kubecaml icon indicating copy to clipboard operation
kubecaml copied to clipboard

Published 20 hours ago verified publisher icon andrenth

Handling certificates and tokens

Open shinzui opened this issue 6 years ago • 5 comments

Do you have an example how to handle certificates and tokens for authentication?

shinzui avatar May 16 '18 20:05 shinzui

It's not possible yet, though planned for the near future. I think for maximum flexibility I'll have to change OCaml-Swagger to generate code taking extra arguments to be passed to cohttp's Client.{get,post,...} (headers and context, I think) instead of just the URI as it is today, so that one can built a context from the certificate and keys, or pass the Authorization headers as necessary.

Right now I'm working on setting up a bare metal HA cluster, which is more work than I thought it would be, along with other unplanned work stuff, but I want to tackle this right after that, though a patch would be lovely :stuck_out_tongue_winking_eye:

andrenth avatar May 16 '18 20:05 andrenth

I made a commit on OCaml-Swagger that allows you to pass optional ctx and headers arguments to the request functions.

Do you have a cluster with authentication setup where you could pin this and test it? If it works fine I'll wrap ctx, headers and uri in a record to make it nicer to use and release a new version.

andrenth avatar May 16 '18 21:05 andrenth

@andrenth Yes. I have a production cluster on google kubernetes engine that I can point to and test.

shinzui avatar May 16 '18 22:05 shinzui

@andrenth Do I need to regenerate kubecaml in order to test?

shinzui avatar May 17 '18 21:05 shinzui

Yes, pin OCaml-Swagger from master and then rebuild kubecaml.

andrenth avatar May 17 '18 21:05 andrenth