[FEAT] - kubelogin: add separate cache dirs when connector_id is used

### Priority

(Medium) I'm annoyed but I'll live

### User Story

_No response_

### Description

By default kubelogin writes to `$HOME/.kube/cache/oidc-login`

It uses the following [interface](https://github.com/int128/kubelogin/blob/master/pkg/tokencache/repository/repository.go#L28) while writing to cache and uses a [checksum](https://github.com/int128/kubelogin/blob/master/pkg/tokencache/repository/repository.go#L204) of the [key](https://github.com/int128/kubelogin/blob/master/pkg/tokencache/types.go#L9).

In Greenhouse case with multiple users with chaning `conenctor_ids`, there is only a single cache file:

```
⎈ greenhouse-p-eu-de-1-ccloud:default bin % ls -la /Users/<USERNAME>/.kube/cache/oidc-login                                                              
total 8
drwx------@ 4 USERNAME  staff   128 Nov 27 23:31 .
drwxr-x---@ 5 USERNAME  staff   160 Nov 27 23:31 ..
-rw-------@ 1 USERNAME  staff  1279 Nov 27 23:31 3788675cc000ab39a7757e8617f17c5e9fac544e218312fd5f5e7c186f8b1a64
-rw-------@ 1 USERNAME  staff     0 Nov 27 23:31 3788675cc000ab39a7757e8617f17c5e9fac544e218312fd5f5e7c186f8b1a64.lock
```

In kubeconfig I made kubelogin verbose:
```
- name: kubectl-sync:2367:oidc@greenhouse-p-eu-de-1-ccloud
  user:
    exec:
      apiVersion: client.authentication.k8s.io/v1
      args:
      - get-token
      - --oidc-client-id=greenhouse
...
      - -v=99 
 ```
I run `kubectl -v 99 get plugins -n ccloud` again and in the logs:
```
I1127 23:34:36.883855   10311 get_token.go:51] WARNING: log may contain your secrets such as token or password
I1127 23:34:36.884350   10311 get_token.go:57] credential plugin is called with apiVersion: client.authentication.k8s.io/v1
I1127 23:34:36.884353   10311 get_token.go:59] finding a token cache
I1127 23:34:36.884355   10311 get_token.go:68] acquiring the lock of token cache
I1127 23:34:36.884765   10311 get_token.go:88] checking expiration of the existing token
I1127 23:34:36.884791   10311 get_token.go:97] you already have a valid token until 2025-11-28 00:31:25 +0100 CET
I1127 23:34:36.884835   10311 get_token.go:74] releasing the lock of token cache
```
We run into an issue similar to this:
https://github.com/int128/kubelogin/issues/29

Adding separate token cache dirs for users is feasible (and could be a solution):
https://github.com/int128/kubelogin/issues/29#issuecomment-1657057575

### Acceptance Criteria

- When `connector_id` is used in the kubeconfig and kubelogin is configured, add token cache flag to the arg list.

### Reference Issues

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[FEAT] - kubelogin: add separate cache dirs when connector_id is used #35

Priority

User Story

Description

Acceptance Criteria

Reference Issues

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[FEAT] - kubelogin: add separate cache dirs when connector_id is used #35

Description

Priority

User Story

Description

Acceptance Criteria

Reference Issues

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions