This is a kubectl plugin for login via CLI with OpenID Connect provider (e.g. DEX)
kubectl-login only compatible with kubectl v1.12 or higher.
But also kubectl-login may used as separate binary.
Your OpenID Connect provider must have this endpoint for kubernetes api client into configuration:
Default callback endponit: http://localhost:33768/auth/callback
Download and place kubectl-login binary anywhere in your $PATH with execute permissions.
For further information, see the offical plugin documentation.
Or you can compile it by self.
git clone https://github.com/sdrozdkov/kubectl-login
cd kubectl-login
go buildPlugin takes OpenID Connect issuer URL from your .kube/config, so it must be placed in your .kube/config.
Use username assigned to your oidc provider:
kubectl login sdrozdkov-oidcAfter command executed browser will be opened with redirect to OpenID Connect Provider login page.
Tokens into your .kube/config will be replaced after succesful authenticate at your provider.
- Add creation new user profile into .kube/config based on command line args or something else.