-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
adding support for JWT SVID TTL #189
Conversation
Signed-off-by: Unnathi Kumar <[email protected]>
Signed-off-by: Unnathi Kumar <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great! just a minor comment
docs/clusterspiffeid-crd.md
Outdated
| `ttl` | OPTIONAL | Duration value indicating an upper bound on the time-to-live for X509-SVIDs issued to target workload | | ||
| `jwtTtl` | OPTIONAL | Duration value indicating an upper bound on the time-to-live for JWT-SVIDs issued to target workload | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can you solve this indentation issue?
| `ttl` | OPTIONAL | Duration value indicating an upper bound on the time-to-live for X509-SVIDs issued to target workload | | |
| `jwtTtl` | OPTIONAL | Duration value indicating an upper bound on the time-to-live for JWT-SVIDs issued to target workload | | |
| `ttl` | OPTIONAL | Duration value indicating an upper bound on the time-to-live for X509-SVIDs issued to target workload | | |
| `jwtTtl` | OPTIONAL | Duration value indicating an upper bound on the time-to-live for JWT-SVIDs issued to target workload | |
Signed-off-by: Unnathi Kumar <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
Co-authored-by: Faisal Memon <[email protected]> Signed-off-by: Unnathi Kumar <[email protected]>
Sweet! I didn't fully read how this is integrated. Does this override the ttl flags passed in the config to controller manager? |
JWTTTL
toClusterSPIFFEIDSpec
JWTTTL
torenderPodEntry
func