Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Workload ID: Add tbot support for JWT SVIDs #47017

Open
wants to merge 8 commits into
base: strideynet/jwt-svid-auth-server
Choose a base branch
from
Open

Workload ID: Add tbot support for JWT SVIDs #47017

wants to merge 8 commits into from
+516 −165

Conversation

strideynet
Copy link
Contributor

@strideynet strideynet commented Oct 1, 2024
edited
Loading

Closes #38930

Depends on #46968

➜  teleport git:(strideynet/jwt-svid-tbot) ✗ e/build/tbot spiffe-inspect --path unix:///Users/noah/code/gravitational/teleport-scratch/tbot-workload-id/workload.sock
2024-10-01T11:35:43+01:00 INFO [TBOT]      Inspecting SPIFFE Workload API Endpoint path:unix:///Users/noah/code/gravitational/teleport-scratch/tbot-workload-id/workload.sock tbot/spiffe.go:34
# X509 SVIDs
- spiffe://leaf.tele.ottr.sh/example
  - Hint: my-hint
  - Expiry: 2024-10-02 10:35:43 +0000 UTC (23h59m59.558023s)
# X509 Trust Bundles
- leaf.tele.ottr.sh (#CAs: 1)
- spire.tele.ottr.sh (#CAs: 7)
# JWT SVIDs
- spiffe://leaf.tele.ottr.sh/example
  - Expiry: 2024-10-01 10:40:43 +0000 UTC (4m59.558007s)
  - Audiences: [example.com]
  - Hint: my-hint
  - Value: eyJhbGciOiJSUzI1NiIsImtpZCI6IlJIX2hvTXNFNGJUclhYUWdBeGdSSXFjUUIxVF9kTTZmYkd3ZjVVcXJjUUUiLCJ0eXAiOiJKV1QifQ.eyJhdWQiOiJleGFtcGxlLmNvbSIsImV4cCI6MTcyNzc3OTI0MywiaWF0IjoxNzI3Nzc4OTQzLCJqdGkiOiI3YTg2MTNhYWY0Njc4YWFiODI0ZjcyODgxNDE1OTk2OCIsInN1YiI6InNwaWZmZTovL2xlYWYudGVsZS5vdHRyLnNoL2V4YW1wbGUifQ.LuP3f6QN57blBTlZtLREsSgO2cT7hF3g6aRRPx14CxXReruJAwYUEVGcrN25-QfSJLsFPXN4VJgyx8B3m7SjDVefYkAcDtYCTF35tfpX78R2Z39HDgq857MKcd1MDRrw5fEq9VvOVjkVr_s0xMXbFfhzAPPein1RGReBkPyYA3enPnXjNAqgmJFhsLgH_BEO1jeyZy8vAcWu2vdF4Yw1qnUauv9EWzGVl4g9a9lwwDUS4CdXHFa6sffkIRWjbzjj9B-66uR79eHVObQdek1k3FhFBLHhqCKsHBKd2Wyj8grA7lwdwUk1WnDQaUK4zB3dU-sJfj_38Ln0HXQZuJiRag
  - Validation: PASS
# JWT Bundles
- leaf.tele.ottr.sh (#Keys: 1)
  - Key ID: RH_hoMsE4bTrXXQgAxgRIqcQB1T_dM6fbGwf5UqrcQE
- spire.tele.ottr.sh (#Keys: 6)
  - Key ID: KxeujEhOuaMRuUn9QqEaOIAzIYG0e2da
  - Key ID: 8LDn79GUYgUUHqu0aSupSDJJDB5lshPq
  - Key ID: q03gi0rwInhk0GacneikaAADbY0Ykwht
  - Key ID: qAPMQUvis2ggmQmoSTouAr6nmtTsfz3O
  - Key ID: H6VCy7DB0jO3lCDBDZQxY0UxSLi2DX6z
  - Key ID: Vvl8nRMrpLEiHXba8am44RzWSMo5V5zP

changelog: Teleport Workload ID now supports issuing JWT SVIDs via the Workload API.

@strideynet strideynet marked this pull request as ready for review October 1, 2024 11:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@timothyb89 timothyb89 Awaiting requested review from timothyb89

@vapopov vapopov Awaiting requested review from vapopov

Assignees
No one assigned
Labels
backport/branch/v16 machine-id size/md
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@strideynet