- Sort Score
- Result 10 results
- Languages All
Results 1 - 6 of 6 for securityclient (0.22 sec)
-
pilot/pkg/serviceregistry/kube/controller/ambient/policies.go
"strings" v1 "k8s.io/api/core/v1" securityclient "istio.io/client-go/pkg/apis/security/v1beta1" "istio.io/istio/pilot/pkg/features" "istio.io/istio/pilot/pkg/model" "istio.io/istio/pkg/kube/krt" "istio.io/istio/pkg/slices" "istio.io/istio/pkg/spiffe" "istio.io/istio/pkg/workloadapi/security" ) func PolicyCollections( AuthzPolicies krt.Collection[*securityclient.AuthorizationPolicy],
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 16:51:29 UTC 2024 - 5.2K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/workloads.go
} func fetchPeerAuthentications( ctx krt.HandlerContext, PeerAuths krt.Collection[*securityclient.PeerAuthentication], meshCfg *MeshConfig, ns string, matchLabels map[string]string, ) []*securityclient.PeerAuthentication { return krt.Fetch(ctx, PeerAuths, krt.FilterGeneric(func(a any) bool { pol := a.(*securityclient.PeerAuthentication) if pol.Namespace == meshCfg.GetRootNamespace() && pol.Spec.Selector == nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 16:51:29 UTC 2024 - 20.9K bytes - Viewed (0) -
pilot/pkg/xds/workload_test.go
clienttest.NewWriter[*securityclient.AuthorizationPolicy](s.T(), s.KubeClient()).Create(&securityclient.AuthorizationPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: ns, }, Spec: v1beta1.AuthorizationPolicy{}, }) } func deletePeerAuthentication(s *xds.FakeDiscoveryServer, name string, ns string) {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 19:09:43 UTC 2024 - 15.9K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/ambientindex.go
authzPolicies := kclient.NewDelayedInformer[*securityclient.AuthorizationPolicy](options.Client, gvr.AuthorizationPolicy, kubetypes.StandardInformer, filter) AuthzPolicies := krt.WrapClient[*securityclient.AuthorizationPolicy](authzPolicies, krt.WithName("AuthorizationPolicies")) peerAuths := kclient.NewDelayedInformer[*securityclient.PeerAuthentication](options.Client,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Apr 19 17:19:41 UTC 2024 - 15.8K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go
// [static STRICT policy, port-level STRICT policy] based on the effective PeerAuthentication policy func convertedSelectorPeerAuthentications(rootNamespace string, configs []*securityclient.PeerAuthentication) []string { var meshCfg, namespaceCfg, workloadCfg *securityclient.PeerAuthentication for _, cfg := range configs { spec := &cfg.Spec if spec.Selector == nil || len(spec.Selector.MatchLabels) == 0 { // Namespace-level or mesh-level policy
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 16:23:36 UTC 2024 - 18.4K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/workloads_test.go
"testing" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" networking "istio.io/api/networking/v1alpha3" networkingclient "istio.io/client-go/pkg/apis/networking/v1alpha3" securityclient "istio.io/client-go/pkg/apis/security/v1beta1" "istio.io/istio/pilot/pkg/model" "istio.io/istio/pkg/config/labels" "istio.io/istio/pkg/config/mesh" "istio.io/istio/pkg/config/schema/kind"
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 16:51:29 UTC 2024 - 20.3K bytes - Viewed (0)