Background
To implement an X.509 readable Garm to replace the deprecated ntoken,
we've designed Garm to use the cert-reloader for reading local X.509 certificates and their keys.
Since there was no generalized library available,
we directly copied the code from athenz/k8s-athenz-sia. You can view the implementation with TODOs here:
https://github.com/AthenZ/garm/blob/master/service/cert-reloader.go#L15-L20
What should be done?
- Bring the generalized
cert-reloader once implemented
Background
To implement an X.509 readable Garm to replace the deprecated ntoken,
we've designed Garm to use the
cert-reloaderfor reading local X.509 certificates and their keys.Since there was no generalized library available,
we directly copied the code from
athenz/k8s-athenz-sia. You can view the implementation with TODOs here:https://github.com/AthenZ/garm/blob/master/service/cert-reloader.go#L15-L20
What should be done?
cert-reloaderonce implemented