- Sort Score
- Result 10 results
- Languages All
Results 41 - 50 of 77 for Authz (0.07 sec)
-
staging/src/k8s.io/apiserver/pkg/admission/plugin/cel/filter_test.go
&condition{ Expression: "authorizer.group('').resource('endpoints').check('create').errored()", }, &condition{ Expression: "authorizer.group('').resource('endpoints').check('create').error() == 'fake authz error'", }, &condition{ Expression: "authorizer.group('').resource('endpoints').check('create').allowed()", }, }, attributes: newValidAttribute(&podObject, false),
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri May 10 22:07:40 UTC 2024 - 40.4K bytes - Viewed (0) -
prow/lib.sh
# Build just the images needed for tests targets="docker.pilot docker.proxyv2 " # use ubuntu:jammy to test vms by default nonDistrolessTargets="docker.app docker.app_sidecar_ubuntu_noble docker.ext-authz " if [[ "${JOB_TYPE:-presubmit}" == "postsubmit" ]]; then # We run tests across all VM types only in postsubmit
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 09 12:26:52 UTC 2024 - 8.1K bytes - Viewed (0) -
plugin/pkg/admission/certificates/ctbattest/admission_test.go
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Apr 24 18:25:29 UTC 2024 - 10.9K bytes - Viewed (0) -
pkg/test/framework/components/echo/config.go
// The set of environment variables to set for `DeployAsVM` instances. VMEnvironment map[string]string // If enabled, an additional ext-authz container will be included in the deployment. This is mainly used to test // the CUSTOM authorization policy when the ext-authz server is deployed locally with the application container in // the same pod. IncludeExtAuthz bool
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 09 12:26:52 UTC 2024 - 18.2K bytes - Viewed (0) -
cmd/iam.go
} // IsAllowed - checks given policy args is allowed to continue the Rest API. func (sys *IAMSys) IsAllowed(args policy.Args) bool { // If opa is configured, use OPA always. if authz := newGlobalAuthZPluginFn(); authz != nil { ok, err := authz.IsAllowed(args) if err != nil { authZLogIf(GlobalContext, err) } return ok } // Policies don't apply to the owner. if args.IsOwner {
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu Jun 13 22:26:38 UTC 2024 - 71.9K bytes - Viewed (0) -
pilot/pkg/model/sidecar_test.go
{kind.AuthorizationPolicy, "authz", "default"}: true, }}, {"AuthorizationPolicy in a different ns from workload", []string{"*/*"}, map[ConfigKey]bool{ {kind.AuthorizationPolicy, "authz", "ns1"}: false, }}, {"AuthorizationPolicy in the root namespace", []string{"*/*"}, map[ConfigKey]bool{ {kind.AuthorizationPolicy, "authz", constants.IstioSystemNamespace}: true, }},
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 07 09:38:49 UTC 2024 - 74.3K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/ambientindex_test.go
Kind: kind.PeerAuthentication, Name: "selector-strict", Namespace: "ns1", }))}) s.assertEvent(t, xdsSelector) s.authz.Delete("selector", testNS) s.assertEvent(t, s.podXdsName("pod1"), s.podXdsName("pod3"), xdsSelector) assert.Equal(t, s.lookup(s.addrXdsName("127.0.0.1"))[0].Address.GetWorkload().AuthorizationPolicies,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 08 01:04:50 UTC 2024 - 70.2K bytes - Viewed (0) -
pilot/pkg/networking/core/gateway_test.go
Host: "http.com", }, }, }, }, }, }, }, { Meta: config.Meta{Name: "wasm-authz", Namespace: "istio-system", GroupVersionKind: gvk.WasmPlugin}, Spec: &extensions.WasmPlugin{ Phase: extensions.PluginPhase_AUTHZ, Type: extensions.PluginType_NETWORK, }, }, {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 06 04:44:06 UTC 2024 - 144K bytes - Viewed (0) -
pilot/pkg/security/authz/model/generator.go
rbacpb "github.com/envoyproxy/go-control-plane/envoy/config/rbac/v3" matcherpb "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3" "istio.io/istio/pilot/pkg/networking/util" "istio.io/istio/pilot/pkg/security/authz/matcher" "istio.io/istio/pilot/pkg/xds/filters" "istio.io/istio/pkg/config/security" "istio.io/istio/pkg/spiffe" ) type generator interface { permission(key, value string, forTCP bool) (*rbacpb.Permission, error)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri May 03 18:02:42 UTC 2024 - 14.1K bytes - Viewed (0) -
pilot/pkg/networking/core/route/route.go
"istio.io/istio/pilot/pkg/model" "istio.io/istio/pilot/pkg/networking/core/route/retry" "istio.io/istio/pilot/pkg/networking/telemetry" "istio.io/istio/pilot/pkg/networking/util" authz "istio.io/istio/pilot/pkg/security/authz/model" "istio.io/istio/pilot/pkg/util/protoconv" "istio.io/istio/pkg/config" "istio.io/istio/pkg/config/constants" "istio.io/istio/pkg/config/host" "istio.io/istio/pkg/config/labels"
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 14 14:12:39 UTC 2024 - 56.1K bytes - Viewed (0)