API for external signing of Service Account tokens #740
Description
Enhancement Description
-
One-line enhancement description (can be used as a release note): External signer integration for service account tokens
-
Kubernetes Enhancement Proposal: https://github.com/kubernetes/enhancements/tree/master/keps/sig-auth/740-service-account-external-signing
-
Primary contact (assignee): @HarshalNeelkamal
-
Responsible SIGs: sig-auth
-
Enhancement target (which target equals to which milestone):
- Alpha release target (x.y): 1.32
- Beta release target (x.y): 1.34
- Stable release target (x.y):
-
Alpha 1.32
- KEP (
k/enhancements) update PR(s): - Code (
k/k) update PR(s):- Add plugin and key-cache for ExternalJWTSigner integration kubernetes#128190
- Wait for updated keys to be observed kubernetes#128966
- Automated cherry pick of #129059: Isolate mock signer for externaljwt tests kubernetes#129178
- Clean up service account options completion and fallback kubernetes#125473
- Move public key serviceaccount getter to interface, filter by key id kubernetes#125177
- Docs (
k/website) update PR(s):
- KEP (
-
Alpha 1.33
- KEP (
k/enhancements) update PR(s): - Code (
k/k) update PR(s): -
Docs (k/website) update(s): n/a
- KEP (
-
Beta 1.34
- KEP (
k/enhancements) update PR(s): KEP-740: promote external token signing to beta #5323 - Code (
k/k) update PR(s): - Docs (
k/website) update(s):
- KEP (
Please keep this description up to date. This will help the Enhancement Team to track the evolution of the enhancement efficiently.
Metadata
Metadata
Assignees
Labels
Type
Projects
Status