- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 12 for credentialName (0.23 sec)
-
pkg/config/validation/agent/validation_test.go
CredentialName: "some credential", ClientCertificate: "", PrivateKey: "", CaCertificates: "", }, valid: true, }, { name: "SIMPLE CredentialName set with ClientCertificate specified", tls: &networking.ClientTLSSettings{ Mode: networking.ClientTLSSettings_SIMPLE, CredentialName: "credential",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 20:06:41 UTC 2024 - 39.1K bytes - Viewed (0) -
pilot/pkg/security/model/authentication.go
// credentialName SDS which may refer to secrets which do not exist. We do not want to block the // entire listener/cluster in these cases. ResourceApiVersion: core.ApiVersion_V3, } // ConstructSdsSecretConfigForCredential constructs SDS secret configuration used // from certificates referenced by credentialName in DestinationRule or Gateway.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Mar 28 22:11:02 UTC 2024 - 9.9K bytes - Viewed (0) -
tests/integration/security/egress_gateway_origination_test.go
} func newTLSGatewayDestinationRule(t framework.TestContext, to echo.Instances, destinationRuleMode string, credentialName string) { args := map[string]any{ "to": to, "Mode": destinationRuleMode, "CredentialName": credentialName, } // Get namespace for gateway pod. istioCfg := istio.DefaultConfigOrFail(t, t)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 15.4K bytes - Viewed (0) -
tests/integration/security/egress_sidecar_tls_origination_test.go
func newTLSSidecarDestinationRule(t framework.TestContext, to echo.Instances, destinationRuleMode string, workloadSelector string, credentialName string, clientNamespace namespace.Instance, ) { args := map[string]any{ "to": to, "Mode": destinationRuleMode, "CredentialName": credentialName, "WorkloadSelector": workloadSelector, } se := ` apiVersion: networking.istio.io/v1alpha3 kind: ServiceEntry
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 10.4K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_tls.go
if tls == nil { return nil, nil } // Hack to avoid egress sds cluster config generation for sidecar when // CredentialName is set in DestinationRule without a workloadSelector. // We do not want to support CredentialName setting in non workloadSelector based DestinationRules, because // that would result in the CredentialName being supplied to all the sidecars which the DestinationRule is scoped to,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 19:09:43 UTC 2024 - 19.2K bytes - Viewed (0) -
pkg/config/validation/agent/validation.go
if settings.Mode == networking.ClientTLSSettings_SIMPLE { // In tls simple mode, we can specify ca cert by CaCertificates or CredentialName. if settings.CaCertificates != "" || settings.CredentialName != "" || settings.SubjectAltNames != nil { errs = AppendErrors(errs, fmt.Errorf("cannot specify CaCertificates or CredentialName or SubjectAltNames when InsecureSkipVerify is set true")) } }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 20:06:41 UTC 2024 - 30.9K bytes - Viewed (0) -
tests/integration/security/sds_ingress/ingress_test.go
echotest.New(t, instances). SetupForDestination(func(t framework.TestContext, to echo.Target) error { ingressutil.SetupConfig(t, echo1NS, ingressutil.TestConfig{ Mode: "SIMPLE", CredentialName: credName, Host: host, ServiceName: to.Config().Service, GatewayLabel: inst.Settings().IngressGatewayIstioLabel, }) return nil }).
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 32.7K bytes - Viewed (0) -
pkg/config/analysis/analyzers/analyzers_test.go
}, }, { name: "destinationrule with credentialname, simple at destinationlevel, workloadSelector", inputFiles: []string{ "testdata/destinationrule-simple-destination-credentialname-selector.yaml", }, analyzer: &destinationrule.CaCertificateAnalyzer{}, expected: []message{}, }, { name: "destinationrule with credentialname, simple at portlevel, no workloadSelector", inputFiles: []string{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Jun 14 07:22:31 UTC 2024 - 42.6K bytes - Viewed (0) -
istioctl/pkg/precheck/precheck.go
if tls == nil { return false } if tls.Mode == networking.ClientTLSSettings_DISABLE || tls.Mode == networking.ClientTLSSettings_ISTIO_MUTUAL { return false } return tls.CaCertificates == "" && tls.CredentialName == "" && !tls.InsecureSkipVerify.GetValue() } checkSNI := func(tls *networking.ClientTLSSettings) bool { if tls == nil { return false }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Apr 12 02:57:30 UTC 2024 - 19.3K bytes - Viewed (0) -
pkg/security/security.go
// SDSExternalClusterName is the name of the cluster for external SDS connections which is defined via CredentialNameSocketPath SDSExternalClusterName = "sds-external" // SDSExternalCredentialPrefix is the prefix for the credentialName which will utilize external SDS connections defined via CredentialNameSocketPath SDSExternalCredentialPrefix = "sds://" // WorkloadIdentityCredentialsPath is the well-known path to a folder with workload certificate files.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 19.1K bytes - Viewed (0)