- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 125 for serviceAccounts (0.21 sec)
-
pkg/controlplane/apiserver/options/options.go
if completed.Authentication.ServiceAccounts.MaxExpiration < lowBound || completed.Authentication.ServiceAccounts.MaxExpiration > upBound { return CompletedOptions{}, fmt.Errorf("the service-account-max-token-expiration must be between 1 hour and 2^32 seconds") } if completed.Authentication.ServiceAccounts.ExtendExpiration {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat Apr 27 12:19:56 UTC 2024 - 15.4K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/waypoints.go
// waypoint. Must be one of "all", "service", "workload". TrafficType string // ServiceAccounts from instances of the waypoint. // This only handles Pods. If we wish to support non-pod waypoints, we'll // want to index ServiceEntry/WorkloadEntry or possibly allow specifying // the ServiceAccounts directly on a Gateway resource. ServiceAccounts []string }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jun 12 18:02:28 UTC 2024 - 11.1K bytes - Viewed (0) -
pilot/pkg/model/endpointshards.go
oldServiceAccount := shards.ServiceAccounts serviceAccounts := sets.String{} for _, epShards := range shards.Shards { for _, ep := range epShards { if ep.ServiceAccount != "" { serviceAccounts.Insert(ep.ServiceAccount) } } } if !oldServiceAccount.Equals(serviceAccounts) { shards.ServiceAccounts = serviceAccounts
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Jun 14 04:34:37 UTC 2024 - 15.6K bytes - Viewed (0) -
pkg/controller/serviceaccount/tokens_controller.go
if serviceAccount, ok := obj.(*v1.ServiceAccount); ok { e.syncServiceAccountQueue.Add(makeServiceAccountKey(serviceAccount)) } } func (e *TokensController) queueServiceAccountUpdateSync(oldObj interface{}, newObj interface{}) { if serviceAccount, ok := newObj.(*v1.ServiceAccount); ok { e.syncServiceAccountQueue.Add(makeServiceAccountKey(serviceAccount)) } }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat May 04 18:33:12 UTC 2024 - 20.5K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_tls.go
} // For backward compatibility, use metadata certs if provided. if cb.hasMetadataCerts() { return cb.buildMutualTLS(serviceAccounts, sni), autoDetected } // Build settings for auto MTLS. return cb.buildIstioMutualTLS(serviceAccounts, sni), autoDetected } func (cb *ClusterBuilder) hasMetadataCerts() bool { return cb.metadataCerts != nil }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 19:09:43 UTC 2024 - 19.2K bytes - Viewed (0) -
pkg/kubeapiserver/options/authentication_test.go
testAuthenticationConfigFile string expectErr string enabledFeatures, disabledFeatures []featuregate.Feature }{ { name: "test when OIDC and ServiceAccounts are nil", }, { name: "test when OIDC and ServiceAccounts are valid", testOIDC: &OIDCAuthenticationOptions{ UsernameClaim: "sub", SigningAlgs: []string{"RS256"}, IssuerURL: "https://testIssuerURL",
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Apr 24 18:25:29 UTC 2024 - 36.5K bytes - Viewed (0) -
plugin/pkg/admission/serviceaccount/admission_test.go
admit.SetExternalKubeInformerFactory(informerFactory) admit.MountServiceAccountToken = true // Add the default service account for the ns into the cache informerFactory.Core().V1().ServiceAccounts().Informer().GetStore().Add(&corev1.ServiceAccount{ ObjectMeta: metav1.ObjectMeta{ Name: DefaultServiceAccountName, Namespace: ns, }, }) v1PodIn := &corev1.Pod{ Spec: corev1.PodSpec{
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Apr 12 17:49:30 UTC 2024 - 36.9K bytes - Viewed (0) -
pilot/pkg/serviceregistry/serviceentry/conversion.go
Addresses: svc.GetAddresses(proxy), // This is based on alpha.istio.io/canonical-serviceaccounts and // alpha.istio.io/kubernetes-serviceaccounts. SubjectAltNames: svc.ServiceAccounts, } if len(svc.Attributes.LabelSelectors) > 0 { se.WorkloadSelector = &networking.WorkloadSelector{Labels: svc.Attributes.LabelSelectors} }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 02:03:58 UTC 2024 - 16.9K bytes - Viewed (0) -
pkg/controlplane/apiserver/config.go
for _, f := range opts.Authentication.ServiceAccounts.KeyFiles { keys, err := keyutil.PublicKeysFromFile(f) if err != nil { return nil, nil, fmt.Errorf("failed to parse key file %q: %w", f, err) } pubKeys = append(pubKeys, keys...) } config.ServiceAccountIssuerURL = opts.Authentication.ServiceAccounts.Issuers[0] config.ServiceAccountJWKSURI = opts.Authentication.ServiceAccounts.JWKSURI
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jun 07 17:57:37 UTC 2024 - 14.9K bytes - Viewed (0) -
pilot/pkg/model/service.go
Port: port.Port, Protocol: port.Protocol, } } else { out.Ports[i] = nil } } } if s.ServiceAccounts != nil { out.ServiceAccounts = make([]string, len(s.ServiceAccounts)) copy(out.ServiceAccounts, s.ServiceAccounts) } out.ClusterVIPs = *s.ClusterVIPs.DeepCopy() return &out } // Equals compares two service objects.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 02:03:58 UTC 2024 - 46.3K bytes - Viewed (0)