- Sort Score
- Result 10 results
- Languages All
Results 21 - 30 of 329 for serviceAccount (0.63 sec)
-
pkg/test/framework/components/echo/common/deployment/echos.go
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 20 16:01:31 UTC 2024 - 16K bytes - Viewed (0) -
pkg/kubeapiserver/authenticator/config.go
} allPublicKeys = append(allPublicKeys, publicKeys...) } validator, err := serviceaccount.NewLegacyValidator(lookup, serviceAccountGetter, secretsWriter) if err != nil { return nil, fmt.Errorf("while creating legacy validator, err: %w", err) } tokenAuthenticator := serviceaccount.JWTTokenAuthenticator([]string{serviceaccount.LegacyIssuer}, allPublicKeys, apiAudiences, validator) return tokenAuthenticator, nil }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat Mar 09 19:29:33 UTC 2024 - 15.4K bytes - Viewed (0) -
tests/integration/security/egress_sidecar_tls_origination_test.go
}, }, } for _, tc := range testCases { t.NewSubTest(tc.name).Run(func(t framework.TestContext) { if tc.authorizeSidecar { serviceAccount := tc.from.Config().ServiceAccountName() serviceAccountName := serviceAccount[strings.LastIndex(serviceAccount, "/")+1:] authorizeSidecar(t, tc.from.Config().Namespace, serviceAccountName) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 10.4K bytes - Viewed (0) -
pkg/test/framework/components/echo/kube/deployment.go
} return config, nil } func createServiceAccount(client kubernetes.Interface, ns string, serviceAccount string) error { scopes.Framework.Debugf("Creating service account for: %s/%s", ns, serviceAccount) _, err := client.CoreV1().ServiceAccounts(ns).Create(context.TODO(), &corev1.ServiceAccount{ ObjectMeta: metav1.ObjectMeta{Name: serviceAccount}, }, metav1.CreateOptions{}) return err }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 09 12:26:52 UTC 2024 - 24.1K bytes - Viewed (0) -
pilot/pkg/serviceregistry/serviceentry/conversion.go
Addresses: svc.GetAddresses(proxy), // This is based on alpha.istio.io/canonical-serviceaccounts and // alpha.istio.io/kubernetes-serviceaccounts. SubjectAltNames: svc.ServiceAccounts, } if len(svc.Attributes.LabelSelectors) > 0 { se.WorkloadSelector = &networking.WorkloadSelector{Labels: svc.Attributes.LabelSelectors} }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 02:03:58 UTC 2024 - 16.9K bytes - Viewed (0) -
pkg/registry/core/serviceaccount/storage/token.go
if err != nil { return nil, err } pod = podObj.(*api.Pod) if name != pod.Spec.ServiceAccountName { return nil, errors.NewBadRequest(fmt.Sprintf("cannot bind token for serviceaccount %q to pod running with different serviceaccount name.", name)) } uid = pod.UID if utilfeature.DefaultFeatureGate.Enabled(features.ServiceAccountTokenPodNodeInfo) { if nodeName := pod.Spec.NodeName; nodeName != "" {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Feb 05 10:24:31 UTC 2024 - 10K bytes - Viewed (0) -
istioctl/pkg/workload/workload_test.go
} }) t.Run(dir.Name(), func(t *testing.T) { createClientFunc := func(client kube.CLIClient) { client.Kube().CoreV1().ServiceAccounts("bar").Create(context.Background(), &v1.ServiceAccount{ ObjectMeta: metav1.ObjectMeta{Namespace: "bar", Name: "vm-serviceaccount"}, Secrets: []v1.ObjectReference{{Name: "test"}}, }, metav1.CreateOptions{})
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Mar 27 16:59:05 UTC 2024 - 14.6K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/files/waypoint.yaml
apiVersion: v1 kind: ServiceAccount metadata: name: {{.ServiceAccount | quote}} namespace: {{.Namespace | quote}} annotations: {{- toJsonMap (omit .InfrastructureAnnotations "kubectl.kubernetes.io/last-applied-configuration" "gateway.istio.io/name-override" "gateway.istio.io/service-account" "gateway.istio.io/controller-version") | nindent 4 }} labels: {{- toJsonMap .InfrastructureLabels (strdict
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 22:41:03 UTC 2024 - 10.3K bytes - Viewed (0) -
plugin/pkg/admission/serviceaccount/admission_test.go
admit.SetExternalKubeInformerFactory(informerFactory) admit.MountServiceAccountToken = true // Add the default service account for the ns into the cache informerFactory.Core().V1().ServiceAccounts().Informer().GetStore().Add(&corev1.ServiceAccount{ ObjectMeta: metav1.ObjectMeta{ Name: DefaultServiceAccountName, Namespace: ns, }, }) v1PodIn := &corev1.Pod{ Spec: corev1.PodSpec{
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Apr 12 17:49:30 UTC 2024 - 36.9K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/cel/library/authz.go
// // authorizer.serviceAccount('default', 'myserviceaccount') // returns an Authorizer for the service account with namespace 'default' and name 'myserviceaccount' // authorizer.serviceAccount('not@a#valid!namespace', 'validname') // returns an error // authorizer.serviceAccount('valid.example.com', 'invalid@*name') // returns an error // // resource // // Returns a ResourceCheck configured to check authorization for a particular API resource.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Aug 23 21:31:27 UTC 2023 - 21.1K bytes - Viewed (0)