mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-09-16 22:53:22 +00:00
36 lines
1.2 KiB
Markdown
36 lines
1.2 KiB
Markdown
# GCP credential provider for e2e testing
|
|
|
|
This package contains a barebones implementation of the [kubelet GCP credential
|
|
provider](https://github.com/kubernetes/cloud-provider-gcp/tree/master/cmd/auth-provider-gcp)
|
|
for testing purposes only. This plugin SHOULD NOT be used in production.
|
|
|
|
This credential provider is installed and configured in the node e2e tests by:
|
|
|
|
1. Building the gcp-credential-provider binary and including it in the test archive
|
|
uploaded to the GCE remote node.
|
|
|
|
2. Writing the credential provider config into the temporary workspace consumed
|
|
by the kubelet. The contents of the config should be something like this:
|
|
|
|
```yaml
|
|
kind: CredentialProviderConfig
|
|
apiVersion: kubelet.config.k8s.io/v1alpha1
|
|
providers:
|
|
- name: gcp-credential-provider
|
|
apiVersion: credentialprovider.kubelet.k8s.io/v1alpha1
|
|
matchImages:
|
|
- "gcr.io"
|
|
- "*.gcr.io"
|
|
- "container.cloud.google.com"
|
|
- "*.pkg.dev"
|
|
defaultCacheDuration: 1m`
|
|
```
|
|
|
|
3. Configuring the following additional flags on the kubelet:
|
|
|
|
```
|
|
--feature-gates=DisableKubeletCloudCredentialProviders=true,KubeletCredentialProviders=true
|
|
--image-credential-provider-config=/tmp/node-e2e-123456/credential-provider.yaml
|
|
--image-credential-provider-bin-dir=/tmp/node-e2e-12345
|
|
```
|