trustdomain

package
v0.0.0-...-055e235 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 28, 2024 License: Apache-2.0 Imports: 5 Imported by: 3

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Bundle

type Bundle struct {
	// Contain the local trust domain and its aliases.
	// The trust domain corresponds to the trust root of a system.
	// Refer to [SPIFFE-ID](https://github.com/spiffe/spiffe/blob/master/standards/SPIFFE-ID.md#21-trust-domain)
	// The trust domain aliases represent the aliases of `trust_domain`.
	// For example, if we have
	// trustDomain: td1, trustDomainAliases: ["td2", "td3"]
	// Any service with the identity `td1/ns/foo/sa/a-service-account`, `td2/ns/foo/sa/a-service-account`,
	// or `td3/ns/foo/sa/a-service-account` will be treated the same in the Istio mesh.
	TrustDomains []string
}

func NewBundle

func NewBundle(trustDomain string, trustDomainAliases []string) Bundle

NewBundle returns a new trust domain bundle.

func (Bundle) ReplaceTrustDomainAliases

func (t Bundle) ReplaceTrustDomainAliases(principals []string) []string

ReplaceTrustDomainAliases checks the existing principals and returns a list of new principals with the current trust domain and its aliases. For example, for a user "bar" in namespace "foo". If the local trust domain is "td2" and its alias is "td1" (migrating from td1 to td2), replaceTrustDomainAliases returns ["td2/ns/foo/sa/bar", "td1/ns/foo/sa/bar]].

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL