-west-2.amazonaws.com/[REPO]:a31f52e5b9da06fc1447f8926c3d9ac2ab9ed25d --record
The connection to the server localhost:8080 was refused - did you specify the right host or port?
By any chance, is there something I am missing, or a role on IAM?
Thanks in advance,
Ely Haughie
with:
args: set image deployment/$ECR_REPOSITORY $ECR_REPOSITORY=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
env:
AWS_DEFAULT_REGION: ***
AWS_REGION: ***
AWS_ACCESS_KEY_ID: ***
AWS_SECRET_ACCESS_KEY: ***
KUBE_CONFIG_DATA: ***
ECR_REGISTRY: ***.dkr.ecr.***.amazonaws.com
ECR_REPOSITORY: zelta-ai-be
IMAGE_TAG: 81f56e[2](https://github.com/ZeltaAI/zelta-ai-be/actions/runs/5495965096/jobs/10015685606#step:7:2)9e22[3](https://github.com/ZeltaAI/zelta-ai-be/actions/runs/5495965096/jobs/10015685606#step:7:3)f85fde2bbce91aee[4](https://github.com/ZeltaAI/zelta-ai-be/actions/runs/5495965096/jobs/10015685606#step:7:4)afb[5](https://github.com/ZeltaAI/zelta-ai-be/actions/runs/5495965096/jobs/10015685606#step:7:5)8be9[6](https://github.com/ZeltaAI/zelta-ai-be/actions/runs/5495965096/jobs/10015685606#step:7:6)2c
/usr/bin/docker run --name a6c8c3f3a[7](https://github.com/ZeltaAI/zelta-ai-be/actions/runs/5495965096/jobs/10015685606#step:7:7)261a3eb4bbcbac55073c6b4fe12_d1650c --label 2a6c[8](https://github.com/ZeltaAI/zelta-ai-be/actions/runs/5495965096/jobs/10015685606#step:7:8)c --workdir /github/workspace --rm -e "AWS_DEFAULT_REGION" -e "AWS_REGION" -e "AWS_ACCESS_KEY_ID" -e "AWS_SECRET_ACCESS_KEY" -e "KUBE_CONFIG_DATA" -e "ECR_REGISTRY" -e "ECR_REPOSITORY" -e "IMAGE_TAG" -e "INPUT_ARGS" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_REPOSITORY_OWNER_ID" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_REPOSITORY_ID" -e "GITHUB_ACTOR_ID" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKFLOW_REF" -e "GITHUB_WORKFLOW_SHA" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "GITHUB_STATE" -e "GITHUB_OUTPUT" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_ENVIRONMENT" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/zelta-ai-be/zelta-ai-be":"/github/workspace" 2a6c8c:3f3a7261a3eb4bbcbac55073c6b4fe12 set image deployment/$ECR_REPOSITORY $ECR_REPOSITORY=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
Flag --short has been deprecated, and will be removed in the future. The --short output will become the default.
Using kubectl version: Client Version: v1.27.3
Kustomize Version: v5.0.1
Using aws-iam-authenticator version: {"Version":"0.6.10","Commit":"ea[9](https://github.com/ZeltaAI/zelta-ai-be/actions/runs/5495965096/jobs/10015685606#step:7:9)bcaeb5e62c1[10](https://github.com/ZeltaAI/zelta-ai-be/actions/runs/5495965096/jobs/10015685606#step:7:10)fe326d1db58b03a782d4bdd6"}
error: error loading config file "/tmp/config": yaml: mapping values are not allowed in this context```
Hello, running into a couple of issues. One when specifying versions I get:
The other is:
Using kubectl version: Client Version: v1.24.0
Kustomize Version: v4.5.4
Using aws-iam-authenticator version: {"Version":"0.5.7","Commit":"2a9ee95fecab59fab41a0b646a63227d66113434"}
error: exec plugin: invalid apiVersion "client.authentication.k8s.io/v1alpha1"
I'm gonna guess by the actions that you may be trying to fix one or both of these? But just thought I'd raise it in case I'm going something wrong.
why is the example using two different
KUBE_CONFIG_DATA ?
Hi, After some tries it now works great, i found two things.
Is there a way to allow ConfigMaps to be updated by variables in an env file?
I keep updating them manually.
Here is the error:
Build container for action use: '/home/runner/work/_actions/kodermax/kubectl-aws-eks/master/Dockerfile'.
/usr/bin/docker build -t ed866e:5ad908650d7e49d6a00d54442b606a4e -f "/home/runner/work/_actions/kodermax/kubectl-aws-eks/master/Dockerfile" "/home/runner/work/_actions/kodermax/kubectl-aws-eks/master"
Sending build context to Docker daemon 12.8kB
Step 1/6 : FROM amazon/aws-cli:latest
latest: Pulling from amazon/aws-cli
a168ccb1c126: Pulling fs layer
da71488d1826: Pulling fs layer
af26af4dd9ae: Pulling fs layer
d660869a20c3: Pulling fs layer
327d7430865f: Pulling fs layer
d660869a20c3: Waiting
327d7430865f: Waiting
da71488d1826: Verifying Checksum
da71488d1826: Download complete
d660869a20c3: Verifying Checksum
d660869a20c3: Download complete
af26af4dd9ae: Verifying Checksum
af26af4dd9ae: Download complete
a168ccb1c126: Verifying Checksum
a168ccb1c126: Download complete
327d7430865f: Verifying Checksum
327d7430865f: Download complete
a168ccb1c126: Pull complete
da71488d1826: Pull complete
af26af4dd9ae: Pull complete
d660869a20c3: Pull complete
327d7430865f: Pull complete
Digest: sha256:21e6273f0025755abfc842ca39e8ef4fed3d9d2ce61d93bb16ce86a6c1668ae5
Status: Downloaded newer image for amazon/aws-cli:latest
---> c20b72f42040
Step 2/6 : RUN curl -sL -o /usr/bin/jq https://stedolan.github.io/jq/download/linux64/jq
---> Running in 4383a9002c91
Removing intermediate container 4383a9002c91
---> 9d98b6a02a12
Step 3/6 : RUN chmod +x /usr/bin/jq
---> Running in 287e0b1c4944
Removing intermediate container 287e0b1c4944
---> f9f345bd3c50
Step 4/6 : RUN curl -sL -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && curl -sL -o /usr/bin/aws-iam-authenticator $(curl -s https://api.github.com/repos/kubernetes-sigs/aws-iam-authenticator/releases/latest | jq -r ' .assets[] | select(.name | contains("linux_amd64") )' | jq -r '.browser_download_url') && chmod +x /usr/bin/aws-iam-authenticator && chmod +x /usr/bin/kubectl
---> Running in a8ab3e1f16a7
/usr/bin/jq: line 1: syntax error near unexpected token `newline'
/usr/bin/jq: line 1: `<!DOCTYPE html>'
/usr/bin/jq: line 1: syntax error near unexpected token `newline'
/usr/bin/jq: line 1: `<!DOCTYPE html>'
curl: no URL specified!
curl: try 'curl --help' or 'curl --manual' for more information
The command '/bin/sh -c curl -sL -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && curl -sL -o /usr/bin/aws-iam-authenticator $(curl -s https://api.github.com/repos/kubernetes-sigs/aws-iam-authenticator/releases/latest | jq -r ' .assets[] | select(.name | contains("linux_amd64") )' | jq -r '.browser_download_url') && chmod +x /usr/bin/aws-iam-authenticator && chmod +x /usr/bin/kubectl' returned a non-zero code: 2
Warning: Docker build failed with exit code 2, back off 9.449 seconds before retry
Randomly, building of the docker image fails for "Build kodermax/kubectl-aws-eks@master"
Waiting a little bit and restarting the failed job fixes it, but it's a pain to have to keep going in and restarting the job.
From output logs..
Step 4/6 : RUN curl -sL -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && curl -sL -o /usr/bin/aws-iam-authenticator $(curl -s https://api.github.com/repos/kubernetes-sigs/aws-iam-authenticator/releases/latest | jq -r ' .assets[] | select(.name | contains("linux_amd64") )' | jq -r '.browser_download_url') && chmod +x /usr/bin/aws-iam-authenticator && chmod +x /usr/bin/kubectl
---> Running in 804365bb4fd3
jq: error: Cannot iterate over null
curl: no URL specified!
curl: try 'curl --help' or 'curl --manual' for more information
The command '/bin/sh -c curl -sL -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && curl -sL -o /usr/bin/aws-iam-authenticator $(curl -s https://api.github.com/repos/kubernetes-sigs/aws-iam-authenticator/releases/latest | jq -r ' .assets[] | select(.name | contains("linux_amd64") )' | jq -r '.browser_download_url') && chmod +x /usr/bin/aws-iam-authenticator && chmod +x /usr/bin/kubectl' returned a non-zero code: 2
Warning: Docker build failed with exit code 2, back off 1.017 seconds before retry.
Hello @kodermax !
I am experiencing issues when using this.
Logs:
WARNING: This version information is deprecated and will be replaced with the output from kubectl version --short. Use --output=yaml|json to get the full version.
Issue:
error: exec plugin: invalid apiVersion "client.authentication.k8s.io/v[1]
How can I set image for multiple deployments in the same step ?
aws-iam-authenticator changed behavior since aws-iam-authenticator 0.5.4, but default is still client.authentication.k8s.io/v1appha, which does not work with 0.5.4+
The change made today breaks lots of people's pipeline I believe, is there a way to go back to an older version that works?
I'm getting this error Unauthorized using this action. My kubeconfig works fine locally
$ KUBECONFIG=~/.kube/config kubectl get svc
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.