'User or ServiceAccount for non-human processes running outside of a Kubernetes cluster
I have a cluster where my application is being deployed constantly. My continuous delivery pipeline is implemented in CircleCI (outside of the cluster), were a process interacts with the Kubernetes API to modify various objects in the cluster. This process needs to be properly authenticated to interact with the API.
Based on the Kubernetes official documentation regarding ServiceAccounts, Users are meant for humans and ServiceAccounts are for processes, which run in pods.
Which approach is preferable to authenticate CircleCI? On one hand it is definitely not a human, but is not a process running inside a pod in the cluster either.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|