I am using Kubernetes native runtime (it is an excellent approach).
I’m wondering if there is a simple image/config pair that I can use to just run
kubectl in a build step, rather than the approach I’ve been taking.
Assuming not, let me describe what I’ve been doing.
Firstly, here’s my envvars:
The image I am using is really nothing more than a wrapper around
kubectl to allow me to run it inside a build.
When I run a pod manually (through kubectl run), I see a
/run/secrets/kubernetes.io/serviceaccount/token file. However, when a job runs in Drone, that file is not present. I presume that will be needed for a job to be able to connect to the Kuberenetes API.
Also, having set the
DRONE_KUBERNETES_SERVICE_ACCOUNT, that has been applied to the ‘job controller’ pods. However, the builds themselves, which fire up in randomised namespaces such as
e5vmbwh2nezkfk6dt2vsclbagupaf0wy have a service account set to default.
I’m not sure if either of these are a problem.
Let me know if there are any other details I can provide.