https://github.com/ripta/dexctl
Quick-n-dirty CLI for coreos/dex
https://github.com/ripta/dexctl
Last synced: 2 months ago
JSON representation
Quick-n-dirty CLI for coreos/dex
- Host: GitHub
- URL: https://github.com/ripta/dexctl
- Owner: ripta
- Created: 2018-03-11T09:28:40.000Z (almost 8 years ago)
- Default Branch: master
- Last Pushed: 2022-05-03T12:29:16.000Z (over 3 years ago)
- Last Synced: 2025-02-16T09:43:03.516Z (11 months ago)
- Language: Go
- Size: 1.96 MB
- Stars: 2
- Watchers: 2
- Forks: 1
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
dexctl
======
dexctl is an unofficial command line tool for
[dex](https://github.com/coreos/dex/), because there is no official one for dex
v2. This tool is made available as-is: no guarantees of compatibility.
Quickstart
----------
1. Generate certificates using `bin/cert-gen`.
2. Create secret in same namespace as `dex` with the server.crt, server.key,
and ca.crt.
3. Mount the secret into `/var/dex/certs`.
4. Enable gRPC on dex:
```
grpc:
addr: 0.0.0.0:5557
tlsCert: /var/dex/certs/server.crt
tlsKey: /var/dex/certs/server.key
tlsClientCA: /var/dex/certs/ca.crt
```
5. Restart the pods if necessary.
6. Use kubectl to port-forward into one of the pods at port 5557.
7. Run dexctl like:
```
./dexctl -ca-cert certs/ca.crt -client-cert certs/client.crt -client-key certs/client.key
```
8. You can give dexctl a path to a YAML file. The YAML file looks like:
```
id: "kubectl"
name: "Kubernetes CLI (kubectl)"
secret: "XXX-REDACTED-XXX"
public: true
```
Refer to `type Client` in `vendor/github.com/coreos/dex/api/api.pb.go` to see
the full structure. The struct does not (as of March 2018) come with YAML tags;
the YAML keys should be lowercased in such a case (e.g., `redirecturis`).