Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding support for pod auth #534

Merged
merged 8 commits into from
Aug 14, 2023
Merged

Adding support for pod auth #534

merged 8 commits into from
Aug 14, 2023

Conversation

mcasperson
Copy link
Contributor

@mcasperson mcasperson commented Aug 10, 2023
edited
Loading

Fixes #449

Allows you to define pod auth for a K8s target. An example is:

data "octopusdeploy_machine_policies" "default_machine_policy" {
  ids          = null
  partial_name = "Default Machine Policy"
  skip         = 0
  take         = 1
}

resource octopusdeploy_kubernetes_cluster_deployment_target test_eks {
  cluster_url                       = "https://cluster"
  environments                      = [octopusdeploy_environment.test_environment.id]
  name                              = "Test"
  roles                             = ["eks"]
  cluster_certificate               = ""
  cluster_certificate_path          = "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
  machine_policy_id                 = data.octopusdeploy_machine_policies.default_machine_policy.machine_policies[0].id
  namespace                         = ""
  skip_tls_verification             = true
  tenant_tags                       = []
  tenanted_deployment_participation = "Untenanted"
  tenants                           = []
  thumbprint                        = ""
  uri                               = ""

  container {
    feed_id = ""
    image   = ""
  }

  pod_authentication {
    token_path = "/var/run/secrets/kubernetes.io/serviceaccount/token"
  }
}

A test has been added under terraform/48-k8stargetpodauth and in TestK8sPodAuthTargetResource() that demonstrates the creation and verification of a K8s target with pod auth.

@mcasperson mcasperson marked this pull request as ready for review August 10, 2023 23:39
@mcasperson mcasperson enabled auto-merge (squash) August 11, 2023 00:08
jbristowe
jbristowe requested changes Aug 14, 2023
View reviewed changes
Copy link
Contributor

@jbristowe jbristowe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor changes, otherwise 👍

@mcasperson @jbristowe
Update octopusdeploy/schema_kubernetes_pod_authentication.go
9fba8e7 
Co-authored-by: John Bristowe <john.bristowe@octopus.com>
@mcasperson mcasperson merged commit c587e19 into main Aug 14, 2023
6 checks passed
@mcasperson mcasperson deleted the mattc/k8s-pod-auth branch August 14, 2023 04:55
johnsimons
johnsimons reviewed Aug 14, 2023
View reviewed changes
.github/workflows/integration-tests.yaml
@@ -14,7 +14,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: ^1.20
go-version: 1.20.5
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this would be better if it was set to https://github.com/marketplace/actions/setup-go-environment#getting-go-version-from-the-gomod-file

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@johnsimons johnsimons johnsimons left review comments

@jbristowe jbristowe jbristowe approved these changes

@zentron zentron Awaiting requested review from zentron

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

octopusdeploy_kubernetes_cluster_deployment_target with 'Pod Service Account' Setup
3 participants
@mcasperson @jbristowe @johnsimons