feat: namespace validation in secrets

Open v0lkan opened this issue 1 year ago • 0 comments

right now, a secret can have multiple namespace associations, but the namespaces are never validated during Fetch()

Fetch() shoudld ensure that secrets can only be delivered to workloads that have a matching namespace in their spiffeids.

Fetch() also should validate the spiffeid and ensure that it conforms a strict format.

Apr 01 '24 15:04 v0lkan