istio: istio.io/istio/security/pkg/registry/kube Index | Files

package kube

import "istio.io/istio/security/pkg/registry/kube"

Index

Package Files

service.go serviceaccount.go

type ServiceAccountController Uses

type ServiceAccountController struct {
    // contains filtered or unexported fields
}

ServiceAccountController monitors service account definition changes in a namespace. For each service account object, its SpiffeID is added to identity registry for whitelisting purpose.

func NewServiceAccountController Uses

func NewServiceAccountController(core corev1.CoreV1Interface, namespaces []string, reg registry.Registry) *ServiceAccountController

NewServiceAccountController returns a new ServiceAccountController

func (*ServiceAccountController) Run Uses

func (c *ServiceAccountController) Run(stopCh chan struct{})

Run starts the ServiceAccountController until a value is sent to stopCh. It should only be called once.

type ServiceController Uses

type ServiceController struct {
    // contains filtered or unexported fields
}

ServiceController monitors the service definition changes in a namespace. If a new service is added with "alpha.istio.io/kubernetes-serviceaccounts" or "alpha.istio.io/canonical-serviceaccounts" annotations enabled, the corresponding service account will be added to the identity registry for whitelisting.

func NewServiceController Uses

func NewServiceController(core corev1.CoreV1Interface, namespaces []string, reg registry.Registry) *ServiceController

NewServiceController returns a new ServiceController

func (*ServiceController) Run Uses

func (c *ServiceController) Run(stopCh chan struct{})

Run starts the ServiceController until a value is sent to stopCh. It should only be called once.

Package kube imports 13 packages (graph). Updated 2019-07-21. Refresh now. Tools for package owners.