kubectl-credentials-helper

This is a kubectl credentials helper. It is using your local OS keychain to store sensitive content of your KUBECONFIG.

To install:

go install github.com/plumber-cd/kubectl-credentials-helper

You can also download this from releases.

To secure your existing KUBECONFIG, use:

kubectl-credentials-helper secure --kubeconfig path

If --kubeconfig was not provided - it will try to find KUBECONFIG env variable and as a last resort - default user home ~/.kube/config.

This will save all sensitive info from a local KUBECONFIG to your OS specific keychain. Sensitive considered the following:

.user.username
.user.password
.user.client-certificate-data
.user.client-key-data

For user entries that it finds, it will replace in your KUBECONFIG with the following:

apiVersion: v1
kind: Config
users:
- name: <name>
  user:
    exec:
      apiVersion: client.authentication.k8s.io/v1
      command: kubectl-credentials-helper
      provideClusterInfo: true
      interactiveMode: Never

Now, every time you are trying to access this cluster - the helper will fetch sensitive info from OS specific keychain.

Name		Name	Last commit message	Last commit date
Latest commit History 18 Commits
.github/workflows		.github/workflows
cmd		cmd
keychain		keychain
.gitignore		.gitignore
CHANGELOG.md		CHANGELOG.md
LICENSE		LICENSE
README.md		README.md
go.mod		go.mod
go.sum		go.sum
main.go		main.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

kubectl-credentials-helper

About

Releases 2

Languages

License

plumber-cd/kubectl-credentials-helper

Folders and files

Latest commit

History

Repository files navigation

kubectl-credentials-helper

About

Topics

Resources

License

Stars

Watchers

Forks

Releases 2

Languages