- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 424 for serviceAccounts (0.24 sec)
-
pkg/controlplane/apiserver/options/options.go
if completed.Authentication.ServiceAccounts.MaxExpiration < lowBound || completed.Authentication.ServiceAccounts.MaxExpiration > upBound { return CompletedOptions{}, fmt.Errorf("the service-account-max-token-expiration must be between 1 hour and 2^32 seconds") } if completed.Authentication.ServiceAccounts.ExtendExpiration {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat Apr 27 12:19:56 UTC 2024 - 15.4K bytes - Viewed (0) -
pkg/kubeapiserver/options/authentication.go
} ret.APIAudiences = o.APIAudiences if o.ServiceAccounts != nil { if len(o.ServiceAccounts.Issuers) != 0 && len(o.APIAudiences) == 0 { ret.APIAudiences = authenticator.Audiences(o.ServiceAccounts.Issuers) } ret.ServiceAccountKeyFiles = o.ServiceAccounts.KeyFiles ret.ServiceAccountIssuers = o.ServiceAccounts.Issuers ret.ServiceAccountLookup = o.ServiceAccounts.Lookup } if o.TokenFile != nil {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat Mar 09 22:40:22 UTC 2024 - 32.4K bytes - Viewed (0) -
pkg/controller/serviceaccount/serviceaccounts_controller.go
type ServiceAccountsControllerOptions struct { // ServiceAccounts is the list of service accounts to ensure exist in every namespace ServiceAccounts []v1.ServiceAccount // ServiceAccountResync is the interval between full resyncs of ServiceAccounts. // If non-zero, all service accounts will be re-listed this often.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat May 04 18:33:12 UTC 2024 - 7.5K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/waypoints.go
// waypoint. Must be one of "all", "service", "workload". TrafficType string // ServiceAccounts from instances of the waypoint. // This only handles Pods. If we wish to support non-pod waypoints, we'll // want to index ServiceEntry/WorkloadEntry or possibly allow specifying // the ServiceAccounts directly on a Gateway resource. ServiceAccounts []string }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jun 12 18:02:28 UTC 2024 - 11.1K bytes - Viewed (0) -
pilot/pkg/model/endpointshards.go
oldServiceAccount := shards.ServiceAccounts serviceAccounts := sets.String{} for _, epShards := range shards.Shards { for _, ep := range epShards { if ep.ServiceAccount != "" { serviceAccounts.Insert(ep.ServiceAccount) } } } if !oldServiceAccount.Equals(serviceAccounts) { shards.ServiceAccounts = serviceAccounts
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Jun 14 04:34:37 UTC 2024 - 15.6K bytes - Viewed (0) -
pkg/controller/serviceaccount/tokens_controller.go
if serviceAccount, ok := obj.(*v1.ServiceAccount); ok { e.syncServiceAccountQueue.Add(makeServiceAccountKey(serviceAccount)) } } func (e *TokensController) queueServiceAccountUpdateSync(oldObj interface{}, newObj interface{}) { if serviceAccount, ok := newObj.(*v1.ServiceAccount); ok { e.syncServiceAccountQueue.Add(makeServiceAccountKey(serviceAccount)) } }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat May 04 18:33:12 UTC 2024 - 20.5K bytes - Viewed (0) -
pilot/pkg/model/service_test.go
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Mar 28 20:38:02 UTC 2024 - 13.9K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/conversion.go
for _, port := range svc.Spec.Ports { ports = append(ports, convertPort(port)) } var exportTo sets.Set[visibility.Instance] serviceaccounts := make([]string, 0) if svc.Annotations[annotation.AlphaCanonicalServiceAccounts.Name] != "" { serviceaccounts = append(serviceaccounts, strings.Split(svc.Annotations[annotation.AlphaCanonicalServiceAccounts.Name], ",")...) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 9.4K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_cache.go
service: service, destinationRule: dr, envoyFilterKeys: efKeys, metadataCerts: cb.metadataCerts, peerAuthVersion: cb.req.Push.AuthnPolicies.GetVersion(), serviceAccounts: cb.req.Push.ServiceAccounts(service.Hostname, service.Attributes.Namespace), endpointBuilder: eb, }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 19:09:43 UTC 2024 - 6.1K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/policies.go
}, krt.WithName("Policies")) return AuthzDerivedPolicies, Policies } func implicitWaypointPolicyName(waypoint *Waypoint) string { if !features.DefaultAllowFromWaypoint || waypoint == nil || len(waypoint.ServiceAccounts) == 0 { return "" } // use '_' character since those are illegal in k8s names return "istio_allow_waypoint_" + waypoint.Namespace + "_" + waypoint.Name }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 16:51:29 UTC 2024 - 5.2K bytes - Viewed (0)