Commit 72ef722
Add GCP OAuth authentication support for GKE clusters
This implementation adds GCP OAuth 2.0 authentication to Headlamp, replacing
the deprecated Identity Service for GKE. Users can authenticate with their
Google Cloud account, and the authentication tokens are used to access
Kubernetes resources with proper RBAC.
Backend changes:
- New GCP authenticator package with RFC 7636-compliant PKCE support
- OAuth HTTP handlers for login, callback, and token refresh
- Configuration via environment variables
- Token caching and automatic refresh mechanisms
- Input validation to prevent injection attacks
Frontend changes:
- GCPLoginButton component for Google sign-in
- GKE cluster detection based on server URL patterns
- Integration into existing authentication chooser UI
- Comprehensive test coverage
Documentation:
- Complete setup guide for GKE deployments
- RBAC configuration examples
- Troubleshooting guide
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>1 parent 0cfeae0 commit 72ef722
File tree
32 files changed
+2773
-39
lines changed- backend
- cmd
- pkg
- auth
- config
- gcp
- docs
- frontend
- .storybook
- src
- components
- authchooser
- cluster
- i18n/locales
- de
- en
- es
- fr
- hi
- it
- ja
- ko
- pt
- ta
- zh-tw
- zh
- lib/k8s
- plugins/headlamp-plugin/config/.storybook
32 files changed
+2773
-39
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
14 | 14 | | |
15 | 15 | | |
16 | 16 | | |
| 17 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
47 | 47 | | |
48 | 48 | | |
49 | 49 | | |
| 50 | + | |
50 | 51 | | |
51 | 52 | | |
52 | 53 | | |
| |||
95 | 96 | | |
96 | 97 | | |
97 | 98 | | |
| 99 | + | |
| 100 | + | |
| 101 | + | |
| 102 | + | |
| 103 | + | |
98 | 104 | | |
99 | 105 | | |
100 | 106 | | |
| |||
391 | 397 | | |
392 | 398 | | |
393 | 399 | | |
| 400 | + | |
| 401 | + | |
| 402 | + | |
| 403 | + | |
| 404 | + | |
| 405 | + | |
| 406 | + | |
| 407 | + | |
| 408 | + | |
| 409 | + | |
| 410 | + | |
| 411 | + | |
| 412 | + | |
| 413 | + | |
| 414 | + | |
| 415 | + | |
| 416 | + | |
| 417 | + | |
| 418 | + | |
| 419 | + | |
| 420 | + | |
| 421 | + | |
| 422 | + | |
| 423 | + | |
| 424 | + | |
| 425 | + | |
| 426 | + | |
| 427 | + | |
| 428 | + | |
| 429 | + | |
394 | 430 | | |
395 | 431 | | |
396 | 432 | | |
| |||
450 | 486 | | |
451 | 487 | | |
452 | 488 | | |
453 | | - | |
454 | | - | |
455 | | - | |
456 | | - | |
457 | | - | |
458 | | - | |
459 | | - | |
460 | | - | |
461 | | - | |
462 | | - | |
463 | | - | |
464 | | - | |
465 | | - | |
466 | | - | |
467 | | - | |
468 | | - | |
469 | | - | |
470 | | - | |
471 | | - | |
472 | | - | |
| 489 | + | |
473 | 490 | | |
474 | 491 | | |
475 | 492 | | |
| |||
884 | 901 | | |
885 | 902 | | |
886 | 903 | | |
| 904 | + | |
| 905 | + | |
| 906 | + | |
| 907 | + | |
| 908 | + | |
| 909 | + | |
| 910 | + | |
| 911 | + | |
| 912 | + | |
| 913 | + | |
| 914 | + | |
| 915 | + | |
| 916 | + | |
| 917 | + | |
| 918 | + | |
| 919 | + | |
| 920 | + | |
| 921 | + | |
| 922 | + | |
| 923 | + | |
| 924 | + | |
| 925 | + | |
| 926 | + | |
| 927 | + | |
| 928 | + | |
| 929 | + | |
| 930 | + | |
| 931 | + | |
| 932 | + | |
| 933 | + | |
887 | 934 | | |
888 | 935 | | |
889 | 936 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
139 | 139 | | |
140 | 140 | | |
141 | 141 | | |
| 142 | + | |
| 143 | + | |
| 144 | + | |
| 145 | + | |
| 146 | + | |
142 | 147 | | |
143 | 148 | | |
144 | 149 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
50 | 50 | | |
51 | 51 | | |
52 | 52 | | |
| 53 | + | |
53 | 54 | | |
54 | 55 | | |
55 | 56 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
| 3 | + | |
| 4 | + | |
3 | 5 | | |
4 | 6 | | |
5 | 7 | | |
| |||
0 commit comments