-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Chectl server:start doesn't work on secured k8s #13800
Comments
This is a P1 but we don't have to support it for GA so setting milestone 7.1.0 |
so it means basically chectl can't install che on EC2 for example for GA (as status is the first check) |
@benoitf is the token something that we already get with the KubeConfig or is something that the user should provide as a separate parameter? |
I'm able to grab it with default service account / secrets |
so basically user shouldn't do something |
ok so it looks that this hasn't impact on the UX and should be pretty easy to implement. Set milestone 7.0.0. |
It fixes eclipse-che/che#13800 Grab secret from serviceAccount and use it when calling the endpoint Change-Id: I5daf5df41d8cebc51ef501c629eca65bc63ae729 Signed-off-by: Florent Benoit <fbenoit@redhat.com>
It fixes eclipse-che/che#13800 Grab secret from serviceAccount and use it when calling the endpoint Change-Id: I5daf5df41d8cebc51ef501c629eca65bc63ae729 Signed-off-by: Florent Benoit <fbenoit@redhat.com>
It fixes eclipse-che/che#13800 Grab secret from serviceAccount and use it when calling the endpoint Change-Id: I5daf5df41d8cebc51ef501c629eca65bc63ae729 Signed-off-by: Florent Benoit <fbenoit@redhat.com>
It fixes eclipse-che/che#13800 Grab secret from serviceAccount and use it when calling the endpoint Change-Id: I5daf5df41d8cebc51ef501c629eca65bc63ae729 Signed-off-by: Florent Benoit <fbenoit@redhat.com>
It fixes eclipse-che/che#13800 Grab secret from serviceAccount and use it when calling the endpoint Change-Id: I5daf5df41d8cebc51ef501c629eca65bc63ae729 Signed-off-by: Florent Benoit <fbenoit@redhat.com>
Description
When using a remote k8s (like running on EC2), when
chectl
is grabbing the status it may fail due toUnauthorized
error.It's because it is trying to perform http call without token
https://github.com/che-incubator/chectl/blob/d3ff3100b3da737f6bd9267f69d7e5800bdcf6a4/src/api/kube.ts#L566-L576
${currentCluster.server}/healthz
is securedSo, installing che on these k8s installs is not possible with chectl
The text was updated successfully, but these errors were encountered: