Proposal: Single-binary EKS authentication plugin for cluster-inventory-api #35
Description
Summary
I would like to contribute an EKS authentication plugin that operates as a single binary to the cluster-inventory-api project. This plugin has been developed, tested, and is working very well.
Motivation
Current cloud vendor CLIs (like AWS CLI) come with numerous dependencies, which can be problematic for certain use cases:
- Dependency bloat: Many users need only authentication functionality but must install entire CLI suites
- Security concerns: Large dependency trees increase attack surface and maintenance burden
- Performance: Lightweight single binaries are faster to download and execute
While dependency-heavy CLIs work fine for some users, having a lightweight, single-binary alternative maintained by kubernetes-sigs would:
- Serve as a model implementation for the community
- Enable efficient OCI-based distribution via Image Volumes
- Reduce barriers for users in restricted or minimal environments
Few people would be comfortable with suddenly having to deal with numerous dependencies when they've gone to the trouble of developing a controller in Go and providing it as a single binary.
Proposed Solution
I have developed and tested a single-binary EKS authentication plugin that successfully addresses these concerns:
Repository: https://github.com/labthrust/clusterprofile-credentials-plugins/tree/main/cmd/eks-aws-auth-plugin
Key Features
- ✅ Single binary with no external dependencies
- ✅ Tested and working reliably
Contribution Offer
I would like to donate this code to the cluster-inventory-api project to:
- Provide a sig-maintained alternative to vendor CLIs
- Establish a reference implementation for other cloud providers
Questions for Maintainers
Would the cluster-inventory-api project be interested in accepting this contribution?
Thank you for considering this proposal.