kubernetes-sigs
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Chmod kubeconfig to avoid group-readable (#6800) 

After upgrading to newer Kubernetes(v1.17 at least), kubectl command
shows the following warning message:

  WARNING: Kubernetes configuration file is group-readable.
  This is insecure. Location: /home/foo/.kube/config

The kubeconfig was copied from {{ artifacts_dir }}/admin.conf with
kubeconfig_localhost feature. It is better to set valid file mode
at getting it on Kubespray.
pull/6800/merge
Kenichi Omichi 2020-10-09 01:39:08 -07:00 committed by GitHub
parent 64f69718fb
commit e6c28982dd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
roles/kubernetes/client/tasks/main.yml
View File

@ -87,7 +87,7 @@
copy: copy:
content: "{{ final_admin_kubeconfig | to_nice_yaml(indent=2) }}" content: "{{ final_admin_kubeconfig | to_nice_yaml(indent=2) }}"
dest: "{{ artifacts_dir }}/admin.conf" dest: "{{ artifacts_dir }}/admin.conf"
mode: 0640 mode: 0600
delegate_to: localhost delegate_to: localhost
connection: local connection: local
become: no become: no