Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for static bearer token authentication for Kubernetes #1855

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add support for static bearer token authentication for Kubernetes #1855

wants to merge 2 commits into from
+151 −27

Conversation

simonferquel
Copy link
Contributor

Fix #1852
- What I did

This adds support for importing kubeconfig file using token-based
authentication.

- How I did it

The bearer token is stored within the tls store because of its sensitive
nature.

- How to verify it

Comes with unit tests

@simonferquel
Add support for static bearer token authentication for Kubernetes
fe192e1 
This adds support for importing kubeconfig file using token-based
authentication.

The bearer is stored within the tls store because of its sensitive
nature.

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
@simonferquel
Copy link
Contributor Author

cc @alexmavr

@codecov-io
Copy link

codecov-io commented May 1, 2019
edited

Codecov Report

Merging #1855 into master will increase coverage by 0.03%.
The diff coverage is 89.18%.

@@            Coverage Diff             @@
##           master    #1855      +/-   ##
==========================================
+ Coverage   56.75%   56.79%   +0.03%     
==========================================
  Files         309      309              
  Lines       21658    21687      +29     
==========================================
+ Hits        12292    12317      +25     
- Misses       8469     8471       +2     
- Partials      897      899       +2

alexmavr
alexmavr approved these changes May 1, 2019
View reviewed changes
Copy link
Contributor

@alexmavr alexmavr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the quick turnaround!

@alexmavr
Copy link
Contributor

alexmavr commented May 3, 2019

I do see the context correctly generated with the following TLSMaterial and a corresponding token file in the TLSPath

        "TLSMaterial": {
            "kubernetes": [
                "token"
            ]
        },

However, trying to deploy a stack returns the following error:

$ docker stack deploy --compose-file docker-compose.yml --orchestrator=kubernetes petstore
WARN[0000] unknown file token in context test-cluster-1 tls bundle 
Unauthorized

@simonferquel
Avoid warning when token TLS file is present
beea6dd 
Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
@marcinc marcinc mentioned this pull request May 22, 2020
Open
@Amos-85
Copy link

Amos-85 commented Jan 5, 2021

@simonferquel
There is a merge conflict.
any chance to resolve it ?

This fix is very important for anyone who work with authentication token for k8s clusters.

@Amos-85
Copy link

Amos-85 commented Mar 14, 2021

@thaJeztah ,
Will it be possible to support token authentication for k8s builder context ?

@wyrie-zz
Copy link

Would be great to have this

@stevefan1999-personal
Copy link

can this be revived?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alexmavr alexmavr alexmavr approved these changes

@hc0503 hc0503 hc0503 approved these changes

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
area/kubernetes impact/changelog status/2-code-review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support token authentication for kubernetes contexts
9 participants
@simonferquel @codecov-io @alexmavr @Amos-85 @wyrie-zz @stevefan1999-personal @hc0503 @thaJeztah @GordonTheTurtle