Headless Login Documentation

chainguard-dev / edu

Educational Resources for Software Supply Chain Security

https://edu.chainguard.dev

Other

73 stars 56 forks source link

Headless Login Documentation #194

Closed ltagliaferri closed 1 year ago

ltagliaferri commented 1 year ago

"Login flow from another device"

Add paragraph on device flow

Issue

jamonation commented 1 year ago

Worth also looking into bypassing google metadata endpoint with Google Cloud VMs and chainctl

ltagliaferri commented 1 year ago

When you open browser on another device (phone, etc.)

[ 16:43:49 ] colin in ~/code/chainguard/mono/chainctl on device-flow
 λ ./chainctl auth login
Authenticating...
Error opening browser. Switching to device flow...

Enter the verification code FTFD-ZVTV in your browser at: https://auth.chainguard.dev/activate
Code will be valid for 900 seconds
Token received!
Successfully exchanged token.
Valid! Id: af641...

jamonation commented 1 year ago

I've got a partially working PR open to make device flow use a flag like --device-flow explicitly as well. This flag will ensure that Google Cloud, AWS, etc. metadata endpoints get bypassed for auth.