I am trying to deploy k8s deployment(simple pod) to EKS. I am using Jenkins 2.319.1 and all plugins up to date and using Kubernetes cd plugin. I have an error that user system:anonymous cannot patch resource "pods" in API group in the namespace default. I am not sure what is the reason? I seared a lot, but didn't solve yet. Could someone help me
Starting Kubernetes deployment
Loading configuration: /var/lib/jenkins/workspace/eks/nginx.yaml
ERROR: ERROR: io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: POST at: https://0615cdb22445853e01165ad9c054a48f.gr7.us-east-1.eks.amazonaws.com/api/v1/namespaces/default/pods. Message: Forbidden! User arn:aws:eks:us-east-1:705746146520:cluster/my-eks-last doesn't have permission. pods is forbidden: User "system:anonymous" cannot create resource "pods" in API group "" in the namespace "default".
hudson.remoting.ProxyException: io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: POST at: https://0615cdb22445853e01165ad9c054a48f.gr7.us-east-1.eks.amazonaws.com/api/v1/namespaces/default/pods. Message: Forbidden! User arn:aws:eks:us-east-1:705746146520:cluster/my-eks-last doesn't have permission. pods is forbidden: User "system:anonymous" cannot create resource "pods" in API group "" in the namespace "default".
at io.fabric8.kubernetes.client.dsl.base.OperationSupport.requestFailure(OperationSupport.java:472)
at io.fabric8.kubernetes.client.dsl.base.OperationSupport.assertResponseCode(OperationSupport.java:409)
at io.fabric8.kubernetes.client.dsl.base.OperationSupport.handleResponse(OperationSupport.java:381)
at io.fabric8.kubernetes.client.dsl.base.OperationSupport.handleResponse(OperationSupport.java:344)
at io.fabric8.kubernetes.client.dsl.base.OperationSupport.handleCreate(OperationSupport.java:227)
at io.fabric8.kubernetes.client.dsl.base.BaseOperation.handleCreate(BaseOperation.java:780)
at io.fabric8.kubernetes.client.dsl.base.BaseOperation.create(BaseOperation.java:349)
at com.microsoft.jenkins.kubernetes.KubernetesClientWrapper$PodUpdater.createResource(KubernetesClientWrapper.java:806)
at com.microsoft.jenkins.kubernetes.KubernetesClientWrapper$PodUpdater.createResource(KubernetesClientWrapper.java:775)
at com.microsoft.jenkins.kubernetes.KubernetesClientWrapper$ResourceUpdater.createOrApply(KubernetesClientWrapper.java:377)
at com.microsoft.jenkins.kubernetes.KubernetesClientWrapper.apply(KubernetesClientWrapper.java:183)
at com.microsoft.jenkins.kubernetes.command.DeploymentCommand$DeploymentTask.doCall(DeploymentCommand.java:168)
at com.microsoft.jenkins.kubernetes.command.DeploymentCommand$DeploymentTask.call(DeploymentCommand.java:122)
at com.microsoft.jenkins.kubernetes.command.DeploymentCommand$DeploymentTask.call(DeploymentCommand.java:105)
at hudson.FilePath.act(FilePath.java:1259)
at com.microsoft.jenkins.kubernetes.command.DeploymentCommand.execute(DeploymentCommand.java:67)
at com.microsoft.jenkins.kubernetes.command.DeploymentCommand.execute(DeploymentCommand.java:46)
at com.microsoft.jenkins.azurecommons.command.CommandService.runCommand(CommandService.java:88)
at com.microsoft.jenkins.azurecommons.command.CommandService.execute(CommandService.java:96)
at com.microsoft.jenkins.azurecommons.command.CommandService.executeCommands(CommandService.java:75)
at com.microsoft.jenkins.azurecommons.command.BaseCommandContext.executeCommands(BaseCommandContext.java:77)
at com.microsoft.jenkins.kubernetes.KubernetesDeploy.perform(KubernetesDeploy.java:42)
at com.microsoft.jenkins.azurecommons.command.SimpleBuildStepExecution.run(SimpleBuildStepExecution.java:54)
at com.microsoft.jenkins.azurecommons.command.SimpleBuildStepExecution.run(SimpleBuildStepExecution.java:35)
at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
...POST at: https://0615cdb22445853e01165ad9c054a48f.gr7.us-east-1.eks.amazonaws.com/api/v1/namespaces/default/pods...
You didn't setup the plugin credential correctly, as a result your job is making direct call to the cluster endpoint WITHOUT authenticate with the cluster. Typically, you need to run your job using an IAM user who has access to the cluster, and you set this up using secret file (actually it's the kubeconfig file).