You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To minimize what confidential data gets stored on local machine.
Your idea (how)
options:
add flag that specify environment variables that should contains secret to encrypt/decrypt to token cache.
If specified environment is emtpy, fail and show message to instruct user to set env variables.
If not empty but wrong secret, do not use the cache and start over the authentication
integrate with os secrets management e.g mac's keychain or windows credential manager (i don't know whether its possible or not. what comes in mind is the way git store credential to connect to remote server)
The text was updated successfully, but these errors were encountered:
Suggest relying on the OS keyring. Environment variables aren't that safe. At least on Linux you can read environment variables from /proc/$PID/environ, which just uses file permissions. Not any safer than storing the credentials in ~/.kube directory.
Purpose of the feature (why)
To minimize what confidential data gets stored on local machine.
Your idea (how)
options:
The text was updated successfully, but these errors were encountered: