Workload Identity reconciler integration using SPIFFE #809
Conversation
|
Hi @PrimalPimmy. Thanks for your PR. I'm waiting for a nephio-project member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/ok-to-test |
Signed-off-by: PrimalPimmy <[email protected]> minor fix Signed-off-by: PrimalPimmy <[email protected]> Cluster reconciler Signed-off-by: PrimalPimmy <[email protected]> Cluster reconciler Signed-off-by: PrimalPimmy <[email protected]> sending bundle to remote cluster Signed-off-by: PrimalPimmy <[email protected]> Test Signed-off-by: PrimalPimmy <[email protected]> Spire auth inside reconciler Signed-off-by: PrimalPimmy <[email protected]> Vault authentication and fetching kubeconfig Signed-off-by: PrimalPimmy <[email protected]> Some testing Signed-off-by: PrimalPimmy <[email protected]> Mid testing Signed-off-by: PrimalPimmy <[email protected]> Mid testing Signed-off-by: PrimalPimmy <[email protected]> Mid testing Signed-off-by: PrimalPimmy <[email protected]> Mid testing-2 Signed-off-by: PrimalPimmy <[email protected]> Mid testing-2 Signed-off-by: PrimalPimmy <[email protected]> Mid testing-2 Signed-off-by: PrimalPimmy <[email protected]> Mid testing-3 Signed-off-by: PrimalPimmy <[email protected]> Mid testing-3 Signed-off-by: PrimalPimmy <[email protected]> Mid testing-3 Signed-off-by: PrimalPimmy <[email protected]> Refactoring Signed-off-by: PrimalPimmy <[email protected]> Kubeconfig test Signed-off-by: PrimalPimmy <[email protected]> Removed found Signed-off-by: PrimalPimmy <[email protected]> log testing Signed-off-by: PrimalPimmy <[email protected]> log testing Signed-off-by: PrimalPimmy <[email protected]> log testing Signed-off-by: PrimalPimmy <[email protected]> Getting svid Signed-off-by: PrimalPimmy <[email protected]> Getting svid-2 Signed-off-by: PrimalPimmy <[email protected]> Getting svid-2 Signed-off-by: PrimalPimmy <[email protected]> Getting svid-3 Signed-off-by: PrimalPimmy <[email protected]> Getting svid-4 Signed-off-by: PrimalPimmy <[email protected]> Getting svid-5 Signed-off-by: PrimalPimmy <[email protected]> Getting svid-6 Signed-off-by: PrimalPimmy <[email protected]> Vault addr and patch configmap Signed-off-by: PrimalPimmy <[email protected]> Vault addr and patch configmap Signed-off-by: PrimalPimmy <[email protected]> Restricted Kubeconfig Signed-off-by: PrimalPimmy <[email protected]> configmap perms Signed-off-by: PrimalPimmy <[email protected]> server addr Signed-off-by: PrimalPimmy <[email protected]> Struct to yaml Signed-off-by: PrimalPimmy <[email protected]> Struct to yaml Signed-off-by: PrimalPimmy <[email protected]> Reverting changes Signed-off-by: PrimalPimmy <[email protected]> Reverting changes Signed-off-by: PrimalPimmy <[email protected]> Reverting changes Signed-off-by: PrimalPimmy <[email protected]> Reverting changes Signed-off-by: PrimalPimmy <[email protected]> Reverting changes Signed-off-by: PrimalPimmy <[email protected]> Reverting changes Signed-off-by: PrimalPimmy <[email protected]> Reverting changes Signed-off-by: PrimalPimmy <[email protected]> Reverting changes Signed-off-by: PrimalPimmy <[email protected]> yaml indent fixing Signed-off-by: PrimalPimmy <[email protected]> yaml indent fixing Signed-off-by: PrimalPimmy <[email protected]> yaml indent fixing Signed-off-by: PrimalPimmy <[email protected]> Some cleanup Signed-off-by: PrimalPimmy <[email protected]> Some cleanup Signed-off-by: PrimalPimmy <[email protected]> Debugging Signed-off-by: PrimalPimmy <[email protected]> Debugging Signed-off-by: PrimalPimmy <[email protected]> Debugging Signed-off-by: PrimalPimmy <[email protected]> Debugging Signed-off-by: PrimalPimmy <[email protected]> vault storage change Signed-off-by: PrimalPimmy <[email protected]> Added kubeconfig change Signed-off-by: PrimalPimmy <[email protected]> Spire-agent conf, vault testing Signed-off-by: PrimalPimmy <[email protected]> Spire-agent conf, vault testing Signed-off-by: PrimalPimmy <[email protected]> Spire-agent conf, vault testing Signed-off-by: PrimalPimmy <[email protected]> Spire-agent conf, vault testing Signed-off-by: PrimalPimmy <[email protected]> module testing Signed-off-by: PrimalPimmy <[email protected]> revert module change Signed-off-by: PrimalPimmy <[email protected]> Vault JWT role detect Signed-off-by: PrimalPimmy <[email protected]> Vault JWT role detect Signed-off-by: PrimalPimmy <[email protected]> Vault JWT role detect-2 Signed-off-by: PrimalPimmy <[email protected]>
Signed-off-by: PrimalPimmy <[email protected]>
Signed-off-by: PrimalPimmy <[email protected]>
Signed-off-by: PrimalPimmy <[email protected]>
PrimalPimmy
force-pushed
the
spire-fixes
branch
from
b1b3497
to
60bb4c8
Compare
|
@PrimalPimmy I think maybe we should take another look at this in SIG-Auto. Would you be able to schedule it on the agenda for one of the upcoming meetings? |
|
Sure @liamfallon . Where do I post about this to schedule it? cc: @nyrahul |
|
Please enter an item on the agenda for a forthcoming meeting, the agenda document is here: |
Signed-off-by: PrimalPimmy <[email protected]>
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
This PR initiates the work to implement workload Identity in the nephio ecosystem. More documentation can be found here:
Design Document: https://docs.google.com/document/d/1k8Hcd7tJKPIsyiYZX6hpRECuJ4IIxVnaESghU5bLNVQ/edit?usp=sharing
User Story: https://docs.google.com/document/d/1nkh7tTItwii1bY877PfzjFCBtmRos4IDh5EOJxWXRdg/edit?usp=sharing