Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🚀 Feature: Allow to add credentials ( username/password) authentication in Kubernetes plugin #27475

Open
2 tasks done
ajaykanse opened this issue Nov 4, 2024 · 1 comment
Labels
area:kubernetes Related to the Kubernetes Project Area - not deploying Backstage with k8s. enhancement New feature or request

Comments

@ajaykanse
Copy link

🔖 Feature description

Currently Kubernetes plugin allow ServiceAccountToken as one of the way to authenticate with clusters. Many of the organization doesn't allow to use service account for authentication due to Audit and security restrictions and tracking. Helm or even kubectl allows user authentication to clusters. Hence the Kubernetes plugin should allow user authentication as well.

🎤 Context

Its known that Service account tokens are long lived however many organization doesn't allow it and expects to have either Service ids ( such AD ids ) or real ids to be used for login to clusters. Providing the ability to use uername/passwrod for authetication can extract token for the user on the fly using API and use that as token for authentication.

✌️ Possible Implementation

No response

👀 Have you spent some time to check if this feature request has been raised before?

  • I checked and didn't find similar issue

🏢 Have you read the Code of Conduct?

Are you willing to submit PR?

None

@ajaykanse ajaykanse added the enhancement New feature or request label Nov 4, 2024
@jhaals jhaals added the area:kubernetes Related to the Kubernetes Project Area - not deploying Backstage with k8s. label Nov 7, 2024
@Jenson3210
Copy link
Contributor

I think not all k8s providers/implementations support the same username/password logins and that's what makes it harder to develop in a generic way.
I believe that's why the framework authors have provided the docs to create your own authStrategy
It was not really possible to start your app with a custom one present due to config validation but that should now be fixed in the coming release due to my PR.

I did not validate that this is 100% working as I am waiting for the next release, but I was able to connect to our k8s implementation using custom auth strategy before.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area:kubernetes Related to the Kubernetes Project Area - not deploying Backstage with k8s. enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

3 participants