Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 6 of 6 for securityclient (0.26 sec)

  2. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/policies.go 

    	"strings"

	v1 "k8s.io/api/core/v1"

	securityclient "istio.io/client-go/pkg/apis/security/v1beta1"
	"istio.io/istio/pilot/pkg/features"
	"istio.io/istio/pilot/pkg/model"
	"istio.io/istio/pkg/kube/krt"
	"istio.io/istio/pkg/slices"
	"istio.io/istio/pkg/spiffe"
	"istio.io/istio/pkg/workloadapi/security"
)

func PolicyCollections(
	AuthzPolicies krt.Collection[*securityclient.AuthorizationPolicy],
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Jun 13 16:51:29 UTC 2024
    - 5.2K bytes
    - Viewed (0)
  3. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/workloads.go 

    }

func fetchPeerAuthentications(
	ctx krt.HandlerContext,
	PeerAuths krt.Collection[*securityclient.PeerAuthentication],
	meshCfg *MeshConfig,
	ns string,
	matchLabels map[string]string,
) []*securityclient.PeerAuthentication {
	return krt.Fetch(ctx, PeerAuths, krt.FilterGeneric(func(a any) bool {
		pol := a.(*securityclient.PeerAuthentication)
		if pol.Namespace == meshCfg.GetRootNamespace() && pol.Spec.Selector == nil {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Jun 13 16:51:29 UTC 2024
    - 20.9K bytes
    - Viewed (0)
  4. github.com/istio/istio

    pilot/pkg/xds/workload_test.go 

    	clienttest.NewWriter[*securityclient.AuthorizationPolicy](s.T(), s.KubeClient()).Create(&securityclient.AuthorizationPolicy{
		ObjectMeta: metav1.ObjectMeta{
			Name:      name,
			Namespace: ns,
		},
		Spec: v1beta1.AuthorizationPolicy{},
	})
}

func deletePeerAuthentication(s *xds.FakeDiscoveryServer, name string, ns string) {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Apr 18 19:09:43 UTC 2024
    - 15.9K bytes
    - Viewed (0)
  5. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/ambientindex.go 

    	authzPolicies := kclient.NewDelayedInformer[*securityclient.AuthorizationPolicy](options.Client,
		gvr.AuthorizationPolicy, kubetypes.StandardInformer, filter)
	AuthzPolicies := krt.WrapClient[*securityclient.AuthorizationPolicy](authzPolicies, krt.WithName("AuthorizationPolicies"))

	peerAuths := kclient.NewDelayedInformer[*securityclient.PeerAuthentication](options.Client,
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Apr 19 17:19:41 UTC 2024
    - 15.8K bytes
    - Viewed (0)
  6. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go 

    // [static STRICT policy, port-level STRICT policy] based on the effective PeerAuthentication policy
func convertedSelectorPeerAuthentications(rootNamespace string, configs []*securityclient.PeerAuthentication) []string {
	var meshCfg, namespaceCfg, workloadCfg *securityclient.PeerAuthentication
	for _, cfg := range configs {
		spec := &cfg.Spec
		if spec.Selector == nil || len(spec.Selector.MatchLabels) == 0 {
			// Namespace-level or mesh-level policy
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Apr 15 16:23:36 UTC 2024
    - 18.4K bytes
    - Viewed (0)
  7. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/workloads_test.go 

    	"testing"

	v1 "k8s.io/api/core/v1"
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

	networking "istio.io/api/networking/v1alpha3"
	networkingclient "istio.io/client-go/pkg/apis/networking/v1alpha3"
	securityclient "istio.io/client-go/pkg/apis/security/v1beta1"
	"istio.io/istio/pilot/pkg/model"
	"istio.io/istio/pkg/config/labels"
	"istio.io/istio/pkg/config/mesh"
	"istio.io/istio/pkg/config/schema/kind"
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Jun 13 16:51:29 UTC 2024
    - 20.3K bytes
    - Viewed (0)
Back to top