We usually use Harness UI to create the Kubernetes connectors which seems to be easy but need to go through all the setup pages and hence we have API’s which is faster approach to creating multiple connectors.
Reference : https://harness.io/docs/api/tag/Connectors#operation/createConnector
The below API query are to create the Kubernetes connector at organisation and account level.
k8stoken is the secret created at different level such as organisation, account etc.
Organisation Level :
curl -L -X POST "https://app.harness.io/gateway/ng/api/connectors?accountIdentifier=$HARNESS_ACCOUNT_ID" \
-H 'Content-Type: application/json' \
-H "x-api-key: $HARNESS_API_KEY" \
-d '{
"connector": {
"name": "test7",
"identifier": "test7",
"description": "",
"orgIdentifier": "default",
"type": "K8sCluster",
"spec": {
"credential": {
"type": "ManualConfig",
"spec": {
"masterUrl": "http://000.000.00.00:0000",
"auth": {
"type": "ServiceAccount",
"spec": {
"serviceAccountTokenRef": "org.k8stoken"
}
}
}
}
}
}
}'
Account Level :
curl -L -X POST "https://app.harness.io/gateway/ng/api/connectors?accountIdentifier=$HARNESS_ACCOUNT_ID" \
-H 'Content-Type: application/json' \
-H "x-api-key: $HARNESS_API_KEY" \
-d '{
"connector": {
"name": "test7",
"identifier": "test7",
"description": "",
"orgIdentifier": "default",
"type": "K8sCluster",
"spec": {
"credential": {
"type": "ManualConfig",
"spec": {
"masterUrl": "http://000.000.00.00:0000",
"auth": {
"type": "ServiceAccount",
"spec": {
"serviceAccountTokenRef": "account.k8stoken"
}
}
}
}
}
}
}'
inside the spec,
If you give the “serviceAccountTokenRef”: “k8stoken” , it is by default project level and hence the request fails.
In order for org or account level we need to specify the prefix as org or account.
Sample response :
{"status":"SUCCESS","data":{"connector":{"name":"testk8test","identifier":"testk8test","description":"test create","orgIdentifier":"test","projectIdentifier":null,"tags":{},"type":"K8sCluster","spec":{"credential":{"type":"ManualConfig","spec":{"masterUrl":"https://xx.xx.xx.xx","auth":{"type":"ServiceAccount","spec":{"serviceAccountTokenRef":"org.test","caCertRef":null}}}},"delegateSelectors":[]}},"createdAt":1656508321863,"lastModifiedAt":1656508321857,"status":null,"activityDetails":{"lastActivityTime":1656508321857},"harnessManaged":false,"gitDetails":{"objectId":null,"branch":null,"repoIdentifier":null,"rootFolder":null,"filePath":null,"repoName":null,"commitId":null},"entityValidityDetails":{"valid":true,"invalidYaml":null},"governanceMetadata":{
"id": "",
"deny": false,
"details": [],
"message": "FF: [OPA_CONNECTOR_GOVERNANCE] is disabled for account: [xxxxxxxxxxxxxxxxxxxxxxx_hg]",
"timestamp": "0",
"status": "",
"accountId": "",
"orgId": "",
"projectId": "",
"entity": "",
"type": "",
"action": "",
"created": "0"
}},"metaData":null,"correlationId":"exxxxxxxxxxxxxxxxxxxxe7e"}