Documentation ¶
Index ¶
- Constants
- func ClusterCaCert(context string) string
- func ContextToEnv(context string) (env string)
- func ExtractTeams(claims *IdentityClaims) (teams []string)
- func Join(items []string, prefix, suffix string) string
- func LoadConfigFromContext(context string) *api.Config
- func RandomString(length int) string
- func ReadToken(context string) string
- func Whoami(user string, groups []string, teams []string) string
- func WriteToken(token string, context string) error
- type IdentityClaims
- type Issuer
Constants ¶
const ExecCredentialObject = `` /* 148-byte string literal not displayed */
ExecCredentialObject - when run as a an exec credential plugin - which is the common mode of operation, the output is printed to stdout and captured by kubectl who will know what to do with the token
Variables ¶
This section is empty.
Functions ¶
func ClusterCaCert ¶ added in v1.2.0
ClusterCaCert provides the CA cert for the given cluster, or "unknown" if not in map of known clusters
func ContextToEnv ¶
ContextToEnv translates any known context to it's corresponding environment, or dev if not found
func ExtractTeams ¶ added in v1.0.1
func ExtractTeams(claims *IdentityClaims) (teams []string)
ExtractTeams returns all teams from groups as found in ID token
func LoadConfigFromContext ¶
LoadConfigFromContext loads config object for provided context
func RandomString ¶
RandomString returns a semi-random string of variable length
func ReadToken ¶ added in v1.1.0
ReadToken returns token or empty string if missing or failure to read it (likely due to it not being written yet)
func WriteToken ¶ added in v1.1.0
WriteToken writes token to ~/.kube/kubectl-login/${env}/token.jwt
Types ¶
type IdentityClaims ¶
type IdentityClaims struct { Username string `json:"email"` Groups *[]string `json:"groups"` jwt.StandardClaims }
IdentityClaims - token claims of interest for our use case
func JwtToIdentityClaims ¶ added in v1.0.1
func JwtToIdentityClaims(rawToken string) *IdentityClaims
JwtToIdentityClaims retrieves user info (name and group belongings) from stored token