-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Infrastructure Manager - implement kubeconfig secret management #10
Comments
The POC code is here: kyma-project/control-plane#3017.
|
Workplan:
|
There is couple of things to be done as follow up:
|
Currently, the secret is rotated both periodically and if
|
As of now, if you will get the kubeconfig from that secret using e.g. @ebensom could you help us understand whether this is acceptable behavior? |
@Disper Yes AFAIK this is expected behavior, as tokens obtained via Gardener TokenRequest are OIDC tokens with |
We will do a tiny refactoring in the code to reflect that we're not doing the revocation, but rotation. |
Description
The Infrastructure Manager must manage dynamic kubeconfigs.
Acceptance criteria:
Reasons
In the long term the Infrastructure Manager will replace Provisioner. In the first step it will be responsible for kubeconfig management in the Kyma Control Plane.
The text was updated successfully, but these errors were encountered: