Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 168 for mtlsMode (0.2 sec)

  2. github.com/istio/istio

    tests/integration/security/testdata/reachability/global-peer-authn.yaml.tmpl 

    apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: "default"
spec:
  mtls:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Jul 06 18:43:28 UTC 2022
    - 131 bytes
    - Viewed (0)
  3. github.com/istio/istio

    pilot/pkg/security/authn/utils/utils.go 

    // BuildInboundTLS returns the TLS context corresponding to the mTLS mode.
func BuildInboundTLS(mTLSMode model.MutualTLSMode, node *model.Proxy,
	protocol networking.ListenerProtocol, trustDomainAliases []string, minTLSVersion tls.TlsParameters_TlsProtocol,
	mc *meshconfig.MeshConfig,
) *tls.DownstreamTlsContext {
	if mTLSMode == model.MTLSDisable || mTLSMode == model.MTLSUnknown {
		return nil
	}
	ctx := &tls.DownstreamTlsContext{
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Feb 23 00:16:21 UTC 2024
    - 3.8K bytes
    - Viewed (0)
  4. github.com/istio/istio

    pilot/pkg/networking/core/listener_builder_test.go 

    							},
						},
					},
				},
			},
			mtlsMode:       model.MTLSPermissive,
			expectedResult: expectIstioMTLS,
		},
	}
	for _, tt := range cases {
		t.Run(tt.name, func(t *testing.T) {
			cg := NewConfigGenTest(t, TestOptions{
				Services:     services,
				Instances:    instances,
				ConfigString: mtlsMode(tt.mtlsMode.String()),
			})
			proxy := cg.SetupProxy(nil)
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Jun 13 01:56:28 UTC 2024
    - 24.7K bytes
    - Viewed (0)
  5. github.com/istio/istio

    tests/integration/security/testdata/reachability/workload-peer-authn-port-override.yaml.tmpl 

    apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: {{ .To.ServiceName }}
spec:
  selector:
    matchLabels:
      app: {{ .To.ServiceName }}
  mtls:
    mode: {{ .MTLSMode }}
  portLevelMtls:
    {{ (.To.PortForName `http`).WorkloadPort }}:
      mode: {{ .MTLSModeOverride }}
    {{ (.To.PortForName `http2`).WorkloadPort }}:
      mode: {{ .MTLSModeOverride }}
    {{ (.To.PortForName `https`).WorkloadPort }}:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Jul 06 18:43:28 UTC 2022
    - 648 bytes
    - Viewed (0)
  6. github.com/istio/istio

    tests/integration/security/testdata/reachability/workload-peer-authn.yaml.tmpl 

    apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: {{ .To.ServiceName }}
spec:
  selector:
    matchLabels:
      app: {{ .To.ServiceName }}
  mtls:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Jul 06 18:43:28 UTC 2022
    - 205 bytes
    - Viewed (0)
  7. github.com/istio/istio

    pilot/pkg/serviceregistry/serviceentry/conversion_test.go 

    	svcPort *networking.ServicePort, svcLabels map[string]string, mtlsMode MTLSMode,
) *model.ServiceInstance {
	services := convertServices(*cfg)
	svc := services[0] // default
	for _, s := range services {
		if string(s.Hostname) == address {
			svc = s
			break
		}
	}
	tlsMode := model.DisabledTLSModeLabel
	if mtlsMode == MTLS || mtlsMode == MTLSUnlabelled {
		tlsMode = model.IstioMutualTLSModeLabel
	}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu May 23 21:07:03 UTC 2024
    - 39K bytes
    - Viewed (0)
  8. github.com/istio/istio

    pilot/pkg/model/authentication.go 

    		inheritedMTLSMode = MTLSPermissive
	}
	for ns, mtlsMode := range foundNamespaceMTLS {
		if mtlsMode == v1beta1.PeerAuthentication_MutualTLS_UNSET {
			policy.namespaceMutualTLSMode[ns] = inheritedMTLSMode
		} else {
			policy.namespaceMutualTLSMode[ns] = ConvertToMutualTLSMode(mtlsMode)
		}
	}
}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Apr 17 22:20:44 UTC 2024
    - 10.1K bytes
    - Viewed (0)
  9. github.com/istio/istio

    tests/integration/security/reachability_test.go 

    	migrationVersionNonIstio = "vlegacy"
	migrationPathIstio       = "/" + migrationVersionIstio
	migrationPathNonIstio    = "/" + migrationVersionNonIstio
	mtlsModeParam            = "MTLSMode"
	mtlsModeOverrideParam    = "MTLSModeOverride"
	tlsModeParam             = "TLSMode"
	cMinIstioVersion         = "1.15.0"
	// cMinIstioVersionDS       = "1.16.0"
)

func TestReachability(t *testing.T) {
	framework.NewTest(t).
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu May 02 21:29:40 UTC 2024
    - 20.6K bytes
    - Viewed (0)
  10. github.com/istio/istio

    pilot/pkg/networking/core/sidecar_simulation_test.go 

    	if err := json.Unmarshal(s, &meta); err != nil {
		t.Fatal(err)
	}
	res := []string{}
	for _, m := range meta.Services {
		res = append(res, m.Host)
	}
	return res
}

func mtlsMode(m string) string {
	return fmt.Sprintf(`apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: default
  namespace: istio-system
spec:
  mtls:
    mode: %s
`, m)
}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Jun 13 01:56:28 UTC 2024
    - 84.7K bytes
    - Viewed (0)
  11. github.com/istio/istio

    tests/integration/security/testdata/reachability/migration.yaml.tmpl 

      - name: "vistio"
    labels:
      version: "vistio"
{{- if ne .TLSMode "" }}
    trafficPolicy:
      tls:
        mode: {{ .TLSMode }}
{{- end }}
  - name: "vlegacy"
    labels:
      version: "vlegacy"
{{- if ne .TLSMode "" }}
    trafficPolicy:
      tls:
        mode: {{ .TLSMode }}
  trafficPolicy:
    tls:
      mode: {{ .TLSMode }}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Jul 06 18:43:28 UTC 2022
    - 975 bytes
    - Viewed (0)
Back to top