Deploy to AWS EKS using a service account

user1933738

5/3/24, 9:44 AM

I need to deploy multiple (> 2 dozen) applications into distinct namespaces from GitLab. Unfortunately, Gitlab's old instance-wide Kubernetes integration has long been deprecated, and the new agent system requires setting up and configuring a separate agent per project which is infeasible at my scale.

My first attempt was to use Kubernetes CertificateSigningRequests to create client certificates, but that failed because for some reason Kubernetes would not issue them despite being approved.

So, I tried deploying with kubectl directly - that works, but it seems like all guides I found simply say to use your existing AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY credentials in the CI pipeline. This however is just plain bad because I don't want to leak my credentials all over Gitlab.

So, what is the current best practice to do deployments to an EKS cluster that at least somehow scale?

0 + 0

gitlab

kubernetes

aws-eks

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Deploy to AWS EKS using a service account

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.