Skip to content

Latest commit

 

History

History
20 lines (14 loc) · 739 Bytes

File metadata and controls

20 lines (14 loc) · 739 Bytes

Service Account Issuer Discovery

reuse compliant

A simple server that allows exposing the OpenID discovery documents of a Kubernetes cluster.

Work in progress... Partial documentation ahead.

Quick start

To run the server with minimal configuration export the KUBECONFIG environment variable and run:

go run ./cmd/service-account-issuer-discovery/main.go --hostname=<issuer-of-cluster>

Or pass the kubeconfig as a flag:

go run ./cmd/service-account-issuer-discovery/main.go --kubeconfig=<path-to-my-kubeconfig> --hostname=<issuer-of-cluster>

Retrieve the well-known document by querying /.well-known/openid-configuration.