►
Description
Updates on credential provider KEP
A
B
Yeah,
so
I
just
wanted
to
mention
a
pull
request
that
I
had
opened
for
the
credential
provider
extraction
kept,
and
basically
this
is
some
changes
that
we
want
to
get
into
118.
So
there's
a
pull
request
already
open
for
this
cap
with
a
work
in
progress
implementation,
and
this
is
based
on
some
discussion
that
we
had
on
the
original
cap.
Pull
request.
Andrew
had
a
comment
to
the
effect
that
we
should
simplify
the
API
between
the
credential
provider
or
the
cubelet
and
the
plugin.
B
Basically,
so
this
was
kind
of
just
taking
what
he
said
and
just
adding
into
the
cap.
Basically,
it
just
removed
some
of
the
exec
credential
kind
of
extra
craft,
there's
an
but
there
was
environment,
variables,
arms
and
commands,
and
we
sort
of
to
simplify
that
into
extra
args,
which
is
a
generic.
You
know
we
can
generic
arguments
that
we
can
implement.
However,
we
want
I
was
thinking.
Environment
variables
would
make
sense,
because
some
SDKs,
including
AWS,
make
it
easy
to
configure
them
with
environment
variables.
B
So
it
would
just
make
the
coding
slightly
easier,
but
we
could
do
we
could
do
any
type.
You
know
we
could
do
with
our
variables,
or
we
could
do
arguments
that
doesn't
really
matter
so
I
haven't
read
it
Andrews
comments.
Yet,
if
you
want
to
just
do
want
to
update
on
what
you
were,
your
comments
are
about
Andrew.
What
you're
thinking
yeah,
that's
pretty
much.
B
B
Kendall
or
Walter
do
you
have
opinions
on
this
change?
So
I
thinking
here
was
like
we
should
like
kind
of
like
ste
and
I
were
like
you
have
your
well-known
commands
and
well,
and
then
you
have
to
document
the
parameters
and
whatever,
like
I,
was
kind
of
going
for
that
state.
I
was
thinking
kind
of
thinking
that
same
route,
and
so
we
can
like.
B
On
top
of
this,
you
can
even
offer
the
framework
that
has
like
the
that
already
offers
like
how
to
build
a
binary
with
the
get
credentials
command,
and
then
you
should
implement
the
thing
that
runs
that
yeah
no
I
I,
really
like
where
this
is
going.
I
think
it's
just
gonna
take
a
little
bit
of
thinking
and
work
away
from
the
implementers.
You
know
they
just
follow
it.
They
don't
have
to
think
about
it
as
much.
So
it
makes
a
lot
of
sense
to
me.
B
One
thing
that
I
actually
wanted
to
add
was
so
I
added
a
bit
about
using
staging,
so
they
kept
I.
Think
if
you
scroll
down
we'll
see
so
just
a
quick
blurb
about
we're,
gonna
move
credential
providers
to
staging
so
that
the
API
objects
can
be
consumed
by
the
plugins
more
easily
and
then
I
I
figured
I
would
also
add,
like
maybe
a
little
bit
about
just
how
like
how
we're
going
to
compile
the
binaries
for
the
existing
credential
providers
that
are
now
going
to
be
compiled
as
separate
binaries.
B
A
Okay,
sorry
I'm,
going
back
over
the
last
one,
I
realize
I'm
winding
back
a
little
bit,
but
given
that
they're
optional,
it
almost
seems
to
be
like
we
could
just
have
both
args
and
environment
as
two
separate
optional
fields.
And
then
we
don't
have
to
worry
about
which
one
to
use
or
which
way
to
go.
B
Yeah,
so
so
that
was
how
this
originally
was
and
I
think
the
the
nature
Avengers
comment
on
the
cat
was
that
it
was
maybe
a
little
bit
unnecessary
and
this
is
simpler,
so
I
guess
we're
choosing
here
between
a
little
bit
of
you
know,
ease
of
you
know.
If
a
implementer
is
trying
to
use
both
arguments
and
environment
variables,
it
might
be
a
little
bit
easier
to
have
both.
But
you
know
it's
a
little
bit
more,
you
know
the
thing
is
it's
just
or.
B
A
B
That
so
one
thing
to
point
out
is
that
this
is
just
for
executing
the
binary,
which
generally
isn't
going
to
need
any
arguments,
but
the
actual
data
like
which
is
just
the
image
URL
string
is
actually
passed
by
a
standard
end
right
as
if
you're
as
if
you're
piping
it
to
the
binary.
If
you
might
have
a
right
thinking
of
picking
in
a
shell
sort
of
way,
it's
it's
yeah.
So
so
we
have
standard
in
and
standard
out
open
on
that
credential
process
and
that's
how
we
actually
transmit
the
data
that
we
care
about.
B
This
is
more
just
like.
If
you
you
want
to
configure
something
about
I,
don't
know
what
what
region
you're
running
in
or
just
something
that
can
be
kind
of
static,
and
just
you
know
as
past
the
to
the
binary
as
you
got
executed,
but
that
would
be
very
specific
to
the
cloud
provider
and
the
implementation
of
the
binary
right
right,
and
so
it
was
the
request
response
types
that
are
marshaled
to
JSON,
that
we
passed
in
right,
right,
feedback
word,
yeah,.
A
No,
no,
if
it
continues
to
crash
sure
I'm,
just
thinking
of
is
there
any
sort
of
recovery
expected
recovery.
Life
is
the
idea
that
you're
going
to
get
a
broken
pipe
and
then
you're
gonna
have
to
restart
from
the
beginning
and
that's
up
to
the
the
cloud
provider.
Or
is
there
some
sort
of
idea
you
can
continue
where
you
left
off.
A
B
B
B
B
Ya
know
this
is
the
only
thing
I
think
on
the
migration,
so
the
CCM
migration
there
was
I.
Think
the
where
we
left
off
Walter
was
we're
trying
to
figure
out
for
the
controler
migration
config,
so
I
actually
had
a
PR
open
that
tries
to
move
I
actually
need
to
fix
it.
It's
not
completed
actually
but
I.
Think
it's
a
good
starting
point.
B
B
But
I
think
we
need
to
have
a
discussion
on
how
important
this
work
is
compared
to
like
some
of
the
work
I'm
doing
to
move
like
all
the
cloud
provider
stuff
into
Kate
style,
slash
cloud
provider
to
make
it
easier
for
the
hash
people
building
decisions
to
bender
it
in.
What
do
you
think
like
if
we
have
to
pick
one
for
this
release
like.
A
Which
one
would
you
prefer
well,
in
fact,
before
I
answer
that
question
I
have
something
I
wanted
to
quickly
mention.
I
generally
am
working
on
multiple
things
at
once
and
I
talked
to
my
management
layer
and
they've
agreed
that
I
get
to
spend
the
next
court
focusing
on
this
and
they're
getting
me
an
extra
resource,
so
I'm
actually
fairly
hopeful
and
a
lot
of
the
migrating
CCM
to
staging
I
was
going
to
give
to
my
new
resource,
because
that
seemed
like
a
really
good
starter
project.
A
B
Kind
of
find
whether
it
really
no
config
star,
so
he
actually
said
to
move
this,
the
generic
controller
manager
into
cue
controller
manager
and
then
duplicate
like
the
cue
cloud
shirt,
sorry
No,
so
duplicate
the
generic
controller
manager
in
both
the
CCM.
In
the
case
and
for
the
cube
chair
configuration,
it
should
live
only
the
CCM,
but
then
the
key
controller,
and
you
can
import
it
as
long
as
the
injury
providers
there.
So
I'm
not
sure
what
that
means
for
where
we
put
the
Mike
mission
type.