Properly initialize CI cluster credential (#360)

It has been using the cluster where argo ran
kubeflow · Feb 14, 2019 · a5c8e02 · a5c8e02
1 parent 41a5a2e
commit a5c8e02
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 30 deletions.
diff --git a/test/scripts/run-tests.sh b/test/scripts/run-tests.sh
@@ -39,21 +39,24 @@ echo "CLUSTER_NAME: ${CLUSTER_NAME}"
 echo "ZONE: ${GCP_ZONE}"
 echo "PROJECT: ${GCP_PROJECT}"
 
-gcloud container clusters describe ${CLUSTER_NAME} \
-  --zone ${ZONE} \
-  --format 'value(masterAuth.clusterCaCertificate)'|  base64 -d > ca.pem
-
-gcloud container clusters describe ${CLUSTER_NAME} \
-  --zone ${ZONE} \
-  --format 'value(masterAuth.clientCertificate)'  |  base64 -d > client.pem
-
-gcloud container clusters describe ${CLUSTER_NAME} \
-  --zone ${ZONE} \
-  --format 'value(masterAuth.clientKey)' |  base64 -d > key.rsa
-
-kubectl config set-credentials temp-admin --username=admin --client-certificate=./client.pem --client-key=./key.rsa
-kubectl config set-context temp-context --cluster=$(kubectl config get-clusters | grep ${CLUSTER_NAME}) --user=temp-admin
-kubectl config use-context temp-context
+gcloud --project ${PROJECT} container clusters get-credentials ${CLUSTER_NAME} \
+  --zone ${ZONE}
+kubectl config set-context $(kubectl config current-context) --namespace=default
+USER=`gcloud config get-value account`
+
+kubectl apply -f - << EOF
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: cluster-admins
+subjects:
+- kind: User
+  name: $USER
+roleRef:
+  kind: ClusterRole
+  name: cluster-admin
+  apiGroup: ""
+EOF
 
 #This is required. But I don't know why.
 VERSION=${VERSION/%?/}

diff --git a/test/scripts/unit-test.sh b/test/scripts/unit-test.sh
@@ -34,21 +34,9 @@ gcloud auth activate-service-account --key-file=${GOOGLE_APPLICATION_CREDENTIALS
 
 echo "Configuring kubectl"
 
-gcloud container clusters describe ${CLUSTER_NAME} \
-  --zone ${ZONE} \
-  --format 'value(masterAuth.clusterCaCertificate)'|  base64 -d > ca.pem
-
-gcloud container clusters describe ${CLUSTER_NAME} \
-  --zone ${ZONE} \
-  --format 'value(masterAuth.clientCertificate)'  |  base64 -d > client.pem
-
-gcloud container clusters describe ${CLUSTER_NAME} \
-  --zone ${ZONE} \
-  --format 'value(masterAuth.clientKey)' |  base64 -d > key.rsa
-
-kubectl config set-credentials temp-admin --username=admin --client-certificate=./client.pem --client-key=./key.rsa
-kubectl config set-context temp-context --cluster=$(kubectl config get-clusters | grep ${CLUSTER_NAME}) --user=temp-admin
-kubectl config use-context temp-context
+gcloud --project ${PROJECT} container clusters get-credentials ${CLUSTER_NAME} \
+  --zone ${ZONE}
+kubectl config set-context $(kubectl config current-context) --namespace=default
 
 kubectl apply -f - <<EOF
 apiVersion: v1