kubectl-oidc

kubectl plugin for login with OAuth 2.0 password grant. Notice that the latest Internet-Draft OAuth 2.0 Security Best Current Practice recommends against using this grant type; hence the plugin has its use only in confined, headless test environments, where it may provide convenient authentication for the kubectl CLI.

Installation

Global

Set KUBECTL_OIDC_IDP_ISSUER_URL, KUBECTL_OIDC_CLIENT_ID, KUBECTL_OIDC_CLIENT_SECRET according to your actual OIDC environment.

curl -o /usr/local/bin/kubectl-oidc \
  https://raw.githubusercontent.com/christian-2/kubectl-oidc/master/kubectl-oidc
chmod a+x /usr/local/bin/kubectl-oidc
pip3 install pyyaml
cat >/etc/profile.d/kubectl-oidc.sh <<EOF
KUBECTL_OIDC_CLIENT_ID=...
KUBECTL_OIDC_CLIENT_SECRET=...
KUBECTL_OIDC_IDP_ISSUER_URL=...
EOF
kubectl oidc -h

Local (per user)

kubectl config set-credentials $USER --auth-provider=oidc \
  --auth-provider-arg=idp-issuer-url=$KUBECTL_OIDC_IDP_ISSUER_URL \
  --auth-provider-arg=client-id=$KUBECTL_OIDC_CLIENT_ID \
  --auth-provider-arg=client-secret=$KUBECTL_OIDC_CLIENT_SECRET

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
.gitignore		.gitignore
LICENSE.md		LICENSE.md
README.md		README.md
kubectl-oidc		kubectl-oidc

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

kubectl-oidc

Installation

Global

Local (per user)

About

Releases

Packages

Languages

License

christian-2/kubectl-oidc

Folders and files

Latest commit

History

Repository files navigation

kubectl-oidc

Installation

Global

Local (per user)

About

Topics

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages