Closed lpellegr closed 7 months ago
Does this happen consistently or was this a once-off occurrence? Are you able to share the GitHub Actinos workflow?
The error happens for all runs (happen consistently). I cannot share the full workflow but it basically looks as follows:
jobs:
install-kubectl:
runs-on: [ ubuntu-latest ]
name: Install Kubectl for OKE
env:
OCI_CLI_USER: ${{ secrets.OCI_CLI_USER }}
OCI_CLI_TENANCY: ${{ secrets.OCI_CLI_TENANCY }}
OCI_CLI_FINGERPRINT: ${{ secrets.OCI_CLI_FINGERPRINT }}
OCI_CLI_KEY_CONTENT: ${{ secrets.OCI_CLI_KEY_CONTENT }}
OCI_CLI_REGION: ${{ secrets.region }}
steps:
- name: Configure Kubectl
uses: oracle-actions/configure-kubectl-oke@v1.3.2
id: test-configure-kubectl-oke-action
with:
cluster: ${{ secrets.clusterId }}
- name: Run Kubectl get nodes
run: kubectl get nodes
- name: Run Kubectl get pods
run: kubectl get pods
- name: Run Kubectl rollout restart
run: kubectl rollout restart deployment
Could you please test whether oracle-actions/run-oci-cli-command
works for you? You can use oci os ns get
for example.
It seems a bit better using oracle-actions/run-oci-cli-command
but the command using oci fails:
1s Current runner version: '2.313.0' Operating System Runner Image Runner Image Provisioner GITHUB_TOKEN Permissions Secret source: Actions Prepare workflow directory Prepare all required actions Getting action download info Download action repository 'oracle-actions/run-oci-cli-command@v1.1.1' (SHA:4425cc0533f324a03be7e728ccd4f4e63b1d4ad8) Uses: X/X-api/.github/workflows/template-oci-kubectl-rollout-restart.yml@refs/heads/main (96af5ee484f739720758a4213ee550a268b43671) Complete job name: restart / OCI command test 9s Run sudo apt-get update Get:1 file:/etc/apt/apt-mirrors.txt Mirrorlist [142 B] Get:6 https://packages.microsoft.com/ubuntu/22.04/prod jammy InRelease [3631 B] Hit:2 http://azure.archive.ubuntu.com/ubuntu jammy InRelease Get:3 http://azure.archive.ubuntu.com/ubuntu jammy-updates InRelease [119 kB] Hit:4 http://azure.archive.ubuntu.com/ubuntu jammy-backports InRelease Get:5 http://azure.archive.ubuntu.com/ubuntu jammy-security InRelease [110 kB] Get:7 https://packages.microsoft.com/ubuntu/22.04/prod jammy/main arm64 Packages [33.6 kB] Get:8 https://packages.microsoft.com/ubuntu/22.04/prod jammy/main amd64 Packages [131 kB] Get:9 http://azure.archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages [1421 kB] Get:10 http://azure.archive.ubuntu.com/ubuntu jammy-updates/main Translation-en [279 kB] Get:11 http://azure.archive.ubuntu.com/ubuntu jammy-updates/restricted amd64 Packages [1504 kB] Get:12 http://azure.archive.ubuntu.com/ubuntu jammy-updates/restricted Translation-en [247 kB] Get:13 http://azure.archive.ubuntu.com/ubuntu jammy-updates/universe amd64 Packages [1052 kB] Get:14 http://azure.archive.ubuntu.com/ubuntu jammy-updates/universe Translation-en [237 kB] Get:15 http://azure.archive.ubuntu.com/ubuntu jammy-updates/multiverse amd64 Packages [42.1 kB] Get:16 http://azure.archive.ubuntu.com/ubuntu jammy-security/main amd64 Packages [1205 kB] Get:17 http://azure.archive.ubuntu.com/ubuntu jammy-security/main Translation-en [219 kB] Get:18 http://azure.archive.ubuntu.com/ubuntu jammy-security/restricted amd64 Packages [1476 kB] Hit:23 https://ppa.launchpadcontent.net/ubuntu-toolchain-r/test/ubuntu jammy InRelease Get:19 http://azure.archive.ubuntu.com/ubuntu jammy-security/restricted Translation-en [244 kB] Get:20 http://azure.archive.ubuntu.com/ubuntu jammy-security/universe amd64 Packages [846 kB] Get:21 http://azure.archive.ubuntu.com/ubuntu jammy-security/universe Translation-en [161 kB] Get:22 http://azure.archive.ubuntu.com/ubuntu jammy-security/multiverse amd64 Packages [37.1 kB] Fetched 9366 kB in 2s (4097 kB/s) Reading package lists... 0s Run python --version Python 3.10.12 32s Run oracle-actions/run-oci-cli-command@v1.1.1
Installing Oracle Cloud Infrastructure CLI /usr/bin/python -m pip install oci-cli Defaulting to user installation because normal site-packages is not writeable Collecting oci-cli Downloading oci_cli-3.37.11-py3-none-any.whl (46.8 MB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 46.8/46.8 MB 44.9 MB/s eta 0:00:00 Collecting terminaltables==3.1.10 Downloading terminaltables-3.1.10-py2.py3-none-any.whl (15 kB) Collecting prompt-toolkit==3.0.29 Downloading prompt_toolkit-3.0.29-py3-none-any.whl (381 kB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 381.5/381.5 KB 66.0 MB/s eta 0:00:00 Requirement already satisfied: pyOpenSSL<25.0.0,>=17.5.0 in /usr/lib/python3/dist-packages (from oci-cli) (21.0.0) Collecting python-dateutil<3.0.0,>=2.5.3 Downloading python_dateutil-2.9.0.post0-py2.py3-none-any.whl (229 kB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 229.9/229.9 KB 51.8 MB/s eta 0:00:00 Collecting oci==2.123.0 Downloading oci-2.123.0-py3-none-any.whl (25.6 MB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 25.6/25.6 MB 66.2 MB/s eta 0:00:00 Requirement already satisfied: cryptography<43.0.0,>=3.2.1 in /usr/lib/python3/dist-packages (from oci-cli) (3.4.8) Collecting click==8.0.4 Downloading click-8.0.4-py3-none-any.whl (97 kB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 97.5/97.5 KB 31.1 MB/s eta 0:00:00 Requirement already satisfied: pytz>=2016.10 in /usr/lib/python3/dist-packages (from oci-cli) (2022.1) Requirement already satisfied: PyYAML<=6.0.1,>=5.4 in /usr/lib/python3/dist-packages (from oci-cli) (5.4.1) Collecting arrow>=1.0.0 Downloading arrow-1.3.0-py3-none-any.whl (66 kB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 66.4/66.4 KB 23.4 MB/s eta 0:00:00 Requirement already satisfied: certifi in /usr/lib/python3/dist-packages (from oci-cli) (2020.6.20) Requirement already satisfied: six>=1.15.0 in /usr/lib/python3/dist-packages (from oci-cli) (1.16.0) Collecting jmespath==0.10.0 Downloading jmespath-0.10.0-py2.py3-none-any.whl (24 kB) Collecting circuitbreaker<2.0.0,>=1.3.1 Downloading circuitbreaker-1.4.0.tar.gz (9.7 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting wcwidth Downloading wcwidth-0.2.13-py2.py3-none-any.whl (34 kB) Collecting types-python-dateutil>=2.8.10 Downloading types_python_dateutil-2.8.19.20240106-py3-none-any.whl (9.7 kB) Building wheels for collected packages: circuitbreaker Building wheel for circuitbreaker (setup.py): started Building wheel for circuitbreaker (setup.py): finished with status 'done' Created wheel for circuitbreaker: filename=circuitbreaker-1.4.0-py3-none-any.whl size=7522 sha256=e0b576cca67f0fa918e8e3bfb6ae6f345e7ef30e5c6a56fe0fec2ff85d97c7d3 Stored in directory: /home/runner/.cache/pip/wheels/3c/be/64/266b6ce2ef1130de5e419f04805acbb2df5a4ab1b91348f25b Successfully built circuitbreaker Installing collected packages: wcwidth, circuitbreaker, types-python-dateutil, terminaltables, python-dateutil, prompt-toolkit, jmespath, click, oci, arrow, oci-cli Successfully installed arrow-1.3.0 circuitbreaker-1.4.0 click-8.0.4 jmespath-0.10.0 oci-2.123.0 oci-cli-3.37.11 prompt-toolkit-3.0.29 python-dateutil-2.9.0.post0 terminaltables-3.1.10 types-python-dateutil-2.8.19.20240106 wcwidth-0.2.13 Executing Oracle Cloud Infrastructure CLI command Error: The process '/home/runner/.local/bin/oci' failed with exit code 1
Below is the workflow using commands as in the README from oracle-actions/run-oci-cli-command
. I also tried oci os ns get
but the error is exactly the same.
jobs:
install-kubectl:
runs-on: [ ubuntu-latest ]
name: OCI command test
env:
OCI_CLI_USER: ${{ secrets.OCI_CLI_USER }}
OCI_CLI_TENANCY: ${{ secrets.OCI_CLI_TENANCY }}
OCI_CLI_FINGERPRINT: ${{ secrets.OCI_CLI_FINGERPRINT }}
OCI_CLI_KEY_CONTENT: ${{ secrets.OCI_CLI_KEY_CONTENT }}
OCI_CLI_REGION: ${{ secrets.region }}
steps:
- name: Update packages
run: |
sudo apt-get update
- name: Python version
run: |
python --version
- name: Retrieve the OCID of a named compartment in tenancy
uses: oracle-actions/run-oci-cli-command@v1.1.1
id: find-compartment-id
with:
command: 'iam compartment list --compartment-id-in-subtree=true'
- name: Retrieve the display name and shape of the instances in my compartment
uses: oracle-actions/run-oci-cli-command@v1.1.1
id: find-instances
with:
command: 'compute instance list --compartment-id ${{ steps.find-compartment-id.outputs.raw_output }}'
query: 'data[*].{name: \"display-name\", shape: shape}'
- name: List the display name and shape of the instances in my compartment
run: |
echo ${{ steps.find-instances.outputs.output }} | jq .```
Any quick workaround to authenticate and get a kubeconfig for a Kubernetes Cluster running on Oracle cloud? We would like to retrieve from a Github Actions workflow a kubeconfig for a few Kubernetes clusters running on Oracle Cloud. The purpose is to trigger a rollout restart for some pods based on some conditions from a workflow.
Does env var OCI_CLI_KEY_CONTENT
must contain the raw private key content as in the pem file or a base64 encoded version? (I am currently using the raw private key content as the docs seems to say)
It should be the PEM content, not encoding necessary.
I'll try and reproduce this when I'm back at the office tomorrow.
Thanks for your help. I confirm the issue is still present and OCI_CLI_KEY_CONTENT contains the raw private key content as in the pem file.
@Djelibeybi Did you have the chance to give a try?
Any maintainer there?
The problem was on my side. In case you use reusable workflows you need to make sure that secrets are inherited and the region must be the region of the cluster where you want to run kubectl and not the main region where the tenancy was created.
Apologies for the lack of reponse: I've been offline for medical reasons for a while.
Using
oracle-actions/configure-kubectl-oke@v1.3.2
in a Github Actions Workflow running on Github ubuntu latest: