kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
kops/tests/integration/update_cluster/public-jwks-apiserver
History
John Gardiner Myers 7dea5af9be hack/update-expected.sh 2021-06-21 19:37:24 -07:00
..
data hack/update-expected.sh 2021-06-21 19:37:24 -07:00
README.md Use VFS as service account issuer if configured 2021-04-30 21:02:30 +02:00
id_rsa.pub Use VFS as service account issuer if configured 2021-04-30 21:02:30 +02:00
in-v1alpha2.yaml Recognize the ServiceAccountIssuerDiscovery featue gate 2021-05-06 08:57:37 -07:00
kubernetes.tf Fix integration test for oidc because the object path is changed 2021-06-01 23:35:21 +09:00

README.md

Simple test of (experimental) JWKS functionality

We have to use a fixed CA because the fingerprint is inserted into the AWS WebIdentity configuration.

ca.crt & ca.key generated with:

openssl req -new -newkey rsa:512 -days 3650 -nodes -x509 -subj "/CN=kubernetes" -keyout ca.key -out ca.crt -config <(cat /etc/ssl/openssl.cnf <(printf "[ v3_ca ]\nkeyUsage = critical,keyCertSign,cRLSign"))