- Sort Score
- Result 10 results
- Languages All
Results 51 - 60 of 81 for trust_domain (0.19 sec)
-
pkg/spiffe/spiffe_test.go
testCases := []struct { namespace string trustDomain string serviceAccount string expectedError string expectedURI string }{ { serviceAccount: "sa", trustDomain: defaultTrustDomain, expectedError: "namespace or service account empty for SPIFFE uri", }, { namespace: "ns", trustDomain: defaultTrustDomain,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 18.1K bytes - Viewed (0) -
pkg/spiffe/spiffe.go
func (v *PeerCertVerifier) AddMapping(trustDomain string, certs []*x509.Certificate) { if v.certPools[trustDomain] == nil { v.certPools[trustDomain] = x509.NewCertPool() } for _, cert := range certs { v.certPools[trustDomain].AddCert(cert) v.generalCertPool.AddCert(cert) } spiffeLog.Infof("Added %d certs to trust domain %s in peer cert verifier", len(certs), trustDomain) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 11.1K bytes - Viewed (0) -
istioctl/pkg/writer/ztunnel/configdump/testdata/dump.json
"port": 15008 }, "protocol": "HBONE", "uid": "Kubernetes//Pod/bookinfo/ratings-v1-6484c4d9bb-mdxm5", "name": "ratings-v1-6484c4d9bb-mdxm5", "namespace": "bookinfo", "trustDomain": "cluster.local", "serviceAccount": "bookinfo-ratings", "workloadName": "ratings-v1", "workloadType": "deployment", "canonicalName": "ratings", "canonicalRevision": "v1",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Apr 16 03:28:36 UTC 2024 - 33.1K bytes - Viewed (0) -
pilot/pkg/networking/plugin/authz/authorization.go
} func NewBuilderForService(actionType ActionType, push *model.PushContext, proxy *model.Proxy, useFilterState bool, svc *model.Service) *Builder { tdBundle := trustdomain.NewBundle(push.Mesh.TrustDomain, push.Mesh.TrustDomainAliases) option := builder.Option{ IsCustomBuilder: actionType == Custom, UseFilterState: useFilterState, UseExtendedJwt: proxy.SupportsEnvoyExtendedJwt(), }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 2.7K bytes - Viewed (0) -
istioctl/pkg/writer/ztunnel/configdump/api.go
CanonicalName string `json:"canonicalName"` CanonicalRevision string `json:"canonicalRevision"` ClusterID string `json:"clusterId"` TrustDomain string `json:"trustDomain,omitempty"` Locality Locality `json:"locality,omitempty"` Node string `json:"node"` Network string `json:"network,omitempty"`
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 16:51:29 UTC 2024 - 5.5K bytes - Viewed (0) -
pilot/pkg/networking/plugin/authn/authentication.go
applier: applier, proxy: proxy, trustDomains: trustDomains, } } func (b *Builder) ForPort(port uint32) authn.MTLSSettings { if b == nil { return authn.MTLSSettings{ Port: port, Mode: model.MTLSDisable, } } return b.applier.InboundMTLSSettings(port, b.proxy, b.trustDomains, authn.NoOverride) } func (b *Builder) ForHBONE() authn.MTLSSettings { if b == nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 4.4K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/fuzz_test.go
package builder import ( "testing" "istio.io/istio/pilot/pkg/model" "istio.io/istio/pilot/pkg/security/trustdomain" "istio.io/istio/pkg/fuzz" ) func FuzzBuildHTTP(f *testing.F) { fuzz.Fuzz(f, func(fg fuzz.Helper) { bundle := fuzz.Struct[trustdomain.Bundle](fg) push := fuzz.Struct[*model.PushContext](fg, validatePush) node := fuzz.Struct[*model.Proxy](fg)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 1.9K bytes - Viewed (0) -
pilot/cmd/pilot-agent/options/security.go
credFetcher, err := credentialfetcher.NewCredFetcher(credFetcherTypeEnv, o.TrustDomain, jwtPath, o.CredIdentityProvider) if err != nil { return nil, fmt.Errorf("failed to create credential fetcher: %v", err) } log.Infof("using credential fetcher of %s type in %s trust domain", credFetcherTypeEnv, o.TrustDomain) o.CredFetcher = credFetcher if o.CAProviderName == security.GkeWorkloadCertificateProvider {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 22:12:28 UTC 2024 - 4.7K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/builder_test.go
name: "trust-domain-wildcard-in-principal", tdBundle: trustdomain.NewBundle("td1", []string{"foobar"}), input: "simple-policy-principal-with-wildcard-in.yaml", want: []string{"simple-policy-principal-with-wildcard-out.yaml"}, }, { name: "trust-domain-aliases-in-source-principal", tdBundle: trustdomain.NewBundle("new-td", []string{"old-td", "some-trustdomain"}), input: "td-aliases-source-principal-in.yaml",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 13.8K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/files/waypoint.yaml
- name: ISTIO_META_MESH_ID value: "{{ .Values.global.meshID }}" {{- else if (valueOrDefault .MeshConfig.TrustDomain .Values.global.trustDomain) }} - name: ISTIO_META_MESH_ID value: "{{ (valueOrDefault .MeshConfig.TrustDomain .Values.global.trustDomain) }}" {{- end }} resources: limits: cpu: "2" memory: 1Gi requests:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 22:41:03 UTC 2024 - 10.3K bytes - Viewed (0)