Comments (7)
i will see if I can bring back the old code when --legacy is enabled next week
from kubelogin.
hmm. i think that is not supported in the new sdk (azidentity) that we migrated in v0.0.30. Are you managing your own k8s AAD configuration? would it be possible to migrate the server side?
from kubelogin.
Changing the server side will require api restart and we are seeing if we can avoid that
This is failing only for serviceprincipal flow, the deviceToken flow is still working as expected
from kubelogin.
are you okay to stay on v0.0.29 and work on your backend migration? I want to avoid reverting that change for an outdated sdk
from kubelogin.
Any reason why is the device code flow not switched to azidentity, it is still using adal library - https://github.com/Azure/kubelogin/blob/master/pkg/token/devicecode.go
I am not asking you to revert it, but can we use legacy flag to decide to use azidentity or adal for getting the token ?
from kubelogin.
i might migrate devicelogin to azidentity when i have free resources :)
your proposal is fine, but it still requires us to have outdated adal sdk.
from kubelogin.
Changing the server side will require api restart and we are seeing if we can avoid that
It's worse than that actually, it requires control plane rebuild and takes 30 minutes, so it's not an option
from kubelogin.
Related Issues (20)
- Get JWT token from AzureAD v2.0 endpoint HOT 7
- Why kubectl in conjunction with kubelogin sends complete string instead of only user (upn) HOT 4
- Variable overrides parameter value inside kubeconfig HOT 1
- Add linux-arm build
- Subject Name Issuer based Auth for SPN Login Mode for Kubelogin HOT 2
- Support OIDC request url & token HOT 2
- `get-token --login azurecli` should be fast when a local token exists HOT 2
- kubelogin is vulnerable to CVE-2023-39323 HOT 2
- Proposal: kubelogin library usage HOT 3
- No possibility to use Service Principal when Workload Identity is enabled in the Pod HOT 7
- Rename `master` to `main` branch for this repo.
- Expose kubelogin cli flags in library mode HOT 1
- Query Regarding Autorest Library Usage HOT 2
- weird authorization error when authenticating via service principal HOT 6
- Azure AD v2 endpoints doesn't work HOT 2
- Issues when using Azure DevOps federated identity token HOT 4
- Kubectl is returning 'Unable to connect to the server' and 'couldn't get current server API group list' all of a sudden HOT 1
- Token expires immediately HOT 1
- kubelogin enabled cluster device login takes CLIENT ID from ENV variable HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kubelogin.