kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
apiserver/pkg/storage/value/encrypt/envelope
History
Monis Khan 242620fc19 kmsv2: validate encrypt response at DEK generation time 
Prior to this change, we wait until the DEK is used to perform an
encryption before validating the response.  This means that the
plugin could report healthy but all TransformToStorage calls would
fail.  Now we correctly cause the plugin to become unhealthy and do
not attempt to use the newly generated DEK.

Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: 5469c198e5d074c7e88e14c3dcbc3ebb2b37cfa8
 		2023-03-22 21:27:47 -04:00
..
kmsv2 kmsv2: validate encrypt response at DEK generation time 2023-03-22 21:27:47 -04:00
metrics kmsv2: retain more key ID metrics 2023-03-02 10:42:55 -05:00
testing logcheck.conf: ensure that kms and value/encrypt uses structured logging 2023-02-10 00:17:54 +00:00
envelope.go kmsv2: re-use DEK while key ID is unchanged 2023-02-24 16:51:08 -05:00
envelope_test.go kmsv2: re-use DEK while key ID is unchanged 2023-02-24 16:51:08 -05:00
grpc_service.go [KMS] move util from envelope to kms package 2023-02-27 00:37:48 +00:00
grpc_service_unix_test.go staging: fix "go vet" issues 2023-02-28 21:22:40 +01:00