Interactive CLI Authentication for Cloud Providers

[danielelisi]

Currently, we need to manually configure Cloud KMS authentication by generating API keys and copying them to a file on the machine running Signatory. I don't find this flow user-friendly, especially for beginner users who might not be familiar with technical terms or comfortable operating the terminal. In addition, an important consideration regarding handling secret keys and sensitive files; a beginner user wouldn't know how to store them securely or wouldn't comprehend the potential risks of exposing them.

I like the interactive authentication flow of some CLI programs like Github CLI, AWS CLI, and Tailscale.

We could have a signatory config command to help users log in to the Cloud KMS providers interactively. I imagine this using the native Cloud SDK they usually provide to interact with their API safely. Generally, these SDKs use platform APIs to generate an application-specific token that is locally saved to the system in a configuration file.