GitHub Authentication for Kubernetes — a Step-by-Step Guide

What Is SSO for Kubernetes?

Implementing GitHub SSO for Kubernetes

Configuring Loft in Your Cluster

minikube start
# Mac terminal

curl -s -L "https://github.com/loft-sh/loft/releases/latest" | sed -nE 's!.*"([^"]*loft-darwin-amd64)".*!https://github.com\1!p' | xargs -n 1 curl -L -o loft && chmod +x loft;

sudo mv loft /usr/local/bin;
# Linux Bash

curl -s -L "https://github.com/loft-sh/loft/releases/latest" | sed -nE 's!.*"([^"]*loft-linux-amd64)".*!https://github.com\1!p' | xargs -n 1 curl -L -o loft && chmod +x loft;

sudo mv loft /usr/local/bin;
# Windows PowerShell

md -Force "$Env:APPDATA\loft"; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]'Tls,Tls11,Tls12';

Invoke-WebRequest -UseBasicParsing ((Invoke-WebRequest -URI "https://github.com/loft-sh/loft/releases/latest" -UseBasicParsing).Content -replace "(?ms).*`"([^`"]*loft-windows-amd64.exe)`".*","https://github.com/`$1") -o $Env:APPDATA\loft\loft.exe;

$env:Path += ";" + $Env:APPDATA + "\loft";

[Environment]::SetEnvironmentVariable("Path", $env:Path, [System.EnvironmentVariableTarget]::User);

# Ensure you add the folder %APPDATA%\loft to the PATH environment variable after installation, then reboot your computer afterward.
loft start
loft reset password
loft login https://localhost:9898  --insecure

Configuring GitHub with Loft

auth:
github:
clientId: $CLIENTID
clientSecret: $CLIENTSECRET
redirectURI: $CALLBACK_URL
loft start
loft login https://localhost:9898  --insecure

Impersonating a Developer

Granting Developers Access to a Cluster

loft use cluster [NAME_OF_CLUSTER]

Conclusion

--

--

--

>> www.loft.sh << Build Your Internal Kubernetes Platform With Virtual Clusters, Namespace Self-Service & Secure Multi-Tenancy

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Hawk Network’s Month of April Achievements🔥

Infrastructure, Platform, and Software as a Service — What’s the difference?

Introduction to “Lookup” Activity in Azure Data Factory

A Non-Coder’s Primer on Code Branching

Python Tuples

C# Basics Part 1: The Variable

Infrastructure-as-a-Service Predictions for 2017 — Cloud Computing on CIO Today

Dear Vendor: Can you do better when deploying software to Higher Education?

Listen More

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Loft Labs

Loft Labs

>> www.loft.sh << Build Your Internal Kubernetes Platform With Virtual Clusters, Namespace Self-Service & Secure Multi-Tenancy

More from Medium

Accessing Kubernetes API Server When There Is An Egress NetworkPolicy

Scaling Kubernetes Workloads: Proactive Autoscaling using KEDA

Log monitoring and alarm solution for cloud native environment

How to Improve the Security of Your Applications with Kubernetes Security Scanners