Running script containing kubectl commands in helm installation

6/25/2018

I have a shell script that has several kubectl commands, I need to execute it as a part of helm installation.

#!/bin/bash kubectl create secret generic mysecret --from-literal=username=$USER_NAME --from-literal=password=$passwrd

I have written a job which execute this script.

apiVersion: batch/v1
kind: Job
metadata:
  name: "sagdfghd"

spec:
  template:        
    spec:
      containers:
        - name: sagdfghd
          image: {{ .Values.jobs.dockerRegistry }}
          command: ["sh", "-c", {{ .Files.Get "scripts/myscript.sh" | quote }} ]

But as the script is running inside container it is not able to find kubectl command.

Any idea how can I run this script??

TIA

-- Sudhir
docker
kubernetes
kubernetes-helm

2 Answers

6/25/2018

What image does {{ .Values.jobs.dockerRegistry }} resolve to and does it have the kubectl tool installed on it? It most likely does not have kubectl installed on it, so you will have to add the kubectl install instructions in your Dockerfile. Those instructions will depend on what your base Docker image is. See the following link:

https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl

-- erstaples
Source: StackOverflow

6/26/2018

@ericstaples provided link to installation documentation and it help to resolve issue:

What image does {{ .Values.jobs.dockerRegistry }} resolve to and does it have the kubectl tool installed on it?

It most likely does not have kubectl installed on it, so you will have to add the kubectl install instructions in your Dockerfile. Those instructions will depend on what your base Docker image is.

Since the Pod created by the Job will have a ServiceAccount attached to it, the kubectl tool running in the container will make calls to the cluster in which it's running via the ServiceAccount token, and will in fact create the Secret in the cluster, not the container (assuming it has the correct RBAC permissions).

Try it out. Making calls to the kube-apiserver (e.g. via kubectl) from containers is not uncommon.

Side note: creating a Secret object in a container makes absolutely no sense.

-- d0bry
Source: StackOverflow