Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Prow now authenticates with build clusters with tokens that are valid for 2 days. The token is refreshed by a prow job https://prow.k8s.io/?type=periodic&job=ci-test-infra-gencred-refresh-kubeconfig and stores in GCP secret manager, KES is responsible for syncing the secrets into prow. Have observed KES being flaky at time to time, generally more than 10 days after the KES pods started running. See kubernetes#24869 (comment) This is a temporary solution aim to mitigate the issue of long running KES pods
- Loading branch information