- Sort Score
- Result 10 results
- Languages All
Results 11 - 20 of 193 for cpsr (0.05 sec)
-
releasenotes/notes/limit-csr-clusterrole.yaml
apiVersion: release-notes/v2 kind: feature area: installation releaseNotes: - | **Added** check to limit the clusterrole for k8s CSR permissions for
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Mar 21 19:34:22 UTC 2023 - 272 bytes - Viewed (0) -
security/pkg/k8s/chiron/utils.go
// 1. Submit the CSR csr, err := submitCSR(client, csrData, signerName, usages, requestedLifetime) if err != nil { return nil, nil, err } log.Debugf("CSR (%v) has been created", csr.Name) // clean up certificate request after deletion defer func() { _ = cleanupCSR(client, csr) }() // 2. Approve the CSR if approveCsr {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Apr 05 18:11:22 UTC 2024 - 9.2K bytes - Viewed (0) -
pkg/controller/certificates/cleaner/cleaner.go
if err := ccc.csrClient.Delete(ctx, csr.Name, metav1.DeleteOptions{}); err != nil { return fmt.Errorf("unable to delete CSR %q: %v", csr.Name, err) } } return nil } // isIssuedExpired checks if the CSR has been issued a certificate and if the // expiration of the certificate (the NotAfter value) has passed.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Mar 15 03:26:08 UTC 2023 - 8K bytes - Viewed (0) -
pkg/controller/certificates/certificate_controller.go
defer func() { logger.V(4).Info("Finished syncing certificate request", "csr", key, "elapsedTime", time.Since(startTime)) }() csr, err := cc.csrLister.Get(key) if errors.IsNotFound(err) { logger.V(3).Info("csr has been deleted", "csr", key) return nil } if err != nil { return err } if len(csr.Status.Certificate) > 0 { // no need to do anything because it already has a cert
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat May 04 18:33:12 UTC 2024 - 6.4K bytes - Viewed (0) -
pkg/controller/certificates/approver/sarapprove.go
} func (a *sarApprover) handle(ctx context.Context, csr *capi.CertificateSigningRequest) error { if len(csr.Status.Certificate) != 0 { return nil } if approved, denied := certificates.GetCertApprovalCondition(&csr.Status); approved || denied { return nil } x509cr, err := capihelper.ParseCSR(csr.Spec.Request) if err != nil { return fmt.Errorf("unable to parse csr %q: %v", csr.Name, err) } tried := []string{}
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Jun 21 16:03:42 UTC 2023 - 5.3K bytes - Viewed (0) -
pkg/test/csrctrl/controllers/csr_controller.go
switch { case !csr.DeletionTimestamp.IsZero(): log.Info("CSR has been deleted. Ignoring.") case csr.Spec.SignerName == "": log.Info("CSR does not have a signer name. Ignoring.") case !exist: log.Infof("CSR signer name does not match. Ignoring. signer-name: %s, have %v", csr.Spec.SignerName, strings.Join(maps.Keys(s.signers), ",")) case csr.Status.Certificate != nil:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 24 17:36:41 UTC 2023 - 3.9K bytes - Viewed (0) -
security/pkg/nodeagent/test/mock/caserver.go
s.faultInjectLock.Unlock() return empty } // CreateCertificate handles CSR. func (s *CAServer) CreateCertificate(ctx context.Context, request *pb.IstioCertificateRequest) ( *pb.IstioCertificateResponse, error, ) { caServerLog.Infof("received CSR request") if s.shouldReject() { caServerLog.Info("force rejecting CSR request") return nil, status.Error(codes.Unavailable, "CA server is not available") }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 5.9K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/util/webhook/gencerts.sh
openssl x509 -req -in caCertInter.csr -CA caCert.pem -CAkey caKey.pem -CAcreateserial -out caCertInter.pem -days 100000 -extensions v3_ca -extfile intermediate_ca.conf # Create an intermediate certificate authority with sha1 signature openssl req -new -nodes -key caKeyInter.pem -days 100000 -out caCertInterSHA1.csr -subj "/CN=${CN_BASE}_intermediate_ca"
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Mar 25 15:57:40 UTC 2022 - 5.7K bytes - Viewed (0) -
pkg/registry/certificates/certificates/strategy.go
csr := obj.(*certificates.CertificateSigningRequest) // Clear any user-specified info csr.Spec.Username = "" csr.Spec.UID = "" csr.Spec.Groups = nil csr.Spec.Extra = nil // Inject user.Info from request context if user, ok := genericapirequest.UserFrom(ctx); ok { csr.Spec.Username = user.GetName() csr.Spec.UID = user.GetUID() csr.Spec.Groups = user.GetGroups()
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Mar 18 21:41:43 UTC 2022 - 11.4K bytes - Viewed (0) -
security/pkg/pki/util/generate_csr_test.go
} else { t.Errorf("%s: failed to gen CSR", id) } } pemBlock, _ := pem.Decode(csrPem) if pemBlock == nil { t.Fatalf("%s: failed to decode csr", id) } csr, err := x509.ParseCertificateRequest(pemBlock.Bytes) if err != nil { t.Fatalf("%s: failed to parse csr", id) } if err = csr.CheckSignature(); err != nil { t.Errorf("%s: csr signature is invalid", id) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Feb 25 09:40:13 UTC 2022 - 5.5K bytes - Viewed (0)