You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Current omnictl/kubectl/talosctl authentication appears to be a passive UX, and each tool authenticates individually resulting in a UX friction and an inconsistent auth experience.
Additionally, per @rothgar 's observation we should also support multi cluster auth on a per Omni basis.
Solution
Enhance omnictl with a single oidc credential handler set of subcommand that correctly provision credentials in one go for all 3 tools with appropriate flags to constrain local credential provisioning more granularly when desired.
Also worth considering on this auth command flow is --force-rotate which should be able to clear current credentials and re-create files/directories for credentials from scratch on demand to resolve issue with "file not found" type errors that require manually tracking down and purging current auth artifacts in devcontainer settings.
Alternative Solutions
na
Notes
No response
The text was updated successfully, but these errors were encountered:
Problem Description
Current omnictl/kubectl/talosctl authentication appears to be a passive UX, and each tool authenticates individually resulting in a UX friction and an inconsistent auth experience.
Additionally, per @rothgar 's observation we should also support multi cluster auth on a per Omni basis.
Solution
Enhance omnictl with a single oidc credential handler set of subcommand that correctly provision credentials in one go for all 3 tools with appropriate flags to constrain local credential provisioning more granularly when desired.
Also worth considering on this auth command flow is
--force-rotate
which should be able to clear current credentials and re-create files/directories for credentials from scratch on demand to resolve issue with "file not found" type errors that require manually tracking down and purging current auth artifacts in devcontainer settings.Alternative Solutions
na
Notes
No response
The text was updated successfully, but these errors were encountered: