Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make KUBECONFIG filename predictable #269

Merged
merged 1 commit into from
Mar 30, 2023
Merged

Make KUBECONFIG filename predictable #269

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
15 changes: 14 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,15 @@ This action requires:
runners, you must use runner version [2.285.0](https://github.com/actions/virtual-environments)
or newer.

- If you plan to create binaries, containers, pull requests, or other
releases, add the following to your .gitignore to prevent accidentially
committing the KUBECONFIG to your release artifact:

```text
# Ignore generated kubeconfig from google-github-actions/get-gke-credentials
gha-kubeconfig-*
```

## Usage

```yaml
Expand Down Expand Up @@ -83,7 +92,11 @@ jobs:

## Outputs

- Exports env var `KUBECONFIG` which is set to the generated `kubeconfig` file path.
- `kubeconfig_path` - Path on the local filesystem where the generated
KUBECONFIG file resides.

- Exports env var `KUBECONFIG` which is set to the generated `kubeconfig` file
path.

## Authorization

Expand Down
5 changes: 5 additions & 0 deletions action.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,11 @@ inputs:
advanced setting, most users should leave this blank.
required: false

outputs:
kubeconfig_path:
description: |-
Path on the local filesystem where the generated KUBECONFIG file resides.

branding:
icon: 'lock'
color: 'blue'
Expand Down
4 changes: 2 additions & 2 deletions dist/index.js
View file
Open in desktop

Large diffs are not rendered by default.

13 changes: 10 additions & 3 deletions src/main.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,8 @@
* limitations under the License.
*/

import { join as pathjoin } from 'path';

import {
exportVariable,
getInput,
Expand All @@ -25,6 +27,7 @@ import {
errorMessage,
parseBoolean,
presence,
randomFilename,
randomFilepath,
writeSecureFile,
} from '@google-github-actions/actions-utils';
Expand Down Expand Up @@ -53,8 +56,8 @@ async function run(): Promise<void> {
}

// Ensure a workspace is set.
const workspace = process.env.GITHUB_WORKSPACE;
if (!workspace) {
const githubWorkspace = process.env.GITHUB_WORKSPACE;
if (!githubWorkspace) {
throw new Error('$GITHUB_WORKSPACE is not set');
}

Expand Down Expand Up @@ -130,7 +133,11 @@ async function run(): Promise<void> {

// Write kubeconfig to disk
try {
const kubeConfigPath = await writeSecureFile(randomFilepath(workspace), kubeConfig);
const filename = 'gha-kubeconfig-' + randomFilename(8);
const kubeConfigPath = pathjoin(githubWorkspace, filename);
logDebug(`Creating KUBECONFIG at ${kubeConfigPath}`);
await writeSecureFile(kubeConfigPath, kubeConfig);

exportVariable('KUBECONFIG', kubeConfigPath);
exportVariable('KUBE_CONFIG_PATH', kubeConfigPath);
logInfo(`Successfully created and exported "KUBECONFIG" at: ${kubeConfigPath}`);
Expand Down