faisal-memon
commented
8 months ago @keeganwitt How would that work? An array of audiences? Save them in the same or different files?
Closed keeganwitt closed 7 months ago
faisal-memon
commented
8 months ago @keeganwitt How would that work? An array of audiences? Save them in the same or different files?
keeganwitt
commented
8 months ago @keeganwitt How would that work? An array of audiences? Save them in the same or different files?
Yes, an array of files and audiences is what I was thinking. Something like
Index: pkg/sidecar/config.go
===================================================================
diff --git a/pkg/sidecar/config.go b/pkg/sidecar/config.go
--- a/pkg/sidecar/config.go (revision c86aaa3c6aebb44c8296b9caa742f5250703a9ad)
+++ b/pkg/sidecar/config.go (date 1702493092224)
@@ -32,9 +32,10 @@
RenewSignalDeprecated string `hcl:"renewSignal"`
// JWT configuration
- JWTAudience string `hcl:"jwt_audience"`
- JWTSvidFilename string `hcl:"jwt_svid_file_name"`
- JWTBundleFilename string `hcl:"jwt_bundle_file_name"`
+ Jwts []JwtConfig `hcl:"jwts"`
+ JWTAudience string `hcl:"jwt_audience"`
+ JWTSvidFilename string `hcl:"jwt_svid_file_name"`
+ JWTBundleFilename string `hcl:"jwt_bundle_file_name"`
// TODO: is there a reason for this to be exposed? and inside of config?
ReloadExternalProcess func() error
@@ -42,6 +43,11 @@
Log logrus.FieldLogger
}
+type JwtConfig struct {
+ JWTAudience string `hcl:"jwt_audience"`
+ JWTSvidFilename string `hcl:"jwt_svid_file_name"`
+}
+
// ParseConfig parses the given HCL file into a SidecarConfig struct
func ParseConfig(file string) (*Config, error) {
sidecarConfig := new(Config)I think we can simplify with just the array of audiences and then add the audience as a suffix to the outputted file.
Something I missed when reviewing #85 is that if you need multiple JWT paths because you have JWTs for more than one audience, there's no way to do this currently.