- Sort Score
- Result 10 results
- Languages All
Results 11 - 20 of 424 for serviceAccounts (0.2 sec)
-
pilot/pkg/networking/core/cluster_tls.go
} // For backward compatibility, use metadata certs if provided. if cb.hasMetadataCerts() { return cb.buildMutualTLS(serviceAccounts, sni), autoDetected } // Build settings for auto MTLS. return cb.buildIstioMutualTLS(serviceAccounts, sni), autoDetected } func (cb *ClusterBuilder) hasMetadataCerts() bool { return cb.metadataCerts != nil }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 19:09:43 UTC 2024 - 19.2K bytes - Viewed (0) -
pkg/kubeapiserver/options/authentication_test.go
testAuthenticationConfigFile string expectErr string enabledFeatures, disabledFeatures []featuregate.Feature }{ { name: "test when OIDC and ServiceAccounts are nil", }, { name: "test when OIDC and ServiceAccounts are valid", testOIDC: &OIDCAuthenticationOptions{ UsernameClaim: "sub", SigningAlgs: []string{"RS256"}, IssuerURL: "https://testIssuerURL",
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Apr 24 18:25:29 UTC 2024 - 36.5K bytes - Viewed (0) -
plugin/pkg/admission/serviceaccount/admission_test.go
admit.SetExternalKubeInformerFactory(informerFactory) admit.MountServiceAccountToken = true // Add the default service account for the ns into the cache informerFactory.Core().V1().ServiceAccounts().Informer().GetStore().Add(&corev1.ServiceAccount{ ObjectMeta: metav1.ObjectMeta{ Name: DefaultServiceAccountName, Namespace: ns, }, }) v1PodIn := &corev1.Pod{ Spec: corev1.PodSpec{
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Apr 12 17:49:30 UTC 2024 - 36.9K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go
} } // Create the service account sa, err = coreClient.ServiceAccounts(namespace).Create(context.TODO(), &v1.ServiceAccount{ObjectMeta: metav1.ObjectMeta{Namespace: namespace, Name: name}}, metav1.CreateOptions{}) if apierrors.IsAlreadyExists(err) { // If we're racing to init and someone else already created it, re-fetch return coreClient.ServiceAccounts(namespace).Get(context.TODO(), name, metav1.GetOptions{}) } return sa, err
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Feb 05 10:24:31 UTC 2024 - 8.1K bytes - Viewed (0) -
plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go
rbacv1helpers.NewRule("delete").Groups(legacyGroup).Resources("secrets").RuleOrDie(), rbacv1helpers.NewRule("get").Groups(legacyGroup).Resources("namespaces", "secrets", "serviceaccounts", "configmaps").RuleOrDie(), rbacv1helpers.NewRule("update").Groups(legacyGroup).Resources("secrets", "serviceaccounts").RuleOrDie(),
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Mar 08 19:25:10 UTC 2024 - 34.4K bytes - Viewed (0) -
pilot/pkg/serviceregistry/serviceentry/conversion.go
Addresses: svc.GetAddresses(proxy), // This is based on alpha.istio.io/canonical-serviceaccounts and // alpha.istio.io/kubernetes-serviceaccounts. SubjectAltNames: svc.ServiceAccounts, } if len(svc.Attributes.LabelSelectors) > 0 { se.WorkloadSelector = &networking.WorkloadSelector{Labels: svc.Attributes.LabelSelectors} }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 02:03:58 UTC 2024 - 16.9K bytes - Viewed (0) -
pkg/controlplane/apiserver/config.go
for _, f := range opts.Authentication.ServiceAccounts.KeyFiles { keys, err := keyutil.PublicKeysFromFile(f) if err != nil { return nil, nil, fmt.Errorf("failed to parse key file %q: %w", f, err) } pubKeys = append(pubKeys, keys...) } config.ServiceAccountIssuerURL = opts.Authentication.ServiceAccounts.Issuers[0] config.ServiceAccountJWKSURI = opts.Authentication.ServiceAccounts.JWKSURI
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jun 07 17:57:37 UTC 2024 - 14.9K bytes - Viewed (0) -
pilot/pkg/model/service.go
Port: port.Port, Protocol: port.Protocol, } } else { out.Ports[i] = nil } } } if s.ServiceAccounts != nil { out.ServiceAccounts = make([]string, len(s.ServiceAccounts)) copy(out.ServiceAccounts, s.ServiceAccounts) } out.ClusterVIPs = *s.ClusterVIPs.DeepCopy() return &out } // Equals compares two service objects.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 02:03:58 UTC 2024 - 46.3K bytes - Viewed (0) -
plugin/pkg/admission/serviceaccount/admission.go
return false } // getServiceAccount returns the ServiceAccount for the given namespace and name if it exists func (s *Plugin) getServiceAccount(namespace string, name string) (*corev1.ServiceAccount, error) { serviceAccount, err := s.serviceAccountLister.ServiceAccounts(namespace).Get(name) if err == nil { return serviceAccount, nil } if !errors.IsNotFound(err) { return nil, err }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Apr 12 17:49:30 UTC 2024 - 18.6K bytes - Viewed (0) -
manifests/charts/istio-operator/templates/clusterrole.yaml
- "" resources: - configmaps - endpoints - events - namespaces - pods - pods/proxy - pods/portforward - persistentvolumeclaims - secrets - services - serviceaccounts - resourcequotas verbs: - '*'
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Apr 02 08:32:06 UTC 2024 - 1.9K bytes - Viewed (0)