kubernetes
/
minikube
mirror of https://github.com/kubernetes/minikube.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

gcp-auth: always create the pull secret and don't require --force if GOOGLE_APPLICATION_CREDENTIALS env var is set

pull/12124/head
Sharif Elgamal 2021-08-04 16:35:26 -07:00
parent 923455d7ca
commit b2bc913596
1 changed files with 12 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
pkg/addons/addons_gcpauth.go
View File

@ -61,10 +61,6 @@ func enableOrDisableGCPAuth(cfg *config.ClusterConfig, name string, val string)
} }
func enableAddonGCPAuth(cfg *config.ClusterConfig) error { func enableAddonGCPAuth(cfg *config.ClusterConfig) error {
if !Force && detect.IsOnGCE() {
exit.Message(reason.InternalCredsNotNeeded, "It seems that you are running in GCE, which means authentication should work without the GCP Auth addon. If you would still like to authenticate using a credentials file, use the --force flag.")
}
// Grab command runner from running cluster // Grab command runner from running cluster
cc := mustload.Running(cfg.Name) cc := mustload.Running(cfg.Name)
r := cc.CP.Runner r := cc.CP.Runner
@ -76,6 +72,18 @@ func enableAddonGCPAuth(cfg *config.ClusterConfig) error {
exit.Message(reason.InternalCredsNotFound, "Could not find any GCP credentials. Either run `gcloud auth application-default login` or set the GOOGLE_APPLICATION_CREDENTIALS environment variable to the path of your credentials file.") exit.Message(reason.InternalCredsNotFound, "Could not find any GCP credentials. Either run `gcloud auth application-default login` or set the GOOGLE_APPLICATION_CREDENTIALS environment variable to the path of your credentials file.")
} }
// Create a registry secret in every namespace we can find
// Always create the pull secret, no matter where we are
err = createPullSecret(cfg, creds)
if err != nil {
return errors.Wrap(err, "pull secret")
}
// If the env var is explicitly set, even in GCE, then defer to the user and continue
if !Force && detect.IsOnGCE() && os.Getenv("GOOGLE_APPLICATION_CREDENTUALS") == "" {
exit.Message(reason.InternalCredsNotNeeded, "It seems that you are running in GCE, which means authentication should work without the GCP Auth addon. If you would still like to authenticate using a credentials file, use the --force flag.")
}
// Actually copy the creds over // Actually copy the creds over
f := assets.NewMemoryAssetTarget(creds.JSON, credentialsPath, "0444") f := assets.NewMemoryAssetTarget(creds.JSON, credentialsPath, "0444")
@ -84,12 +92,6 @@ func enableAddonGCPAuth(cfg *config.ClusterConfig) error {
return err return err
} }
// Create a registry secret in every namespace we can find
err = createPullSecret(cfg, creds)
if err != nil {
return errors.Wrap(err, "pull secret")
}
// First check if the project env var is explicitly set // First check if the project env var is explicitly set
projectEnv := os.Getenv("GOOGLE_CLOUD_PROJECT") projectEnv := os.Getenv("GOOGLE_CLOUD_PROJECT")
if projectEnv != "" { if projectEnv != "" {