gardenctl should pass --config to gardenlogin so both use the same config file

[hendrikKahl]

What would you like to be added:

When I specify --config <path to some specific config file> to gardenctl target and request a kubeconfig for a shoot, the generated file has a users section like this:

users:
- name: my-cluster
  user:
    exec:
      apiVersion: client.authentication.k8s.io/v1
      args:
      - get-client-certificate
      command: kubectl-gardenlogin
      env: null
      installHint: Follow the instructions on https://github.com/gardener/gardenlogin#installation
        to install gardenlogin
      interactiveMode: IfAvailable
      provideClusterInfo: true

It would be helpful, if --config <path to some specific config file> could be added as an argument to kubectl-gardenlogin as well.

Why is this needed:

As of now, the behavior is inconsistent and leads to unwanted behavior where gardenctl and gardenlogin use different configuration files.

[petersutter]

Interesting, what is your use case for providing a different config file using the path flag?

[hendrikKahl]

Sometimes, I want to test with a specific setup. To spare me the effort of moving too many files around, I tried to use the --config flag conveniently offered by the cli :)

This happens mostly in the context of debugging / reproducing things with a specific garden kubeconfig. Since Gardener dropped support for static tokens with K8s v1.27, I believe these cases will increase.

[hendrikKahl]

Maybe I failed to describe the issue resulting from this behavior 🤔 so let me try to rephrase.

When I use the --config flag on gardenctl, it uses this combination of configuration / credentials. Now, when I target a shoot, gardenlogin, invoked via the generated kubeconfig, still uses its default.

This results in adminkubeconfig requests being sent to a totally different cluster or requested with different credentials.