- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 13 for PERMISSIVE (0.24 sec)
-
tests/integration/security/pass_through_filter_chain_test.go
}, }, { // There is only authN policy that enables mTLS (Permissive). // The request should be allowed because the client is always using plain text. name: "PERMISSIVE", config: `apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: mtls spec: mtls: mode: PERMISSIVE`, expected: []expect{ {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 11.9K bytes - Viewed (0) -
pilot/pkg/networking/core/peer_authentication_simulation_test.go
mode: DISABLE ---` paPermissive := ` apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: default spec: selector: matchLabels: app: foo mtls: mode: PERMISSIVE ---` paStrictWithDisableOnPort9000 := ` apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: default spec: selector: matchLabels: app: foo mtls:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 16.2K bytes - Viewed (0) -
pilot/pkg/model/authentication.go
MTLSUnknown MutualTLSMode = iota // MTLSDisable if authentication policy disable mTLS. MTLSDisable // MTLSPermissive if authentication policy enable mTLS in permissive mode. MTLSPermissive // MTLSStrict if authentication policy enable mTLS in strict mode. MTLSStrict ) // In Ambient, we convert k8s PeerAuthentication resources to the same type as AuthorizationPolicies
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 10.1K bytes - Viewed (0) -
pilot/pkg/networking/grpcgen/lds.go
// replacement for permissive. mode = model.MTLSDisable } var out []*listener.FilterChain switch mode { case model.MTLSDisable: out = append(out, buildInboundFilterChain(node, push, "plaintext", nil)) case model.MTLSStrict: out = append(out, buildInboundFilterChain(node, push, "mtls", tlsContext))
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 14.6K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go
Name: workloadCfg.Name, Kind: kind.PeerAuthentication, Namespace: workloadCfg.Namespace, }) } } else { // Permissive mesh or namespace policy isEffectiveStrictPolicy = false // any ports that aren't specified will be PERMISSIVE so this workload isn't effectively under a STRICT policy foundStrict := false for _, portMtls := range workloadSpec.PortLevelMtls {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 16:23:36 UTC 2024 - 18.4K bytes - Viewed (0) -
tests/integration/security/reachability_test.go
expectCrossCluster: notFromNaked, expectCrossNetwork: notNaked, expectSuccess: notNaked, minIstioVersion: integIstioVersion, }, { name: "global mtls permissive", configs: config.Sources{ config.File("testdata/reachability/global-peer-authn.yaml.tmpl"), config.File("testdata/reachability/global-dr.yaml.tmpl"), }.WithParams(param.Params{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 20.6K bytes - Viewed (0) -
pilot/pkg/networking/core/listener_builder_test.go
http map[int]bool tls map[int]bool }{ { name: "permissive", config: "", http: map[int]bool{ // Should not see HTTP inspector if we declare ports 80: true, 82: true, // But should see for passthrough or unnamed ports 81: false, 1000: false, }, tls: map[int]bool{ // Permissive mode: inspector is set everywhere 80: false, 82: false,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 24.7K bytes - Viewed (0) -
hack/golangci.yaml
# golangci-lint is used in Kubernetes with different configurations that # enable an increasing amount of checks: # - golangci.yaml is the most permissive configuration. All existing code # passed. # - golangci-strict.yaml adds checks that all new code in pull requests # must pass. # - golangci-hints.yaml adds checks for code patterns where developer # and reviewer may decide whether findings should get addressed before
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed May 15 12:10:09 UTC 2024 - 9.8K bytes - Viewed (0) -
src/cmd/go/internal/work/security.go
re(`-f(no-)?modules`), re(`-f(no-)?objc-arc`), re(`-f(no-)?objc-nonfragile-abi`), re(`-f(no-)?objc-legacy-dispatch`), re(`-f(no-)?omit-frame-pointer`), re(`-f(no-)?openmp(-simd)?`), re(`-f(no-)?permissive`), re(`-f(no-)?(pic|PIC|pie|PIE)`), re(`-f(no-)?plt`), re(`-f(no-)?rtti`), re(`-f(no-)?split-stack`), re(`-f(no-)?stack-(.+)`), re(`-f(no-)?strict-aliasing`), re(`-f(un)signed-char`),
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Mon May 20 15:47:34 UTC 2024 - 10K bytes - Viewed (0) -
staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
if err != nil { panic(fmt.Errorf("cannot parse '%v': %v", str, err)) } return q } const ( // splitREString is used to separate a number from its suffix; as such, // this is overly permissive, but that's OK-- it will be checked later. splitREString = "^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$" ) var ( // Errors that could happen while parsing a string.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed May 29 21:48:10 UTC 2024 - 23.8K bytes - Viewed (0)