redhat-actions / oc-login Goto Github PK
View Code? Open in Web Editor NEWGitHub Action to log in to an OpenShift cluster and set up a Kubernetes context.
Home Page: https://github.com/marketplace/actions/openshift-login
License: MIT License
GitHub Action to log in to an OpenShift cluster and set up a Kubernetes context.
Home Page: https://github.com/marketplace/actions/openshift-login
License: MIT License
I just noticed that:
oc login --token=<token> --server=<server>
sets a namespace in kubeconfig.
but:
- name: Authenticate and set context
uses: redhat-actions/oc-login@v1
with:
openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }}
openshift_token: ${{ secrets.OPENSHIFT_TOKEN }}
does not.
Resulting in different behavior - and in case of openshift sandbox it means oc login works and I can deploy, but oc login with github action I end up in the wrong place.
Workaround is to set namespace explicitly but I would expect the two would/should behave the same ?
Similar to redhat-actions/push-to-registry#51
if the workflow is using a self-hosted runner, a user would likely want to log out after their oc workflow finishes.
redhat-actions/[email protected]
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: redhat-actions/oc-login@v1. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
Any attempt to use the actions should show this warning.
redhat-actions/[email protected]
Node.js 12 actions are deprecated. For more information see: https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/. Please update the following actions to use Node.js 16: redhat-actions/openshift-tools-installer, redhat-actions/oc-login
Any attempt to use the actions should show this warning.
I already reported in 2 other actions that apparently also used deprecated versions of Node.js. here & here
redhat-actions/oc-login@v1
with: oc_version: '3.11.374' or any 3.x actually
It seems that by default, the oc-login action will use the --current flag when setting the context.
Unfortunately, --current
does not exist in oc config set-context
v3
The action should not try to set --current
when used in conjuntion with oc
v3.
Use the action with:
- name: Install oc
uses: redhat-actions/oc-installer@v1
with:
oc_version: '3.11.374'
- name: Authenticate and set context
uses: Actions/oc-login@v1
with:
# URL to your OpenShift cluster.
# Refer to Step 2.
openshift_server_url: ${{ env.OPENSHIFT_URL }}
# Authentication Token. Can use username and password instead.
# Refer to Step 3.
openshift_token: ${{ env.OC_TOKEN }}
# Optional - this sets your Kubernetes context's current namespace after logging in.
namespace: ${{ env.OPENSHIFT_NAMESPACE }}
and you'll get:
*** Suppressing command output
Set current context's namespace to "myns"
/usr/local/bin/oc config set-context --current --namespace=myns
Error: unknown flag: --current
Usage:
oc config set-context NAME [--cluster=cluster_nickname] [--user=user_nickname] [--namespace=namespace] [flags]
Examples:
# Set the user field on the gce context entry without touching other values
oc config set-context gce --user=cluster-admin
Use "oc options" for a list of global command-line options (applies to all commands).
Error: Error: oc exited with code 1
Error: unknown flag: --current
don't set the optional namespace
; context won't be set to a given namespace, but at least login will succeed
Hello, I am trying to setup an action that will oc-login with TLS enabled. I am passing in certificate_authority_data
from a repository secret, which contains the certificate data from the tls.crt
field from openshift-service-ca/signing-key
secret from the cluster.
Running oc-login with the parameters I pass to the action works fine, however I'm always met with error: The server uses a certificate signed by unknown authority. You may need to use the --certificate-authority flag to provide the path to a certificate file for the certificate authority, or --insecure-skip-tls-verify to bypass the certificate check and use insecure connections.
when running from the action.
Would I need to populate the certificate data with something else?
Step snippet
- name: Authenticate and set context
uses: redhat-actions/oc-login@v1
with:
openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }}
openshift_token: ${{ secrets.OPENSHIFT_TOKEN }}
certificate_authority_data: ${{ secrets.CA_DATA }}
namespace: ci-test
The secret CA_DATA
contains the certificate in it's standard format like so:
-----BEGIN CERTIFICATE-----
***
-----END CERTIFICATE-----
As pointed out in the OpenShift documentation on how to use a service account, see step #2 of the section titled "Using a service account’s credentials externally". The API token generated for service account allows login using only the token, omitting the server url.
It would be nice if the input openshift_server_url
of this action was optional.
Alternative is to put the server url, which is more likely to change than the token itself in our use case.
Please close this bug
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.