[RFC] Passwordless authentication for Git repositories

[aryan9600]

This RFC proposes adding support for passwordless authentication for Git repositories on Git SaaS platforms and cloud providers using methods like OIDC, OAuth2 and IAM.

[aryan9600]

I like the general approach here. What I missed while reading the RFC is the handling of token lifetime. How is an expired token refreshed?

@makkes see the "Caching" section at the bottom. do you feel like that section does not contain enough info about handling of expiring tokens? what more would you like to see in the section?

[Poltergeisen]

Is this still being planned? I'm very interested in being able to use managed identities for git instead of a manual step right now of adding a secret to my clusters.

[schdief]

would also be interested in using Azure DevOps managed identities/service principals

[bavneetsingh16]

Would any of the maintainers sponsor this RFC? I would like to start making progress on this.

[souleb]

Would any of the maintainers sponsor this RFC? I would like to start making progress on this.

Thanks for stepping up @bavneetsingh16. I volunteer to sponsor this RFC.

[stefanprodan]

Superseded by #4806

[ageisen2000]

Superseded by #4806

Is there another PR in flight for this or will it be implemented later then?

[stefanprodan]

Is there another PR in flight for this or will it be implemented later then?

First the RFC has to be agreed on and merged, then we can talk about implementations. I've added the RFC to the roadmap but it all depends on the availability of those involved.