Details
-
Story
-
Resolution: Unresolved
-
Undefined
-
None
-
None
-
False
-
None
-
False
Description
See https://github.com/openshift/console/pull/12589.
We need to add token creation to Service Accounts to replace the removed `Download kubeconfig file`, but the addition of token creation needs design. We may want to account for optionally setting the expiration duration and/or binding the token to a secret.
Relevant CLI code: https://github.com/kubernetes/kubectl/blob/77a7b65409fc364fa3ff37060cc9342dc0527292/pkg/cmd/create/create_token.go#L228-L268
Background: https://redhat-internal.slack.com/archives/C6A3NV5J9/p1676903843342839
Before realizing adding token creation was going to be more involved and require some design, I had stubbed out token creation:
coFetchJSON
.post(`${k8sBasePath}/api/v1/namespaces/${namespace}/serviceaccounts/${name}/token`, {
kind: 'TokenRequest',
apiVersion: 'authentication.k8s.io/v1',
metadata: { creationTimestamp: null },
spec: { audiences: null, expirationSeconds: null, boundObjectRef: null },
status: { token: '', expirationTimestamp: null },
})
.then((res) => {
console.log('CONSOLE LOG: res', res);
})
.catch((e) => console.log('CONSOLE LOG: e', e));
Attachments
Issue Links
- is caused by
-
OCPBUGS-7308 Download kubeconfig for ServiceAccount returns error
-
- Closed
-
- links to