kubelogin
kubelogin copied to clipboard
Added key cache via OS keyring
Changed the repository.Repository
implementation to use https://github.com/zalando/go-keyring
This means that password tokens are stored in OS keyring instead of in plain text on your disk.
Screenshot from "KDE Wallet Management Tool", the app used to inspect OS keyring on KDE:
Usage:
- name: oidc
user:
exec:
apiVersion: client.authentication.k8s.io/v1beta1
args:
- oidc-login
- get-token
- --oidc-issuer-url=https://...............
- --oidc-client-id=google
- --oidc-client-secret=...............
- --force-keyring # <--- new flag
command: kubectl
env: null
interactiveMode: IfAvailable
provideClusterInfo: false
The code prefers the OS keyring, if supported. Falls back to file based cache. Can be overridden with the new flags:
-
--force-keyring
-
--no-keyring
Closes #952