History

Kubernetes Prow Robot dd43d864c1 Merge pull request #116901 from pacoxu/cleanup-KubeletCredentialProviders remove GAed KubeletCredentialProviders （1.28）		2023-05-08 07:55:53 -07:00
..
main_test.go	Update test to validate against v1 kubelet APIs	2022-10-03 17:57:25 +00:00
main.go	Replace the deprecated ioutil methods in the test directory	2023-04-18 21:51:10 +08:00
provider.go	Replace the deprecated ioutil methods in the test directory	2023-04-18 21:51:10 +08:00
README.md	remove GAed KubeletCredentialProviders	2023-03-31 10:09:58 +08:00

README.md

GCP credential provider for e2e testing

This package contains a barebones implementation of the kubelet GCP credential provider for testing purposes only. This plugin SHOULD NOT be used in production.

This credential provider is installed and configured in the node e2e tests by:

Building the gcp-credential-provider binary and including it in the test archive uploaded to the GCE remote node.
Writing the credential provider config into the temporary workspace consumed by the kubelet. The contents of the config should be something like this:

kind: CredentialProviderConfig
apiVersion: kubelet.config.k8s.io/v1alpha1
providers:
  - name: gcp-credential-provider
    apiVersion: credentialprovider.kubelet.k8s.io/v1alpha1
    matchImages:
    - "gcr.io"
    - "*.gcr.io"
    - "container.cloud.google.com"
    - "*.pkg.dev"
    defaultCacheDuration: 1m`

Configuring the following additional flags on the kubelet:

--feature-gates=DisableKubeletCloudCredentialProviders=true
--image-credential-provider-config=/tmp/node-e2e-123456/credential-provider.yaml
--image-credential-provider-bin-dir=/tmp/node-e2e-12345