Env variables in ~/.kube/config are skipped except AWS_PROFILE #207
Description
Description:
Env variables grabbed from user.exec.env are not used
serverless-kubeless/lib/helpers.js
Lines 130 to 135 in 0b62c54
As you can see, only the AWS_PROFILE is used.
I expect those variables to be added to the env used by the aws cli command. In my case I'm trying to unset those variables by using
- name: eks_data
user:
exec:
apiVersion: client.authentication.k8s.io/v1alpha1
env:
- name: AWS_ACCESS_KEY_ID
- name: AWS_SECRET_ACCESS_KEY
command: aws
args:
- eks
- get-token
- --cluster-name
- data
- --role
- arn:aws:iam::my_role
The reason is that my aws creds to deploy using Serverless are different from the creds used to authenticate with my k8s cluster. But I need to interact with AWS to grab some variables from CF stacks' outputs.
I also found that
serverless-kubeless/lib/helpers.js
Line 129 in 0b62c54
serverless-kubeless/lib/helpers.js
Line 138 in 0b62c54
it should be replaced by
const envvars = Object.assign({}, {env: process.env});
Cause it's what expects https://nodejs.org/api/child_process.html#child_process_child_process_execsync_command_options
Or instead variables could be added to process.env and envvars is useless
How to reproduce it (as minimally and precisely as possible):
Have a similar configuration file
- name: eks_data
user:
exec:
apiVersion: client.authentication.k8s.io/v1alpha1
env:
- name: AWS_ACCESS_KEY_ID
value: your_access_key_id
- name: AWS_SECRET_ACCESS_KEY
value: your_secret_access_key
command: aws
args:
- eks
- get-token
- --cluster-name
- data
- --role
- arn:aws:iam::your_role
Set dummy variables in your env and run an sls deploy. Your dummy variables should be overwritten by those found in your ~/.kube/config and your deployment work.