kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
apiserver/pkg/server/options/encryptionconfig
History
Monis Khan 242620fc19 kmsv2: validate encrypt response at DEK generation time 
Prior to this change, we wait until the DEK is used to perform an
encryption before validating the response.  This means that the
plugin could report healthy but all TransformToStorage calls would
fail.  Now we correctly cause the plugin to become unhealthy and do
not attempt to use the newly generated DEK.

Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: 5469c198e5d074c7e88e14c3dcbc3ebb2b37cfa8
 		2023-03-22 21:27:47 -04:00
..
controller encryption-at-rest: clean up context usage and duplicated code 2022-11-09 17:33:38 -05:00
testdata kmsv2: improve test coverage 2023-03-01 19:05:50 -08:00
OWNERS Check in OWNERS modified by update-yamlfmt.sh 2021-12-09 21:31:26 -05:00
config.go [KMSv2] use encDEK, keyID and annotations to generate cache key 2023-03-14 19:38:30 +00:00
config_test.go kmsv2: validate encrypt response at DEK generation time 2023-03-22 21:27:47 -04:00