Add SKE login command (#157)

* Add SKE login command

Co-authored-by: Maximilian Geberl <[email protected]>

* Different improvement from code review

* remove unused function

* rearrange functions and improve error messages

* Add tests for cache pkg

* Extend kubeconfig create command with flag to retrieve login kubeconfig

* small extension to the kubeconfig login description

* improve descriptions and examples

* fix yaml output

* codereview: use os.UserCacheDir instead of external lib

* codereview: drop parseInput and use parseClusterConfig directly; move cacheKey into clusterConfig

* codereview: add one nil check

* codereview: print user facing error that explains that the login command should not be used directly

* fixup! codereview: use os.UserCacheDir instead of external lib

* codereview: first try at improving the description

* generate-docs

* Add tests for login (buildRequest & parseKubeConfigToExecCredential

* cache: call Init func directly and return err

* use p.Outputf instead of cmd.Print

---------

Co-authored-by: Maximilian Geberl <[email protected]>

Author: Kumm-Kai

.gitignore

@@ -4,6 +4,7 @@ dist/
 
 # IDE
 .vscode
+.idea
 
 # OS generated files
 .DS_Store

docs/stackit_ske_kubeconfig.md

@@ -30,4 +30,5 @@ stackit ske kubeconfig [flags]
 
 * [stackit ske](./stackit_ske.md)	 - Provides functionality for SKE
 * [stackit ske kubeconfig create](./stackit_ske_kubeconfig_create.md)	 - Creates a kubeconfig for an SKE cluster
+* [stackit ske kubeconfig login](./stackit_ske_kubeconfig_login.md)	 - Login plugin for kubernetes clients
 

docs/stackit_ske_kubeconfig_create.md

@@ -21,6 +21,9 @@ stackit ske kubeconfig create CLUSTER_NAME [flags]
   Create a kubeconfig for the SKE cluster with name "my-cluster"
   $ stackit ske kubeconfig create my-cluster
 
+  Get a login kubeconfig for the SKE cluster with name "my-cluster". This kubeconfig does not contain any credentials and instead obtains valid credentials via the `stackit ske kubeconfig login` command.
+  $ stackit ske kubeconfig create my-cluster --login
+
   Create a kubeconfig for the SKE cluster with name "my-cluster" and set the expiration time to 30 days
   $ stackit ske kubeconfig create my-cluster --expiration 30d
 
@@ -37,6 +40,7 @@ stackit ske kubeconfig create CLUSTER_NAME [flags]
   -e, --expiration string   Expiration time for the kubeconfig in seconds(s), minutes(m), hours(h), days(d) or months(M). Example: 30d. By default, expiration time is 1h
       --filepath string     Path to create the kubeconfig file. By default, the kubeconfig is created as 'config' in the .kube folder, in the user's home directory.
   -h, --help                Help for "stackit ske kubeconfig create"
+  -l, --login               Create a login kubeconfig that obtains valid credentials via the STACKIT CLI. This flag is mutually exclusive with the expiration flag.
 ```
 
 ### Options inherited from parent commands

docs/stackit_ske_kubeconfig_login.md

@@ -0,0 +1,45 @@
+## stackit ske kubeconfig login
+
+Login plugin for kubernetes clients
+
+### Synopsis
+
+Login plugin for kubernetes clients, that creates short-lived credentials to authenticate against a STACKIT Kubernetes Engine (SKE) cluster.
+First you need to obtain a kubeconfig for use with the login command (first example).
+Secondly you use the kubeconfig with your chosen Kubernetes client (second example), the client will automatically retrieve the credentials via the STACKIT CLI.
+
+```
+stackit ske kubeconfig login [flags]
+```
+
+### Examples
+
+```
+  Get a login kubeconfig for the SKE cluster with name "my-cluster". This kubeconfig does not contain any credentials and instead obtains valid credentials via the `stackit ske kubeconfig login` command.
+  $ stackit ske kubeconfig create my-cluster --login
+
+  Use the previously saved kubeconfig to authenticate to the SKE cluster, in this case with kubectl.
+  $ kubectl cluster-info
+  $ kubectl get pods
+```
+
+### Options
+
+```
+  -h, --help   Help for "stackit ske kubeconfig login"
+```
+
+### Options inherited from parent commands
+
+```
+  -y, --assume-yes             If set, skips all confirmation prompts
+      --async                  If set, runs the command asynchronously
+  -o, --output-format string   Output format, one of ["json" "pretty" "none" "yaml"]
+  -p, --project-id string      Project ID
+      --verbosity string       Verbosity of the CLI, one of ["debug" "info" "warning" "error"] (default "info")
+```
+
+### SEE ALSO
+
+* [stackit ske kubeconfig](./stackit_ske_kubeconfig.md)	 - Provides functionality for SKE kubeconfig
+

go.mod

@@ -29,6 +29,14 @@ require (
 	golang.org/x/oauth2 v0.20.0
 	golang.org/x/term v0.20.0
 	golang.org/x/text v0.15.0
+	k8s.io/apimachinery v0.29.2
+	k8s.io/client-go v0.29.2
+)
+
+require (
+	golang.org/x/net v0.20.0 // indirect
+	golang.org/x/time v0.5.0 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
 )
 
 require (
@@ -41,17 +49,23 @@ require (
 	github.com/alessio/shellescape v1.4.2 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.3 // indirect
 	github.com/danieljoos/wincred v1.2.1 // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/fsnotify/fsnotify v1.7.0 // indirect
+	github.com/go-logr/logr v1.3.0 // indirect
 	github.com/godbus/dbus/v5 v5.1.0 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
+	github.com/imdario/mergo v0.3.6 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/magiconair/properties v1.8.7 // indirect
 	github.com/mattn/go-runewidth v0.0.15 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
-	github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pelletier/go-toml/v2 v2.1.1 // indirect
 	github.com/rivo/uniseg v0.4.4 // indirect
-	github.com/rogpeppe/go-internal v1.10.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/sagikazarmark/locafero v0.4.0 // indirect
 	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
@@ -69,7 +83,13 @@ require (
 	go.uber.org/multierr v1.11.0 // indirect
 	golang.org/x/exp v0.0.0-20240119083558-1b970713d09a // indirect
 	golang.org/x/sys v0.20.0 // indirect
-	gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
+	k8s.io/api v0.29.2 // indirect
+	k8s.io/klog/v2 v2.110.1 // indirect
+	k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
+	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
+	sigs.k8s.io/yaml v1.3.0 // indirect
 )