Workload Identity reconciler integration using SPIFFE #809
Conversation
|
Hi @PrimalPimmy. Thanks for your PR. I'm waiting for a nephio-project member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/ok-to-test |
Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> minor fix Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Cluster reconciler Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Cluster reconciler Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> sending bundle to remote cluster Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Test Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Spire auth inside reconciler Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Vault authentication and fetching kubeconfig Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Some testing Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Mid testing Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Mid testing Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Mid testing Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Mid testing-2 Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Mid testing-2 Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Mid testing-2 Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Mid testing-3 Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Mid testing-3 Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Mid testing-3 Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Refactoring Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Kubeconfig test Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Removed found Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> log testing Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> log testing Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> log testing Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Getting svid Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Getting svid-2 Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Getting svid-2 Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Getting svid-3 Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Getting svid-4 Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Getting svid-5 Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Getting svid-6 Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Vault addr and patch configmap Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Vault addr and patch configmap Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Restricted Kubeconfig Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> configmap perms Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> server addr Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Struct to yaml Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Struct to yaml Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Reverting changes Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Reverting changes Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Reverting changes Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Reverting changes Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Reverting changes Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Reverting changes Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Reverting changes Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Reverting changes Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> yaml indent fixing Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> yaml indent fixing Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> yaml indent fixing Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Some cleanup Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Some cleanup Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Debugging Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Debugging Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Debugging Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Debugging Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> vault storage change Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Added kubeconfig change Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Spire-agent conf, vault testing Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Spire-agent conf, vault testing Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Spire-agent conf, vault testing Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Spire-agent conf, vault testing Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> module testing Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> revert module change Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Vault JWT role detect Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Vault JWT role detect Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com> Vault JWT role detect-2 Signed-off-by: PrimalPimmy <Prashant20.pm@gmail.com>
Signed-off-by: PrimalPimmy <prashant20.pm@gmail.com>
Signed-off-by: PrimalPimmy <prashant20.pm@gmail.com>
Signed-off-by: PrimalPimmy <prashant20.pm@gmail.com>
PrimalPimmy
force-pushed
the
spire-fixes
branch
from
b1b3497 to
60bb4c8
Compare
|
@PrimalPimmy I think maybe we should take another look at this in SIG-Auto. Would you be able to schedule it on the agenda for one of the upcoming meetings? |
|
Sure @liamfallon . Where do I post about this to schedule it? cc: @nyrahul |
|
Please enter an item on the agenda for a forthcoming meeting, the agenda document is here: |
Signed-off-by: PrimalPimmy <prashant20.pm@gmail.com>
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
This PR initiates the work to implement workload Identity in the nephio ecosystem. More documentation can be found here:
Design Document: https://docs.google.com/document/d/1k8Hcd7tJKPIsyiYZX6hpRECuJ4IIxVnaESghU5bLNVQ/edit?usp=sharing
User Story: https://docs.google.com/document/d/1nkh7tTItwii1bY877PfzjFCBtmRos4IDh5EOJxWXRdg/edit?usp=sharing