Added key cache via OS keyring

[applejag]

Changed the repository.Repository implementation to use https://github.com/zalando/go-keyring

This means that password tokens are stored in OS keyring instead of in plain text on your disk.

Screenshot from "KDE Wallet Management Tool", the app used to inspect OS keyring on KDE:

Usage:

- name: oidc
  user:
    exec:
      apiVersion: client.authentication.k8s.io/v1beta1
      args:
        - oidc-login
        - get-token
        - --oidc-issuer-url=https://...............
        - --oidc-client-id=google
        - --oidc-client-secret=...............
        - --force-keyring # <--- new flag
      command: kubectl
      env: null
      interactiveMode: IfAvailable
      provideClusterInfo: false

The code prefers the OS keyring, if supported. Falls back to file based cache. Can be overridden with the new flags:

• --force-keyring
• --no-keyring

Closes #952

[SISheogorath]

@int128 is there anything can be done to move this forward?

I wanted to contribute this myself, but obviously @applejag was quicker and did a better job than I could. ^^

But maybe there is something I can help with to bring this into upstream.

[applejag]

It would be nice to get this merged. I've been waiting patiently in hopes that @int128 will merge this eventually, but that doesn't seem to be the case.

I'd also be curious what's missing to get this merged.

I also see now that there's conflicts. I'll fix that.

[applejag]

Damnit I accidentally clicked "Sync fork" on the wrong branch.

Edit: There we go, fixed. Also I've now fixed the merge conflicts

[nogweii]

Would it be possible to expand this to include fetching the client secret from the OS keyring as well? Or is that too much scope creep?

[applejag]

Would it be possible to expand this to include fetching the client secret from the OS keyring as well? Or is that too much scope creep?

I would like if that is done in a future PR. I don't have a strong will for trying to implement that