mirror of
https://github.com/kubernetes/kubernetes.git
synced 2026-06-24 00:40:16 -04:00
6ba4d21765
The additional commands (mounter, gcp-credentials-provider) are needed for E2E node testing. This change makes e2e_node.test entirely self-contained. Copying the commands' code into separate packages is temporary and only done to avoid touching them while it is still unclear whether this approach will work out. Besides avoiding changes to the build rules, bundling the functionality also has a slight size advantage: the size of e2e_node.test increases by 10KB, whereas the other two separate commands would add 10MB. |
||
|---|---|---|
| .. | ||
| pkg | ||
| main.go | ||
| main_test.go | ||
| provider.go | ||
| README.md | ||
GCP credential provider for e2e testing
This package contains a barebones implementation of the kubelet GCP credential provider for testing purposes only. This plugin SHOULD NOT be used in production.
This credential provider is installed and configured in the node e2e tests by:
-
Building the gcp-credential-provider binary and including it in the test archive uploaded to the GCE remote node.
-
Writing the credential provider config into the temporary workspace consumed by the kubelet. The contents of the config should be something like this:
kind: CredentialProviderConfig
apiVersion: kubelet.config.k8s.io/v1alpha1
providers:
- name: gcp-credential-provider
apiVersion: credentialprovider.kubelet.k8s.io/v1alpha1
matchImages:
- "gcr.io"
- "*.gcr.io"
- "container.cloud.google.com"
- "*.pkg.dev"
defaultCacheDuration: 1m`
- Configuring the following additional flags on the kubelet:
--feature-gates=DisableKubeletCloudCredentialProviders=true
--image-credential-provider-config=/tmp/node-e2e-123456/credential-provider.yaml
--image-credential-provider-bin-dir=/tmp/node-e2e-12345