From 562cc3e10081d0a0e441e975b1f4a4b12e23aac3 Mon Sep 17 00:00:00 2001 From: Christopher Hein Date: Tue, 10 Apr 2018 00:56:23 -0700 Subject: [PATCH] Updates based on feedback Signed-off-by: Christopher Hein --- README.md | 4 ++-- cmd/heptio-authenticator-aws/token.go | 4 +--- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 021d71304..4df6c5026 100644 --- a/README.md +++ b/README.md @@ -87,7 +87,7 @@ systemctl restart kubelet.service Finally, once the server is set up you'll want to authenticate! You will still need a `kubeconfig` that has the public data about your cluster (cluster CA certificate, endpoint address). -The `users` section of your configuration, however, can be mostly blank: +The `users` section of your configuration, however, should include an exec section ([refer to the v1.10 docs](https://kubernetes.io/docs/admin/authentication/#client-go-credential-plugins)):: ```yaml # [...] users: @@ -112,7 +112,7 @@ Make sure you have the `heptio-authenticator-aws` binary installed. You can install it with `go get -u -v github.com/heptio/authenticator/cmd/heptio-authenticator-aws`. To authenticate, run `kubectl --kubeconfig /path/to/kubeconfig" [...]`. -kubectl will handle `exec`'ing the `heptio-authenticator-aws` binary with the supplied params in your kubeconfig which will generate a token and pass it to the apiserver. +kubectl will `exec` the `heptio-authenticator-aws` binary with the supplied params in your kubeconfig which will generate a token and pass it to the apiserver. The token is valid for 15 minutes (the shortest value AWS permits) and can be reused multiple times. You can also omit `-r ROLE_ARN` to sign the token with your existing credentials without assuming a dedicated role. diff --git a/cmd/heptio-authenticator-aws/token.go b/cmd/heptio-authenticator-aws/token.go index cfaec4b6a..fc651b306 100644 --- a/cmd/heptio-authenticator-aws/token.go +++ b/cmd/heptio-authenticator-aws/token.go @@ -58,9 +58,7 @@ var tokenCmd = &cobra.Command{ fmt.Fprintf(os.Stderr, "could not get token: %v\n", err) os.Exit(1) } - - enc := gen.FormatJSON(tok) - fmt.Println(enc) + fmt.Println(gen.FormatJSON(tok)) }, }