Describe the solution you'd like:
A website for kconnect should be available with documentation etc

Why do you want this feature:

Anything else you would like to add:
This could also be available via netlify instead

Problem
Entering the full url for --idp-endpoint can cause kconnect to fail, as it automatically appends "/idp/startSSO.ping?" to the url

Example:
"https://pfprd.fmr.com/idp/startSSO.ping" fails, but: just "https://pfprd.fmr.com" works

Solution:
If the url ends with "idp/startSSO.ping", do not append it, so both versions of the url would work

Why do you want this feature:
Will make the CLI more user friendly

Describe the solution you'd like:
We should scan our dependencies using Synk to be alerted to any vulnerabilities

Why do you want this feature:

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Describe the solution you'd like:
Support output in the following formats (if it makes sense for the command):

• JSON
• YAML
• Table
• Short

Why do you want this feature:
As a user i might want the output of the history ot list of clusters in a specific format to aid with reading or programmatic interpretation.

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Describe the solution you'd like:
I want to be able to supply configuration via a config file. It should look for a default config file in $HOME/.kconnect/config

Why do you want this feature:

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

We need to add issue and PR template files.

The issue templates should cover:

• Bug reports
• Feature requests

For PR requests setup GitHub actions to automatically add size labels

Implement the version and help commands

Describe the solution you'd like:
Make some/all the functionality of kconnect available as kubectl plugin

Why do you want this feature:

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Create the initial discover and authentication plugin interfaces.

Describe the solution you'd like:
We need to be able to interactively resolve flags for the EKS provider if they are not supplied. For example, if role isn't supplied we should query for roles using the AWS API (with potential filter) and then allow the user to pick a role. This picked value would then be assigned to the flag

Why do you want this feature:
To support the interactive user flow

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Describe the solution you'd like:
I would like to be able to install kconnect on windows using chocolatey

Why do you want this feature:
So i can use a windows package manager

Anything else you would like to add:
See: https://chocolatey.org/

We need to create additional repo files:

• CODEOWNERS
• SECURITY_CONTACTS
• code-of-conduct.md

Create the base Go project for the CLI

Implement the generate command to create a kubeconfig for a specific cluster

Describe the solution you'd like:
We need to create the SECURITY.md file that specifies the security policy for the project

Why do you want this feature:
So users of the project are aware of the security policy.

Describe the solution you'd like:
[A clear and concise description of what you want to happen.]

Why do you want this feature:

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

We need to create the initial CONTRIBUTING.md guide that will guide potential contributors through how they go about contributing to the project.

Describe the solution you'd like:
I can to be able to set default values that can be used later by other commands instead of specifying flags. This should save the defaults to a file (see #28 )

Why do you want this feature:

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Describe the solution you'd like:
Support using the AWS CLI (as well as the IAM authenticator) for autenticating to a EKS cluster

Why do you want this feature:

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Implement the use command that given a platform will talk you through connecting to a cluster in that platform.

Describe the solution you'd like:
kconnect should check if there is a newer release and inform the user if there is.

The version information embedded in the binary can be used to compare against the GitHub releases

Why do you want this feature:
So that the user knows there is a new version available.

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

What happened:
When i run kconnect use eks --idp-protocol saml it asks you to select your identity provider but the PingNTLM provider isn't listed.

What did you expect to happen:
I expect to be able to select PingNTLM from the list

How to reproduce it:
Run kconnect use eks --idp-protocol saml

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Environment:

• kconnect version (use kconnect version):

version: 0.0.1-rc.2
builddate: "2020-08-25T09:16:38Z"
commithash: 80d6192676fe312b952186656f93f4b0b9534845
goversion: go1.13.15
platform: darwin/amd64
compiler: gc

• Kubernetes version (use kubectl version):

Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.8", GitCommit:"9f2892aab98fe339f3bd70e3c470144299398ace", GitTreeState:"clean", BuildDate:"2020-08-14T11:09:22Z", GoVersion:"go1.14.7", Compiler:"gc", Platform:"darwin/amd64"}
The connection to the server localhost:8080 was refused - did you specify the right host or port?

• OS (e.g. from /etc/os-release): osx
• Target environment (e.g. EKS, AKS, Rancher): EKS
• Authentication Used (e.g. SAML, IAM, Azure AD):

What happened:
I connect to a cluster
./kconnect use eks --region us-east-1 --set-current
This works fine, current context in KUBECONFIG is set correctly
I run kconnect again, with a different region
./kconnect use eks --region us-east-2 --set-current
The current context is still referencing us-east-1 cluster and has not been updated

What did you expect to happen:
For current context in KUBECONFIG to be updated with new cluster

How to reproduce it:
Run kconnect twice using --set-current, with different regions (possibly clusters also)

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Environment:

• kconnect version (use kconnect version): from main branch
• Kubernetes version (use kubectl version): NA
• OS (e.g. from /etc/os-release): linux
• Target environment (e.g. EKS, AKS, Rancher): EKS
• Authentication Used (e.g. SAML, IAM, Azure AD): SAML

What happened:
I am trying to set the log level to debug using --log-level DEBUG but no debug logs are output.

What did you expect to happen:
I expect to see DEBUG log entries

How to reproduce it:

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Environment:

• kconnect version (use kconnect version):

version: 0.0.1-rc.1
builddate: "2020-08-05T12:25:39Z"
commithash: a0c7778253552629a6770e4ec3caddf9dd3c7c64
goversion: go1.13.14
platform: darwin/amd64
compiler: gc

• Kubernetes version (use kubectl version):
• OS (e.g. from /etc/os-release): Mac
• Target environment (e.g. EKS, AKS, Rancher): EKS
• Authentication Used (e.g. SAML, IAM, Azure AD): SAML

We need to add the initial design/proposal documentation for kconnect. And open it up to review.

Implement the SAML authentication plugin, along with AWS specific assume role functionality.

Potentially use this as a package:
https://github.com/Versent/saml2aws

Describe the solution you'd like:
I would like a way to validate a struct (that represents the values from the flags) in a more idiomatic way for Go. It would be good to use tags on structs to do this. Perhaps one of these packages would be good:

• ozzo-validation
• validator.v10

Why do you want this feature:

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Describe the solution you'd like:
I'd like to be able to install kconnect on Linux via a .deb or .rpm

Why do you want this feature:

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

What happened:
Log messages are not showing where kubeconfig file is being generated
INFO[0015] Writing kubeconfig to package =kubeconfig

What did you expect to happen:
For log messages to show full path of kubeconfig generated
Writing kubeconfig to /home/a567910/.kube/config

How to reproduce it:
By running: ./kconnect use eks

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Environment:

• kconnect version (use kconnect version): 0.0.1-rc.2
• Kubernetes version (use kubectl version): NA
• OS (e.g. from /etc/os-release): Linux, Windows
• Target environment (e.g. EKS, AKS, Rancher): EKS
• Authentication Used (e.g. SAML, IAM, Azure AD): SAML

What happened:
I do kconnect use eks to generate the kubeconfig for a cluster. If i run the command again and select the same cluster the kubeconfig merge fails.

What did you expect to happen:
I would expect there to be no error:

• if all the parameters are the same we should probably not modify the kubeconfig except setting the current context

How to reproduce it:

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Environment:

• kconnect version (use kconnect version): 0.1.0-rc.1
• Kubernetes version (use kubectl version):
• OS (e.g. from /etc/os-release):
• Target environment (e.g. EKS, AKS, Rancher): EKS
• Authentication Used (e.g. SAML, IAM, Azure AD): SAML

Describe the solution you'd like:
We should introduce some additional utility functions to aid the UX. Specifically to help with the --idp-provider flag. This can have 16 different values at the moment and its unrealistic to add these to help string.

Perhaps a new command that will list them out:

kconnect saml list-idp-providers

Why do you want this feature:

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Describe the solution you'd like:
When running kconnect use eks, if a region is not specified then it will use the default of us-west-2
Make changes so that if no region is specified, user will enter region interactively
If region is specified in config file, then do not prompt user for region

Why do you want this feature:
It will make using kconnect easier and makes it less confusing

Describe the solution you'd like:
When using kconnect use it would be useful if there was an option to set the current context in the kubeconfig based on the generated context.

Suggested that a new flag be added to the use command called --set-current

Why do you want this feature:
This will save the user having to manually set the context.

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Implement the release pipeline for the target platforms:

• Linux
• Mac
• Windows

Use GoReleaser to help:
https://github.com/goreleaser/goreleaser

Describe the solution you'd like:
kubeconfig package should have a simple client that lets other packages in this project use it to load/modify kubeconfig files.

Why do you want this feature:
To abstract away kubeconfig management from other packages so that they can focus on their core work.

Describe the solution you'd like:
Make kconnect available as a snap (and from the snapstore).

Why do you want this feature:
This will enable the user to install kconnect via snap on linux

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Describe the solution you'd like:
I would like a ls command that shows a list of clusters that i have connected to previously. It should show the clusters listed by platform and indicate if you are still logged in, if its your current context and any aliases:

aks:
  cluster1234 (alias: pe1)          [logged in, current context]
  cluster567                              [logged in]

eks:
  cluster987 (alias: pe2)          [logged out]


**Why do you want this feature:**
As a reminder what clusters i have connected to and as a convience to reconnect to

**Anything else you would like to add:**
[Miscellaneous information that will assist in solving the issue.]

Create the discovery plugin for AKS clusters in Azure

Create CI pipeline using GitHub Actions

The README file needs updating with the initial information for the project.

Implement the Azure AD authentication plugin. We should probably replicate what az login does. See this.

We should also support the azure environment authorizer, file authorizer and service principal.

The Auth Code Flow that az login uses is very similar to the OAuth Auth Code Flow. This could potentially be re-used.

What happened:
Running kconnect use eks.
First connect to a cluster in one region, this works fine
Connect to a second cluster in another region, using the same aws profile name (saml), the user section in KUBECONFIG is not updated, and hence not allowing connections to the cluster

What did you expect to happen:
For the user section to be updated appropriately

How to reproduce it:
Run kconnect use eks for one region, then another, using the same AWS profile name

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Environment:

• kconnect version (use kconnect version): from main branch
• Kubernetes version (use kubectl version): NA
• OS (e.g. from /etc/os-release): linux
• Target environment (e.g. EKS, AKS, Rancher): EKS
• Authentication Used (e.g. SAML, IAM, Azure AD): SAML

Create the discovery plugin that queries rancher for clusters

What happened:
Multiple history entries are being written for the same connection. If the connection parameters are the same then no history item should be written

What did you expect to happen:

How to reproduce it:

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Environment:

• kconnect version (use kconnect version): 0.1.0.rc.1
• Target environment (e.g. EKS, AKS, Rancher): EKS
• Authentication Used (e.g. SAML, IAM, Azure AD): SAML

Describe the solution you'd like:
Alert the user to new functionality if they don't appear to be using it. For example if they go through the use\to commands all the time and never use history (i.e. ls).

Why do you want this feature:
So that users are informed that there is functionality that may benefit them.

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

While accessing the clusters in prod environment, we would like to have a provision for two step process 1) select the cluster (prod or non-prod) and 2) in case of prod, enter the CM/SD ticket (or prompt - "accessing prod..."). Also is it possible to restrict the access to clusters based on a CIDR block?

Why do you want this feature:

Due to SOC requirements, we would like to distinguish the environments based on login. Same user with same permissions for prod and non prod - while logging into prod cluster need to be notified that prod clusters are high priority/sensitive/activities recorded.

We can have features :
To prompt the risk acceptance for accessing production clusters
Add-on plugin to Kconnect to restrict access only from particular CIDR block
Add-on prompt for SD/CM ticket while accessing prod clusters..

Describe the solution you'd like:
I would like to be able to install kconnect on Windows using winget.

Why do you want this feature:

Anything else you would like to add:
Currently in preview: https://github.com/microsoft/winget-cli

Create the plugin for discovering EKS clusters in AWS

Describe the solution you'd like:
Currently you can use the '--set-current' to indicate you want the current context set in the kubeconfig. This should be the default behaviour and then there is a flag to disable current context

Why do you want this feature:

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]