Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Path to k8s-ca.crt is relative #494

Open
quarckster opened this issue Jun 12, 2023 · 4 comments
Open

Path to k8s-ca.crt is relative #494

quarckster opened this issue Jun 12, 2023 · 4 comments
Labels
bug Something isn't working not-stale
Milestone
0.8.0

Comments

@quarckster
Copy link

kubent fails to start if it's not executed in ${HOME}/.kube directory:

kubent -x <SOME CONTEXT> --helm3
11:12AM INF >>> Kube No Trouble `kubent` <<<
11:12AM INF version 0.7.0 (git sha d1bb4e5fd6550b533b2013671aa8419d923ee042)
11:12AM INF Initializing collectors and retrieving data
11:12AM ERR Failed to initialize collector: <nil> error="failed to assemble client config: invalid configuration: unable to read certificate-authority certs/<SOME CLUSTER>/k8s-ca.crt for <SOME CLUSTER> due to open certs/<SOME CLUSTER>/k8s-ca.crt: no such file or directory"
11:12AM ERR Failed to initialize collector: <nil> error="failed to assemble client config: invalid configuration: unable to read certificate-authority certs/<SOME CLUSTER>/k8s-ca.crt for <SOME CLUSTER> due to open certs/<SOME CLUSTER>/k8s-ca.crt: no such file or directory"
11:12AM INF Loaded ruleset name=custom.rego.tmpl
11:12AM INF Loaded ruleset name=deprecated-1-16.rego
11:12AM INF Loaded ruleset name=deprecated-1-22.rego
11:12AM INF Loaded ruleset name=deprecated-1-25.rego
11:12AM INF Loaded ruleset name=deprecated-1-26.rego
11:12AM INF Loaded ruleset name=deprecated-future.rego

I tried both a binary and a container the error is the same. Only when I change the current working directory to ${HOME}/.kube kubent works.
@github-actions
Copy link

This issue has not seen any activity in last 60 days, and has been marked as stale.

@github-actions github-actions bot added the stale label Aug 12, 2023
@stepanstipl stepanstipl removed the stale label Sep 5, 2023
@stepanstipl
Copy link
Contributor

Can we see the relevant part of your .kubeconfig? I assume that perhaps the certs there are referenced as relative to ${HOME}/.kube?

@quarckster
Copy link
Author

Can we see the relevant part of your .kubeconfig? I assume that perhaps the certs there are referenced as relative to ${HOME}/.kube?

...
clusters:
- cluster:
    certificate-authority: certs/<REDACTED>/k8s-ca.crt
    server: https://<REDACTED>
  name: <REDACTED>
...

Good catch, but anyway, this is something not obvious.

@stepanstipl
Copy link
Contributor

Thanks for confirming this.

I did check how kubectl behaves, and it seems it will resolve paths relative to the kubeconfig location. We should probably try to do the same.

@stepanstipl stepanstipl added the bug Something isn't working label Sep 7, 2023
@stepanstipl stepanstipl added this to the 0.8.0 milestone Sep 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working not-stale
Projects
None yet
Milestone
0.8.0
Development

No branches or pull requests
2 participants
@quarckster @stepanstipl