Docker Desktop Kubernetes auth on local machine

Question

Is it possible to have docker desktop issue a service token for the host machine so that one can use kubernetes auth method for code running inside an IDE to authenticate with apps running inside a local kubernetes? The instance of kubernetes I am using is by docker desktop for Mac.

Use case: I have deployed vault locally to my docker desktop kubernetes and have configured it to authenticate by kubernetes service tokens. This works fine for apps I deploy to the same kubernetes cluster because they automatically get a service token in their container which they send over to vault for authentication. However, this becomes challenging while I am developing code in my IDE since I am running my app from inside my IDE and to kubernetes cluster, they don't exist. As a result I can't authenticate to vault since I don't have a service token.

I understand this might not be a usual use case and eventually can not be supported. I have tried to spawn up a linux container for the sole purpose of sharing its service account with my local machine to no avail.

Answer 1

Sure, you can make a ServiceAccount and just manually copy the JWT out of the Secret it creates for you. That JWT can be used to access the API from anywhere, no special magic.