Update credential provider API to beta for 1.24+ #1089
Conversation
mmerkes
force-pushed
the
creds
branch
4 times, most recently
from
774e608 to
4fe8729
Compare
|
We need some test cases for this 😬 |
|
|
||
| The issue is discussed in [this StackExchange post](https://unix.stackexchange.com/questions/101080/realpath-command-not-found). | ||
|
|
||
| On OSX, running `brew install coreutils` resolves the issue. |
There was a problem hiding this comment.
huh, must have forgotten I did this in the past.
| elif vercmp "$KUBELET_VERSION" gteq "1.22.0"; then | ||
| # Ensure that these exist for testing purposes | ||
| mkdir -p /etc/eks/ecr-credential-provider | ||
| touch /etc/eks/ecr-credential-provider/ecr-credential-provider-config |
There was a problem hiding this comment.
is this necessary given the vercmp above? Shouldn't these always be present for k8s >= 1.22?
There was a problem hiding this comment.
No, because we copy them in install-worker.sh, so when that doesn't run, they don't exist.
There was a problem hiding this comment.
Can you handle this in your test cases? Just seems odd to be in the bootstrap script
There was a problem hiding this comment.
Ya, it is a little odd and not ideal. It's not my test cases. The issue is that I didn't want to go edit every other test case that invokes bootstrap.sh and have it be a thing that perpetually needs to be handled.
Description of changes:
As of 1.22, we added ECR credential provider support, which was an alpha feature. The feature was enabled here, but in my testing, those branches didn't actually catch correctly, so the changes were never applied. As of 1.24, the feature have graduated to beta, so this PR updates the API version for 1.24+.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
Testing Done
Created 1.24 and 1.23 AMIs, verified that they joined a cluster and confirmed that
--image-credential-provider-config /etc/eks/ecr-credential-provider/ecr-credential-provider-config --image-credential-provider-bin-dir /etc/eks/ecr-credential-providerflags were set correctly and that 1.23 set alpha APIs and 1.24 set beta APIs.See this guide for recommended testing for PRs. Some tests may not apply. Completing tests and providing additional validation steps are not required, but it is recommended and may reduce review time and time to merge.