Design login command #30

iancoffey · 2021-07-06T17:23:37Z

Review the design of the login plugin

Context from 2021-01-29 17:51:04
User: timothysc
At minimum we should have a plan in place.

Context from 2021-02-17 15:28:45
User: mattmoyer
Some issues to consider in this design:

How do we bootstrap trust into a management cluster where I don't have the self-signed CA bundle yet? This is very similar to the boostrapping problem in kubeadm join, and I think we could use a similar approach to kubeadm
How do we express "login to SaaS" and "login to TKG" in the least confusing way? Can we unify the "login to SaaS" flow across multiple CSP-based services (TMC + TSM)?

I'm sure there are a bunch more things to consider, this is just some rough notes after discussions yesterday.

The text was updated successfully, but these errors were encountered:

iancoffey added area/cli kind/design Issue/PR as related to design. migration/imported priority/important-soon lifecycle/active labels Jul 6, 2021

iancoffey assigned enj Jul 9, 2021

vuil added the area/auth label Oct 18, 2021

ankeesler added this to the Icebox milestone Oct 19, 2021

ankeesler added area/iam Related to identity access management and removed area/auth labels Mar 24, 2022

saji-pivotal closed this as completed Aug 4, 2022

saji-pivotal reopened this Aug 4, 2022

saji-pivotal added the not-core-cli label Aug 4, 2022

Provide feedback