Beni Cherniavsky-Paskin
Beni Cherniavsky-Paskin
Friendly ping :wave:, as #407 has been merged, would you like to rebase and advance this? AFAICT, this prepares some APIs but doesn't yet write back a kubeconfig file, right?
BTW, preparing some APIs can be a great stand-alone PR :+1:, not saying you have to do it all at once.
Do'h I finally get it. Currently, (once `id-token` from Config is expired) each `OIDCAuthProvider.token` call creates a fresh `OpenIDConnect::Client.new(...)` so the `refresh_token` it returns gets discarded entirely. :frowning_face: - [...
certs renewed, close-cycling to trigger CI. Sorry for my silence. It's great that you're attacking this! :clap: _disclaimer: I know very little about all this auth!_ #### Performance / rate-limiting...
cc @benlangfeld @jeremywadsack @timothysmith0609 @nov @dhstewart: I dumped some questions about this PR above, but you all know more about auth than I do, please help :)) With auth knowledge...
One of the things it wants is `spec.interactive`, should be true if plugin has access to stdin where a user may respond. I see we currently run plugin with `Open3.capture3`...
Thanks! Sorry for slow response, I'm not finding enough time :frowning_face: Do you see a way to add/update unit test that would have caught this?
Mainly because nobody implemented the necessary logic in kubeclient :-). PRs welcome. I don't know enough to comment on safety of mixing the two and `--force-conflict`...
See #358 for previous discussion and links. There are two parts there: - if you want to start from a yaml file with arbitrary resource types, kubeclient is missing the...
> client.api('rbac.authorization.k8s.io/v1').get_groups I think that's #347. > ``` > client.setApi('rbac.authorization.k8s.io/v1') > client.get_groups() > client.setApi('some.other.api') > client.someOtherMethod() > ``` that's #346. Trying to keep one issue per approach to focus discussion...