[kubectl] Implement azure auth module in external credential provider

Azure / container-upstream

This project captures work in progress, and completed work for the Azure Core Container Upstream team

MIT License

53 stars 26 forks source link

[kubectl] Implement azure auth module in external credential provider #91

Open weinong opened 4 years ago

weinong commented 4 years ago

As upstream community (sig-auth) is discussing to remove all the auth modules except oidc and exec in kubectl eventually, the ask is to migrate the azure auth module to KEP: External credential provider which is available starting at v1.11 (beta).

This opportunity gives us a solution to implement more features (non-interactive login mode) and client side bug fixes with greater flexibility as it's no longer tied to in-tree kubectl.

ritazh commented 4 years ago

remove all the auth modules except oidc and exec in kubectl eventually

this will be discussed at the next sig-auth meeting. tentatively the existing azure auth module will be deprecated in 1.19, removed in 1.22

ritazh commented 4 years ago

As discussed in today's sig-auth meeting, deprecation of the in tree client auth credential provider won't happen until one year after the external credential provider goes to GA.