I want to give the ability to trigger a K8s to a person that doesn't work with IT. He doesn't have docker nor K8s installed.
What are my options to grant him this possibility ?
I already thinked I can create a custom service with POST endpoint with a basic auth that should allow him to make the query only with curl / postman, but I wonder if there is any "easier" and free alternative.
PD: This person has an account on gitlab.com and our K8s cluster is integrated to Gitlab.
He/She/They can directly talk to kubernetes api server using curl etc. Easier way would be to install a client side tool like kubectl
using which the other person can create the jobs.
You would need to provide them with credentials with appropriate access(limiting to creating jobs).
https://kubernetes.io/docs/reference/access-authn-authz/authentication/
Does the company use some CI/CD tool that requires company authentication, supports authorization, and has a browser-based GUI (e.g. Jenkins)? If "yes", then create a job in that CI/CD tool that will connect to Kubernetes behind the scene using a Kubernetes service account to trigger the Kubernetes Job.
This way, the non-IT user won't have to know the any of the Kubernetes details, will use their company login credentials, will be restricted to trigger just this job, while using a browser GUI.
You can use a CI/CD tool like Jenkins or Gitlab CI to build a pipeline , which will internally connects to Kubernetes and perform any JOB you configured in that pipeline.