Skip to content
A command line tool for authenticating to Kubernetes clusters.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
cmd
kubernetes
version
.gitattributes
.gitignore
.travis.yml
LICENSE
Makefile
README.md
go.mod
go.sum
main.go

README.md

k8s-login

A command line tool for authenticating to Kubernetes clusters.

Build status

Credits

Most of the code here is taken from/inspired by other repositories, primarily the example app from dex. This project is mainly to have a properly released application that can more easily be re-used.

Building

$ make

Installation

Linux:

$ wget https://github.com/anton-johansson/k8s-login/releases/download/v0.0.1/k8s-login-linux-amd64 -O - | sudo tee /usr/local/bin/k8s-login > /dev/null
$ sudo chmod +x /usr/local/bin/k8s-login

Usage

Requirements

This command line tool requires you to run dex with the following client configured:

    staticClients:
      - id: k8s-login
        name: k8s-login
        secret: lhHN7keNTf4MXEIH3WF4NUL701qITv9Q
        redirectURIs:
          - http://localhost:5555/callback

It also requires you to pass in some arguments to kube-apiserver, like this:

  --oidc-issuer-url=https://dex.svc.example.com \
  --oidc-client-id=k8s-login \
  --oidc-username-claim=email \
  --oidc-groups-claim=groups \

Command line interface

$ k8s-login auth <server-name>

Assumptions

This CLI currently assumes that your Kubernetes API is reachable on a URL that looks like this:

http(s)://k8s.svc.<something>:6443

And it expects your Dex to be reachable by replacing k8s.svc with dex.svc and removing the port. It also assumes that the OAuth2 client ID and password is as given in the example above. It can always be overriden with the arguments --client-id and --client-secret, but it makes the CLI a little messier to use.

License

This project is licensed under Apache 2.0 license. Also refer to the license of dex.

You can’t perform that action at this time.