spire
spire copied to clipboard
spiffe
The SPIFFE Runtime Environment
Signed-off-by: Faisal Memon **Pull Request check list** - [x] Commit conforms to CONTRIBUTING.md? - [x] Proper tests/regressions included? - [ ] Documentation updated? **Affected functionality** Node attestation **Description of change**...
after following the spire guide https://istio.io/latest/docs/ops/integrations/spire/ to install SPIFFE I'm getting the following error on my ingress-gateway ``` 2022-08-09T15:39:26.825395Z warning envoy config StreamSecrets gRPC config stream closed: 3, workload is...
Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.14 to 1.14.15. Commits d8e192b Update amalgamation code 595e132 Retract +incompatible releases fd616a2 Update supported Go version to Go 1.19 See full diff in compare view [![Dependabot...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
There have been some requests to allow X509-SVID or JWT-SVID field customization. One way in which this might be achieved is by creating a new plugin type that would get...
### Summary This ticket proposes enhancements to the authorization logic in the SPIRE server to support administration actions from a multitude of actor types, including people. It extends on #1975...
``` --- FAIL: TestBan (0.03s) --- FAIL: TestBan/no_spiffe_id (0.00s) socketapi_windows.go:44: Error Trace: D:\a\spire\spire\cmd\spire-server\cli\agent\socketapi_windows.go:44 D:\a\spire\spire\cmd\spire-server\cli\agent\socketapi_windows.go:39 D:\a\spire\spire\cmd\spire-server\cli\agent\socketapi_windows.go:32 D:\a\spire\spire\cmd\spire-server\cli\agent\agent_test.go:479 D:\a\spire\spire\cmd\spire-server\cli\agent\agent_test.go:109 Error: Received unexpected error: open \\.\pipe\pipe\spire-test-cc7f24f1a3fa7a5: Access is denied. Test: TestBan/no_spiffe_id --- FAIL:...
``` --- FAIL: TestKeyManagerContract (47.62s) --- FAIL: TestKeyManagerContract/GetKey (32.75s) --- FAIL: TestKeyManagerContract/GetKey/rsa-4096 (30.04s) keymanagertest.go:219: Error Trace: /Users/runner/work/spire/spire/pkg/server/plugin/keymanager/disk/keymanagertest.go:219 /Users/runner/work/spire/spire/pkg/server/plugin/keymanager/disk/keymanagertest.go:177 Error: Received unexpected error: rpc error: code = DeadlineExceeded desc = keymanager(disk):...
As pointed out in #3110, SPIRE is not RFC compliant in its issuance of X509-SVIDs. The requirement of the RFC is that the Subject DN be unique to each entity,...
Kubernetes does not currently reflect the content-addressable [`image_id` ](https://github.com/opencontainers/image-spec/blob/main/config.md#imageid)as defined in the OCI spec in a constant manner. It does, however, reflect the manifest digest. Binding artifact identity to the...
Updating SPIRE agent SVID cache to be LRU cache. This cache has experimental config fields like `MaxSvidCacheSize` and `SVIDCacheExpiryPeriod`. 1. Size limit of SVID cache is a soft limit which...
