Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ServiceAccountController ¶
type ServiceAccountController struct {
// contains filtered or unexported fields
}
ServiceAccountController monitors service account definition changes in a namespace. For each service account object, its SpiffeID is added to identity registry for whitelisting purpose.
func NewServiceAccountController ¶
func NewServiceAccountController(core corev1.CoreV1Interface, namespace string, reg registry.Registry) *ServiceAccountController
NewServiceAccountController returns a new ServiceAccountController
func (*ServiceAccountController) Run ¶
func (c *ServiceAccountController) Run(stopCh chan struct{})
Run starts the ServiceAccountController until a value is sent to stopCh. It should only be called once.
type ServiceController ¶
type ServiceController struct {
// contains filtered or unexported fields
}
ServiceController monitors the service definition changes in a namespace. If a new service is added with "alpha.istio.io/kubernetes-serviceaccounts" annotation enabled, the corresponding service account will be added to the identity registry for whitelisting. TODO: change it to monitor "alpha.istio.io/canonical-serviceaccounts" annotation
func NewServiceController ¶
func NewServiceController(core corev1.CoreV1Interface, namespace string, reg registry.Registry) *ServiceController
NewServiceController returns a new ServiceController
func (*ServiceController) Run ¶
func (c *ServiceController) Run(stopCh chan struct{})
Run starts the ServiceController until a value is sent to stopCh. It should only be called once.
Source Files