{"id":18869195,"url":"https://github.com/faan11/koch","last_synced_at":"2025-10-28T17:49:19.556Z","repository":{"id":168675651,"uuid":"624757685","full_name":"faan11/koch","owner":"faan11","description":"Kubernetes oc helpers","archived":false,"fork":false,"pushed_at":"2024-05-10T16:08:47.000Z","size":39,"stargazers_count":4,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-14T15:13:45.823Z","etag":null,"topics":["authentication","koch","kubernetes-cluster","openshift-v3","openshift-v4","security-tools"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/faan11.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-04-07T07:26:17.000Z","updated_at":"2024-12-31T00:20:38.000Z","dependencies_parsed_at":"2024-05-10T17:26:17.824Z","dependency_job_id":"ae64a002-82b1-4a59-8283-2589092b9519","html_url":"https://github.com/faan11/koch","commit_stats":null,"previous_names":["faan11/koch"],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/faan11%2Fkoch","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/faan11%2Fkoch/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/faan11%2Fkoch/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/faan11%2Fkoch/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/faan11","download_url":"https://codeload.github.com/faan11/koch/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248904637,"owners_count":21180835,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","koch","kubernetes-cluster","openshift-v3","openshift-v4","security-tools"],"created_at":"2024-11-08T05:16:08.184Z","updated_at":"2025-10-28T17:49:14.507Z","avatar_url":"https://github.com/faan11.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n\u003cp align=\"center\"\u003e\n    \u003cimg width=\"400\" src=\"https://raw.githubusercontent.com/faan11/koch/master/images/logo.webp\" alt=\"Koch logo\"\u003e\n\u003c/p\u003e\n\n\n# What is Koch \n\nKoch is a minimal sh script that works around **oc** tool, that is:\n\n- **Fast:** one login and you are ready to go,\n- **Simple:** based on lightweight commands such as curl and yq,\n- **Secure:** Koch creates temporary token using cli and you don't need anymore service account and the web console to login!, \n- **Configurable:** all clusters are defined in a yaml file similar to other tools,\n- **Supported:** Koch supports Openshift® v3.x and 4.x\n- **Easy:** quick to install – start using it in minutes.\n- **Interoperable:** support for Mac and Linux  operating systems\n\nAuthentication can be achieved through:\n- **Prompt:** the CLI requests user and password data\n- **Bitwarden:** the bitwarden client by looking at user and password in a strongbox entry.\n\n## Installation\n\n### Prerequisites\n- sh, used to execute the script\n- perl, used to parse the access token in the folder (tested with v5.30.3 and v5.36.0)\n- [yq](https://github.com/mikefarah/yq), used to manage yaml configuration (tested with v4.33.0)\n- [curl](https://github.com/curl/curl), used to request temporary authentication token\n- [oc](https://github.com/openshift/oc), used to perform login and logout operation once received the token.\n- [bw](https://github.com/bitwarden/clients)  (bitwarden-cli, optional), used to request credentials\n- [jq](https://github.com/stedolan/jq) (optional), used to parse credentials json \n\n### Recommended software\n- [starship](https://github.com/starship/starship), used to know the current kubectl context \n- [kubectx](https://github.com/ahmetb/kubectx), to change between kubectl context\n- [kubens](https://github.com/ahmetb/kubectx), to change the current namespace\n- [fzf](https://github.com/junegunn/fzf) , to properly select the kubernetes context and namespace\n\n### Download and install\nThis script downloads and install the koch script in the bin directory of the user. You can also install system-wide.\n```bash\ncurl -o koch https://raw.githubusercontent.com/faan11/koch/1.2.1/koch\nmv koch $HOME/.local/bin/\nchmod +x $HOME/.local/bin/koch\n```\n## Usage\nYou can get the help command by simply typing\n```bash\nkoch\n```\n\nThe following command defines a cluster configuration.\n```bash\nkoch define \u003ccontext-name\u003e --oauth=\"$AUTH_SERVER\" --api=\"$API_SERVER\" --context=\"$KUBECTL_CONTEXT\" --secrethandler=\"$SECRETHANDLER\" --secretname=\"$SECRETNAME\" --insecure=\"true\"\n```\nwhere context-name represents the cluster configuration name.  \n**$AUTH\\_SERVER** represents the scheme and the host used to point out the authentication server ( for instance https://myauthservice.com ).  \n**$API\\_SERVER** is the scheme and the host of api server used to perform login (for instance, https://apiserver:6443 ).\n\nOnce the configuration is defined, the user can perform authentication by using the context name.\n\nAuthentication can be done in two ways:\n- **private authentication (recommended)**: This type of authentication performs login and opens a new shell. The authentication will be available only to the new shell. Once it is closed, the context is removed and the terminal can view the system kubectl context. This procedure is advised due to the following advantages:  \n    - **Isolation**: The system can't access the token by default.\n    - **Temporary**: Once the shell is closed, Koch releases the authentication token.\n\n   A private shell can be created with the following command: \n   ```bash \n   koch psh \u003ccontext-name\u003e \n   ```\n\n- **user authentication**: User authentication saves the context in the default **KUBECONFIG** environment file. The following command can request the temporary authentication token and perform authentication using oc login.\n```bash \nkoch login \u003ccontext-name\u003e \n```\nKoch logout performs the logout operation.\n```bash\nkoch logout\n```\n### Autocompletion\nKoch supports only bash and zsh shell autocompletion.\nThe autocompletion is limited to the login command. It is used to filter koch profiles.\n```bash\neval \"$(koch completion zsh)\" # inside your .zshrc file\neval \"$(koch completion bash)\" # inside your .bashrc file\n```\n## How to contribute\nFeel free to open an issue in the repo and proposes new ideas.\n \n## Contributors\n- Fabio Pagnotta \u003cfabiopagnotta.92@gmail.com\u003e\n- Vladimir Mozharov \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffaan11%2Fkoch","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffaan11%2Fkoch","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffaan11%2Fkoch/lists"}