A skeleton for writing kubectl exec credential plugins in Go that includes:
- Basic logging configuration.
- Outputting an appropriately formatted JSON to
stdout. - A
wrap.shscript to directly run your code as a plugin during development.
To start developing ensure your ~/.kube/config1 file configures a context with a user as follows:
apiVersion: v1
clusters:
- cluster:
server: https://
name: my-cluster
contexts:
- context:
cluster: my-cluster
user: my-user
name: my-context
current-context: my-context
kind: Config
preferences: {}
users:
- name: my-user
user:
exec:
apiVersion: client.authentication.k8s.io/v1beta1
args:
- arg1
- arg2
command: /absolute/path/of/wrap.sh
env:
- name: FOO
value: bar
provideClusterInfo: trueand then run kubectl get pods. Modify cmd/main.go to have the plugin logic specific to your environment and clusters (i.e. one could return a token from DefaultTokenSource for Google Kubernetes Engine clusters).
1 If the KUBECONFIG environment variable is set, the configuration should instead be added to one of the files listed in KUBECONFIG.