A command line tool for authenticating to Kubernetes clusters.
Most of the code here is taken from/inspired by other repositories, primarily the example app from dex. This project is mainly to have a properly released application that can more easily be re-used.
$ wget https://github.com/anton-johansson/k8s-login/releases/download/v0.0.1/k8s-login-linux-amd64 -O - | sudo tee /usr/local/bin/k8s-login > /dev/null $ sudo chmod +x /usr/local/bin/k8s-login
This command line tool requires you to run dex with the following client configured:
staticClients: - id: k8s-login name: k8s-login secret: lhHN7keNTf4MXEIH3WF4NUL701qITv9Q redirectURIs: - http://localhost:5555/callback
It also requires you to pass in some arguments to
kube-apiserver, like this:
--oidc-issuer-url=https://dex.svc.example.com \ --oidc-client-id=k8s-login \ --oidc-username-claim=email \ --oidc-groups-claim=groups \
Command line interface
$ k8s-login auth <server-name>
This CLI currently assumes that your Kubernetes API is reachable on a URL that looks like this:
And it expects your Dex to be reachable by replacing
dex.svc and removing the port. It also assumes that the OAuth2 client ID and password is as given in the example above. It can always be overriden with the arguments
--client-secret, but it makes the CLI a little messier to use.
This project is licensed under Apache 2.0 license. Also refer to the license of dex.