hendrik/lens
1
0
Fork 0
mirror of https://github.com/lensapp/lens.git synced 2025-05-20 05:10:56 +00:00
Code Issues Projects Releases Wiki Activity

A bit of cleaning in Add Cluster page

Browse Source 
Signed-off-by: alexfront <alex.andreev.email@gmail.com>
This commit is contained in:
alexfront 2020-08-04 13:23:12 +03:00
parent 756fc7b2b7
commit a3c5d58b11
1 changed files with 14 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/renderer/components/+add-cluster/add-cluster.tsx
View File

@ -124,7 +124,7 @@ export class AddCluster extends React.Component {
to allow you to operate easily on multiple clusters and/or contexts. to allow you to operate easily on multiple clusters and/or contexts.
</p> </p>
<p> <p>
For more information on kubeconfig see <a href="https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/" target="_blank">Kubernetes docs</a> For more information on kubeconfig see <a href="https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/" target="_blank">Kubernetes docs</a>.
</p> </p>
<p> <p>
NOTE: Any manually added cluster is not merged into your kubeconfig file. NOTE: Any manually added cluster is not merged into your kubeconfig file.
@ -137,22 +137,20 @@ export class AddCluster extends React.Component {
app. app.
</p> </p>
<a href="https://kubernetes.io/docs/reference/access-authn-authz/authentication/#option-1-oidc-authenticator" target="_blank"> <a href="https://kubernetes.io/docs/reference/access-authn-authz/authentication/#option-1-oidc-authenticator" target="_blank">
<h4>OIDC (OpenID Connect)</h4> <h3>OIDC (OpenID Connect)</h3>
</a> </a>
<div> <p>
<p> When connecting Lens to OIDC enabled cluster, there's few things you as a user need to take into account.
When connecting Lens to OIDC enabled cluster, there's few things you as a user need to take into account. </p>
</p> <p><b>Dedicated refresh token</b></p>
<b>Dedicated refresh token</b> <p>
<p> As Lens app utilized kubeconfig is "disconnected" from your main kubeconfig Lens needs to have it's own refresh token it utilizes.
As Lens app utilized kubeconfig is "disconnected" from your main kubeconfig Lens needs to have it's own refresh token it utilizes. If you share the refresh token with e.g. <code>kubectl</code> who ever uses the token first will invalidate it for the next user.
If you share the refresh token with e.g. <code>kubectl</code> who ever uses the token first will invalidate it for the next user. One way to achieve this is with <a href="https://github.com/int128/kubelogin" target="_blank">kubelogin</a> tool by removing the tokens
One way to achieve this is with <a href="https://github.com/int128/kubelogin" target="_blank">kubelogin</a> tool by removing the tokens (both <code>id_token</code> and <code>refresh_token</code>) from
(both <code>id_token</code> and <code>refresh_token</code>) from the config and issuing <code>kubelogin</code> command. That'll take you through the login process and will result you having "dedicated" refresh token.
the config and issuing <code>kubelogin</code> command. That'll take you through the login process and will result you having "dedicated" refresh token. </p>
</p> <h3>Exec auth plugins</h3>
</div>
<h4>Exec auth plugins</h4>
<p> <p>
When using <a href="https://kubernetes.io/docs/reference/access-authn-authz/authentication/#configuration" target="_blank">exec auth</a> plugins make sure the paths that are used to call When using <a href="https://kubernetes.io/docs/reference/access-authn-authz/authentication/#configuration" target="_blank">exec auth</a> plugins make sure the paths that are used to call
any binaries any binaries