John Howard <******@****.***> 1605827959 -0800

Xiaopeng Han <******@****.***> 1686841337 +0800

			validConfigFilename:   "list.conflist.golden",
			saFilename:            "token-foo",
		},
		{
			name:                "standalone CNI plugin",
			cniConfigFilename:   "istio-cni.conf",
			validConfigFilename: "istio-cni.conf",
			saFilename:          "token-foo",
			saNewFilename:       "token-bar",
		},
	}

	for _, c := range cases {
		t.Run(c.name, func(t *testing.T) {

				}
				return err
			}
			if waitReady {
				startTime := time.Now()
				ticker := time.NewTicker(1 * time.Second)
				defer ticker.Stop()
				for range ticker.C {
					programmed := false
					gwc, err := kubeClient.GatewayAPI().GatewayV1().Gateways(ctx.NamespaceOrDefault(ctx.Namespace())).Get(context.TODO(), gw.Name, metav1.GetOptions{})

  optional string reportingInstance = 5;

  // action is what action was taken/failed regarding to the regarding object. It is machine-readable.
  // This field cannot be empty for new Events and it can have at most 128 characters.
  optional string action = 6;

  // reason is why the action was taken. It is human-readable.
  // This field cannot be empty for new Events and it can have at most 128 characters.

Sergei Gavrilov <******@****.***> 1657207540 +0200

Xiaopeng Han <******@****.***> 1686841337 +0800

// PodFailurePolicyRule describes how a pod failure is handled when the requirements are met.
// One of onExitCodes and onPodConditions, but not both, can be used in each rule.
message PodFailurePolicyRule {
  // Specifies the action taken on a pod failure when the requirements are satisfied.
  // Possible values are:
  //
  // - FailJob: indicates that the pod's job is marked as Failed and all
  //   running pods are terminated.

not have kubernetes signing APIs, # Istiod is the default pilotCertProvider: istiod sds: # The JWT token for SDS and the aud field of such JWT. See RFC 7519, section 4.1.3. # When a CSR is sent from Citadel Agent to the CA (e.g. Citadel), this aud is to make sure the # JWT is intended for the CA. token: aud: istio-ca sts: # The service port used by Security Token Service (STS) server to handle token exchange requests. # Setting this port to a non-zero value enables STS server. servicePort: 0 # whether...

message TokenRequestStatus {
  // Token is the opaque bearer token.
  optional string token = 1;

  // ExpirationTimestamp is the time of expiration of the returned token.
  optional k8s.io.apimachinery.pkg.apis.meta.v1.Time expirationTimestamp = 2;
}

// TokenReview attempts to authenticate a token to a known user.
// Note: TokenReview requests may be cached by the webhook token authenticator