Replies: 2 comments
-
|
Create service account for your integration. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
closing er user did not respond |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi team,
I am trying to use kubernetes secret in my integration to store database credentials, I am using it like "{{secret:karavan/secretname}}". I am getting below error
If I am providing service account creation access to pipeline, it is working fine. However, devops team doesn't giving service account creation access to pipeline and saying it is against security policy.
Let me know how can i use to kubernets secret in my integration without service account creation access, reading secret has already provided and it is not working.
Error:
=========
Failed to execute goal io.quarkus.platform:quarkus-maven-plugin:2.16.0.Final:build (default) on project l22r00l: Failed to build quarkus application: io.quarkus.builder.BuildException: Build failure: Build failed due to errors
[ERROR] [error]: Build step io.quarkus.kubernetes.deployment.KubernetesDeployer#deploy threw an exception: io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: POST at: https://10.96.0.1:443/api/v1/namespaces/karavan/serviceaccounts. Message: Forbidden!Configured service account doesn't have access. Service account may have been revoked. serviceaccounts is forbidden: User "system:serviceaccount:karavan:pipeline" cannot create resource "serviceaccounts" in API group "" in the namespace "karavan".
[ERROR] at io.fabric8.kubernetes.client.KubernetesClientException.copyAsCause(KubernetesClientException.java:238)
[ERROR] at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.waitForResult(OperationSupport.java:536)
[ERROR] at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.handleResponse(OperationSupport.java:570)
[ERROR] at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.handleResponse(OperationSupport.java:554)
[ERROR] at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.handleCreate(OperationSupport.java:347)
[ERROR] at io.fabric8.kubernetes.client.dsl.internal.BaseOperation.handleCreate(BaseOperation.java:704)
[ERROR] at io.fabric8.kubernetes.client.dsl.internal.BaseOperation.handleCreate(BaseOperation.java:93)
[ERROR] at io.fabric8.kubernetes.client.dsl.internal.CreateOnlyResourceOperation.create(CreateOnlyResourceOperation.java:42)
[ERROR] at io.fabric8.kubernetes.client.utils.internal.CreateOrReplaceHelper.createOrReplace(CreateOrReplaceHelper.java:51)
[ERROR] at io.fabric8.kubernetes.client.dsl.internal.BaseOperation.createOrReplace(BaseOperation.java:301)
[ERROR] at io.fabric8.kubernetes.client.dsl.internal.BaseOperation.createOrReplace(BaseOperation.java:93)
[ERROR] at io.fabric8.kubernetes.client.extension.ResourceAdapter.createOrReplace(ResourceAdapter.java:124)
[ERROR] at io.quarkus.kubernetes.deployment.KubernetesDeployer.lambda$deploy$5(KubernetesDeployer.java:250)
[ERROR] at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:183)
[ERROR] at java.base/java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:177)
[ERROR] at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1655)
[ERROR] at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484)
[ERROR] at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474)
[ERROR] at java.base/java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150)
[ERROR] at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173)
[ERROR] at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
[ERROR] at java.base/java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:497)
[ERROR] at io.quarkus.kubernetes.deployment.KubernetesDeployer.deploy(KubernetesDeployer.java:226)
[ERROR] at io.quarkus.kubernetes.deployment.KubernetesDeployer.deploy(KubernetesDeployer.java:135)
[ERROR] at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
[ERROR] at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
[ERROR] at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[ERROR] at java.base/java.lang.reflect.Method.invoke(Method.java:566)
[ERROR] at io.quarkus.deployment.ExtensionLoader$3.execute(ExtensionLoader.java:909)
[ERROR] at io.quarkus.builder.BuildContext.run(BuildContext.java:281)
[ERROR] at org.jboss.threads.ContextHandler$1.runWith(ContextHandler.java:18)
[ERROR] at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2449)
[ERROR] at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1478)
[ERROR] at java.base/java.lang.Thread.run(Thread.java:829)
[ERROR] at org.jboss.threads.JBossThread.run(JBossThread.java:501)
[ERROR] Caused by: io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: POST at: https://10.96.0.1:443/api/v1/namespaces/karavan/serviceaccounts. Message: Forbidden!Configured service account doesn't have access. Service account may have been revoked. serviceaccounts is forbidden: User "system:serviceaccount:karavan:pipeline" cannot create resource "serviceaccounts" in API group "" in the namespace "karavan".
[ERROR] at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.requestFailure(OperationSupport.java:742)
[ERROR] at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.requestFailure(OperationSupport.java:722)
[ERROR] at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.assertResponseCode(OperationSupport.java:671)
[ERROR] at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.lambda$handleResponse$0(OperationSupport.java:601)
[ERROR] at java.base/java.util.concurrent.CompletableFuture$UniApply.tryFire(CompletableFuture.java:642)
[ERROR] at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:506)
[ERROR] at java.base/java.util.concurrent.CompletableFuture.complete(CompletableFuture.java:2073)
[ERROR] at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.lambda$retryWithExponentialBackoff$2(OperationSupport.java:643)
[ERROR] at java.base/java.util.concurrent.CompletableFuture.uniWhenComplete(CompletableFuture.java:859)
[ERROR] at java.base/java.util.concurrent.CompletableFuture$UniWhenComplete.tryFire(CompletableFuture.java:837)
[ERROR] at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:506)
[ERROR] at java.base/java.util.concurrent.CompletableFuture.complete(CompletableFuture.java:2073)
[ERROR] at io.fabric8.kubernetes.client.http.ByteArrayBodyHandler.onBodyDone(ByteArrayBodyHandler.java:52)
[ERROR] at java.base/java.util.concurrent.CompletableFuture.uniWhenComplete(CompletableFuture.java:859)
[ERROR] at java.base/java.util.concurrent.CompletableFuture$UniWhenComplete.tryFire(CompletableFuture.java:837)
[ERROR] at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:506)
[ERROR] at java.base/java.util.concurrent.CompletableFuture.complete(CompletableFuture.java:2073)
[ERROR] at io.fabric8.kubernetes.client.okhttp.OkHttpClientImpl$OkHttpAsyncBody.doConsume(OkHttpClientImpl.java:133)
[ERROR] at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
[ERROR] at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
[ERROR] at java.base/java.lang.Thread.run(Thread.java:829)
[ERROR] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
Beta Was this translation helpful? Give feedback.
All reactions