legacy flag does not work from version v0.0.30 when the login method is spn about kubelogin HOT 7 CLOSED

i will see if I can bring back the old code when --legacy is enabled next week

from kubelogin.

hmm. i think that is not supported in the new sdk (azidentity) that we migrated in v0.0.30. Are you managing your own k8s AAD configuration? would it be possible to migrate the server side?

from kubelogin.

Changing the server side will require api restart and we are seeing if we can avoid that

This is failing only for serviceprincipal flow, the deviceToken flow is still working as expected

from kubelogin.

are you okay to stay on v0.0.29 and work on your backend migration? I want to avoid reverting that change for an outdated sdk

from kubelogin.

Any reason why is the device code flow not switched to azidentity, it is still using adal library - https://github.com/Azure/kubelogin/blob/master/pkg/token/devicecode.go

I am not asking you to revert it, but can we use legacy flag to decide to use azidentity or adal for getting the token ?

from kubelogin.

i might migrate devicelogin to azidentity when i have free resources :)

your proposal is fine, but it still requires us to have outdated adal sdk.

from kubelogin.

Changing the server side will require api restart and we are seeing if we can avoid that

It's worse than that actually, it requires control plane rebuild and takes 30 minutes, so it's not an option

from kubelogin.