DevOps Pipeline AKS Deployment with KubeLogin through Service Connection

Question

I am having AKS kubernetes cluster version 1.26.6. Below is my configuration from Azure Portal. Everything is working great in local. But I like to use Release pipeline and that's where I am getting difficulties.

I have task in rleease pipeline for helm upgrade. I am well aware that we need to use KubeLogin.

I have used azurecli and service principal account in my local. I also have clusterrole and clusterrolebinding applied in my AKS cluster and they all are set up correctly. (I have checked by login and fetching namespaces) in my local.

Now, the only problem I am facing is auto-deployment through the release pipeline. for that, I know we can't use Kubernetes Service Connection as long running token is no longer an option. We need to use Azure Resource Manager and I have configured that in my service connection (with Verify)

However, when It tried to use this service connection with Helm it gave an error. It gives

Error: Kubernetes cluster unreachable: Get "https://brij1111-aks-cluster.azmk8s.io:443/version": getting credentials: exec: executable kubelogin not found It looks like you are trying to use a client-go credential plugin that is not installed. To learn more about this feature, consult the documentation available at: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins kubelogin is not installed which is required to connect to AAD enabled cluster. To learn more, please go to https://aka.ms/aks/kubelogin

Lastly, I am using Azure Hosted Agent rather than my own agent. with Latest Ubuntu image.

Here are some reference screenshots in case you need to guide me correctly...

Answer 1

The Kubelogin command tool is not pre-installed on MS hosted agents by default.

To use Kubelogin command in pipelines, you can use the Kubelogin tool installer task to install the latest or specified version of Kubelogin on the agents every time when running the pipeline job.