Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate kubeconfig during provider configuration. #658

Merged
merged 1 commit into from
Apr 13, 2024
Merged

Validate kubeconfig during provider configuration. #658

merged 1 commit into from
Apr 13, 2024

Conversation

swade1987
Copy link
Member

@swade1987 swade1987 commented Apr 12, 2024
edited
Loading

Description

Validate kubernetes connectivity during provider configuration to reduce errors later on.

Motivation and Context

Fixes #656

How has this been tested?

  • Have you added an acceptance test for the functionality being added?
  • Have you run the acceptance tests on this branch?

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Documentation

  • I have updated the documentation (if required) with make docs

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I've read the CONTRIBUTION guide
  • I have signed-off my commits with git commit -s

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritise this request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

@networkhermit
Copy link

I notice that the validate logic triggers a ServiceAccountList request in default namespace. I don't know, but is it possible for it to get reported and marked by some audit framework? If that's the case, ServiceList or else would be more harmless candidate. (Correct me if it's just me being over cautious.)

@stefanprodan stefanprodan added the area/kubernetes Kubernetes bootstrap related issues and pull requests label Apr 13, 2024
stefanprodan
stefanprodan reviewed Apr 13, 2024
View reviewed changes
internal/provider/provider.go Outdated Show resolved Hide resolved
internal/provider/provider.go Outdated Show resolved Hide resolved
stefanprodan
stefanprodan approved these changes Apr 13, 2024
View reviewed changes
Copy link
Member

@stefanprodan stefanprodan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Thanks @swade1987

@stefanprodan stefanprodan merged commit a50eda1 into fluxcd:main Apr 13, 2024
11 checks passed
@swade1987 swade1987 deleted the validate-kubeconfig branch April 13, 2024 11:50
stefanprodan added a commit that referenced this pull request Apr 13, 2024
@stefanprodan
Undo #658
fa65c76 
Signed-off-by: Stefan Prodan <[email protected]>
@swade1987 swade1987 mentioned this pull request Apr 13, 2024
Merged
@fluxcd fluxcd locked as resolved and limited conversation to collaborators Sep 25, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@stefanprodan stefanprodan stefanprodan approved these changes

Assignees
No one assigned
Labels
area/kubernetes Kubernetes bootstrap related issues and pull requests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Bug]: validate kubernetes credential on every plan/apply
3 participants
@swade1987 @networkhermit @stefanprodan