Tokens are inconveniently long

[LukeShu]

This isn't a bug, but a UX concern. While the Python client in this git repo stores the token in a file in ~/.config/, gubernaut (used by build-aux.git) wants it in an environment variable. This makes it very convenient to use with CI, just configure it as a regular env-var secret. ...except that it's too long to use as a secure environment variable in .travis.yml:

$ travis encrypt --com KUBERNAUT_TOKEN=[redacted]
Detected repository as datawire/ambassador-oauth, is this correct? |yes| 
data too large - consider using travis encrypt-file or travis env set
$ echo $?
1

[plombardi89]

I agree it sucks. We're kind of stuck with it for the time being. I would prefer to switch a more traditional bearer API key but there is limited engineering budget for improving this right now.

The current implementation was a matter of convenience rather than an explicit design decision.

[plombardi89]

Pondering on this some more but a precursor to any work here would be a plan on how to transition gracefully from JWT bearer tokens to more traditional bearer tokens. That's a UX problem I don't have a good answer for.

[LukeShu]

Kubernaut is dead.