Open iamkirkbater opened 2 weeks ago
[APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: iamkirkbater
The full list of commands accepted by this bot can be found here.
The pull request process is described here
I walked through this with an expired OCM token and it worked fine.
But then I logged into OCM outside of the container and attempted to run this again and all logins worked fine.
Then I ran ocm logout
outside of the container and attempted to run the container again, and now all environments fail to work.
This needs more work and testing before merging.
/hold
Based on @iamkirkbater's last comment
This is kind of a stopgap feature. Given that offline tokens will be disabled in Prod soon and this won't be needed after then should we switch focus to getting the new login scheme working nicer?
Adds a fallback for prod access with offline access tokens but adds a warning, and proceeds to use device code login for OCM when in the staging or integration environments.
Per some feedback received in slack this should allow both access mechanisms to give SREs more time to switch without breaking current prod workflows.