Fix EKS cluster detection #1532
Merged
+78
−2
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
musa-asad
force-pushed
the
server-version
branch
from
6c92643 to
daf5662
Compare
musa-asad
force-pushed
the
server-version
branch
from
770799a to
482815b
Compare
musa-asad
force-pushed
the
server-version
branch
from
4e427f5 to
2c5b330
Compare
JayPolanco
approved these changes
Feb 11, 2025
movence
approved these changes
Feb 11, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of the issue
To detect whether the CloudWatch Agent is running on EKS, we look for a ConfigMap named
aws-auth, which is only supported for EKS and maps IAM users/roles to K8s RBAC for API access. However,aws-authis now deprecated and isn't created on new EKS clusters, which marks the CloudWatch Agent as running on native K8s, not EKS, which is not accurate.A suggestion from an issue is to inspect the
serviceaccounttoken and look for the issuer field (iss). It contains the unique OIDC url for the EKS cluster.Description of changes
resetTestState()forces re-evaluation of theIsEKS()singleton for each test.License
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
Tests
Before
After
For testing, added a debug line:
Requirements
Before commit the code, please do the following steps.
make fmtandmake fmt-shmake lint