search

spiffe / spiffe-helper

The SPIFFE Helper is a tool that can be used to retrieve and manage SVIDs on behalf of a workload
Apache License 2.0
43 stars 40 forks source link

spiffeid hint #113

Open kfox1111 opened 8 months ago

kfox1111 commented 8 months ago

When the workload has multiple spiffeid's there needs to be a way to specify a hint so the desired identifier can be used.

nstott commented 8 months ago

This would be useful for our usecase as well.
there are multiple workload identities that could apply, and it would be great to be able to use the hint to disambiguate.

is there more to this than changing this https://github.com/spiffe/spiffe-helper/blob/main/pkg/sidecar/sidecar.go#L282 to fetch more than one svid, and filter out the svid that matches a hint in the config?

nstott commented 7 months ago

would we need a WithDefaultJWTSVIDPicker() in go-spiffe, like we have a WithDefaultX509SVIDPicker(?

nstott commented 6 months ago

https://github.com/spiffe/go-spiffe/issues/264