-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to enable GCP CAPIProvider with Rancher CloudCredentials #510
Comments
Hi @cpinjani, I tried reproducing this issue with latest version by doing:
Output: dgrigorev@localhost:~> kubectl get secret/gcp-credentials-qmyxt -n capg-system --template={{.data.GCP_B64ENCODED_CREDENTIALS}} | base64 -d | base64 -d
{
"type": "service_account",
"project_id": "***",
"private_key_id": "***",
"private_key": "-----BEGIN PRIVATE KEY-----\n***-----END PRIVATE KEY-----\n",
"client_email": "***",
"client_id": "***",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "***",
"universe_domain": "googleapis.com"
} My assumption was that Rancher credentials are not B64 encoded in the original secret, but it is not true, so I'm going to close the #529 as everything works as it should. Can it be that GCP rancher credentials were created manually and have incorrect initial format? |
Hi @Danil-Grigorev , reproduced by steps below:
Rancher logs:
|
This should need testing, @cpinjani ? |
@furkatgofurov7 Yes! |
Validated as fixed on chart with nightly build with commit ID - 354df4c
|
What steps did you take and what happened?
GCP CAPIProvider fails to enable using Rancher CloudCredentials. It enables when only ConfigSecret is provided along with GCP_B64ENCODED_CREDENTIALS variable.
Logs
What did you expect to happen?
Enabling GCP CAPIProvider with Rancher CloudCredentials must complete successfully
How to reproduce it?
No response
Rancher Turtles version
Turtles: v0.6.0
Anything else you would like to add?
It seems GCP_B64ENCODED_CREDENTIALS from Cloud credentials is not getting encoded:
Label(s) to be applied
/kind bug
The text was updated successfully, but these errors were encountered: