Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: Document access token creation and usage #3316

Merged
merged 4 commits into from
Jun 25, 2020
Merged

docs: Document access token creation and usage #3316

merged 4 commits into from
Jun 25, 2020

Conversation

alexec
Copy link
Contributor

@alexec alexec commented Jun 25, 2020
edited
Loading

Checklist:

  • Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this is a chore.
  • The title of the PR is (a) conventional, (b) states what changed, and (c) suffixes the related issues number. E.g. "fix(controller): Updates such and such. Fixes #1234".
  • I've signed the CLA.
  • I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
  • My builds are green. Try syncing with master if they are not.
  • My organization is added to USERS.md.

Changes

This PR documents how to create a token suitable for automation - i.e. an "access token"

whynowy
whynowy reviewed Jun 25, 2020
View reviewed changes
docs/access-token.md Outdated Show resolved Hide resolved
docs/access-token.md Show resolved Hide resolved
docs/access-token.md Outdated Show resolved Hide resolved
docs/access-token.md Outdated Show resolved Hide resolved
whynowy
whynowy reviewed Jun 25, 2020
View reviewed changes
docs/access-token.md Outdated Show resolved Hide resolved
whynowy
whynowy reviewed Jun 25, 2020
View reviewed changes
docs/access-token.md Outdated
You now need to get a token:

```shell script
SECRET=$(kubectl get secret -o name | grep '^secret/jenkins-token-' | sed 's/secret\///')
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Need to decode the token.

A workable script:

ARGO_TOKEN=$(kubectl -n argo get secret `kubectl -n argo get sa jenkins -o=jsonpath='{.secrets[0].name}'` -o=jsonpath='{.data.token}' | base64 --decode)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice - really good. Thank you.

whynowy
whynowy approved these changes Jun 25, 2020
View reviewed changes
Copy link
Member

@whynowy whynowy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

Following part is not related, but it looks confusing - Kubeconfig base 64 encoded in rest-api.md.

The server can be configured with or without client auth (`server --auth-mode client`). When it is disabled, then clients must pass their Kubeconfig base 64 encoded in the HTTP `Authorization` header:

@alexec alexec marked this pull request as ready for review June 25, 2020 23:59
@alexec alexec merged commit 3fe6ecc into argoproj:master Jun 25, 2020
@alexec alexec deleted the access-token branch June 25, 2020 23:59
alexec added a commit that referenced this pull request Jun 26, 2020
@alexec
docs: Document access token creation and usage (#3316)
36cbcfb
@alexec alexec linked an issue Jun 27, 2020 that may be closed by this pull request
Access token based authentication #3313
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@whynowy whynowy whynowy approved these changes

@simster7 simster7 Awaiting requested review from simster7

@jessesuen jessesuen Awaiting requested review from jessesuen

@sarabala1979 sarabala1979 Awaiting requested review from sarabala1979

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Access token based authentication
2 participants
@alexec @whynowy