spiffe-helper issues

Kubernetes Sidecar Usecase

6

It would be great if spiffe-helper could be used as a sidecar under Kubernetes. This would require two different modes of operation to function well. 1. a new flag for...

kfox1111

Add support for JWT extra audiences

Documented here: https://github.com/spiffe/go-spiffe/blob/main/v2/svid/jwtsvid/source.go#L12

faisal-memon

JWT SVIDs are missing tests in sidecar_test.go

keeganwitt

Remove camel case config

faisal-memon

Change SPIRE_AGENT_ADDRESS to SPIFFE_ENDPOINT_SOCKET

SPIFFE standard already specifies SPIFFE_ENDPOINT_SOCKET as the name for the env var.

faisal-memon

Support for federated mode

5

In federated mode, peer CA bundles are stored as separate files from the local CA bundle, svid key, and svid cert. Briefly looking at the code, it seems to be...

huang195

Document default values in main readme

Right now it just shows example values.

faisal-memon

Add default socket path

3

Add default socket path, using the same than spire (/tmp/spire-agent/public/api.sock)

MarcosDY

Add plugins for reload notifications

In current implementation we supports sending signals or running an script in order to communicate process that a SVID was rotated, but now we have windows where signals is not...

MarcosDY

Setup integration test for simple example

faisal-memon

spiffe-helper
spiffe-helper copied to clipboard

Metadata

Kubernetes Sidecar Usecase

Add support for JWT extra audiences

JWT SVIDs are missing tests in sidecar_test.go

Remove camel case config

Change SPIRE_AGENT_ADDRESS to SPIFFE_ENDPOINT_SOCKET

Support for federated mode

Document default values in main readme

Add default socket path

Add plugins for reload notifications

Setup integration test for simple example

← Metadata

Owner

Metadata

spiffe-helper spiffe-helper copied to clipboard

Metadata

← Metadata

Owner

Metadata

spiffe-helper
spiffe-helper copied to clipboard