- Sort Score
- Result 10 results
- Languages All
Results 1 - 3 of 3 for SecureNamingSAN (0.2 sec)
-
pilot/pkg/serviceregistry/kube/conversion.go
func kubeToIstioServiceAccount(saname string, ns string, mesh *meshconfig.MeshConfig) string { return spiffe.MustGenSpiffeURI(mesh, ns, saname) } // SecureNamingSAN creates the secure naming used for SAN verification from pod metadata func SecureNamingSAN(pod *corev1.Pod, mesh *meshconfig.MeshConfig) string { return spiffe.MustGenSpiffeURI(mesh, pod.Namespace, pod.Spec.ServiceAccountName) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 9.4K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/endpoint_builder.go
var locality, sa, namespace, hostname, subdomain, ip, node string var podLabels labels.Instance if pod != nil { locality = c.getPodLocality(pod) sa = kube.SecureNamingSAN(pod, c.meshWatcher.Mesh()) podLabels = pod.Labels namespace = pod.Namespace subdomain = pod.Spec.Subdomain if subdomain != "" { hostname = pod.Spec.Hostname if hostname == "" {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 4.8K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/conversion_test.go
pod.Annotations = make(map[string]string) ns := "anything" sa := "foo" pod.Namespace = ns pod.Spec.ServiceAccountName = sa mesh := &meshconfig.MeshConfig{TrustDomain: "td.local"} san := SecureNamingSAN(pod, mesh) expectedSAN := fmt.Sprintf("spiffe://td.local/ns/%v/sa/%v", ns, sa) if san != expectedSAN { t.Fatalf("SAN match failed, SAN:%v expectedSAN:%v", san, expectedSAN) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 12.7K bytes - Viewed (0)