Skip to content

feat: Add spiffe provider#733

Merged
gtema merged 1 commit into
mainfrom
spiffe
May 27, 2026
Merged

feat: Add spiffe provider#733
gtema merged 1 commit into
mainfrom
spiffe

Conversation

@gtema
Copy link
Copy Markdown
Collaborator

@gtema gtema commented May 27, 2026

  • add spiffe provider
  • add support for bindings to map svid to the AuthenticationResult and a
    VSC
  • rework auth extractor to apply svid binding

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 27, 2026
edited
Loading

🦢 Load Test Results

Goose Attack Report

Plan Overview

Action Started Stopped Elapsed Users
Increasing 26-05-27 16:00:25 26-05-27 16:00:27 00:00:02 0 → 4
Maintaining 26-05-27 16:00:27 26-05-27 16:00:57 00:00:30 4
Decreasing 26-05-27 16:00:57 26-05-27 16:00:57 00:00:00 0 ← 4

Request Metrics

Method Name # Requests # Fails Average (ms) Min (ms) Max (ms) RPS Failures/s
GET 7138 0 16.32 11 35 237.93 0.00
Aggregated 7138 0 16.32 11 35 237.93 0.00

Response Time Metrics

Method Name 50%ile (ms) 60%ile (ms) 70%ile (ms) 80%ile (ms) 90%ile (ms) 95%ile (ms) 99%ile (ms) 100%ile (ms)
GET 14 18 20 21 21 22 24 35
Aggregated 14 18 20 21 21 22 24 35

Status Code Metrics

Method Name Status Codes
GET 7,138 [200]
Aggregated 7,138 [200]

Transaction Metrics

Transaction # Times Run # Fails Average (ms) Min (ms) Max (ms) RPS Failures/s
ListUsers
0.0 0 0 0.00 0 0 0.00 0.00
0.1 4318 0 13.42 11 25 143.93 0.00
ValidateToken
1.0 0 0 0.00 0 0 0.00 0.00
1.1 2820 0 20.84 17 35 94.00 0.00
Aggregated 7138 0 16.32 11 35 237.93 0.00

Scenario Metrics

Transaction # Users # Times Run Average (ms) Min (ms) Max (ms) Scenarios/s Iterations
ListUsers 2 4316 13.43 11 25 143.87 2158.00
ValidateToken 2 2818 20.85 17 35 93.93 1409.00
Aggregated 4 7134 16.36 11 35 237.80 3567.00

View full report

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 27, 2026
edited
Loading

🐰 Bencher Report

Branchspiffe
Testbedubuntu-latest
Click to view all benchmark results
BenchmarkLatencyBenchmark Result
nanoseconds (ns)
(Result Δ%)		Upper Boundary
nanoseconds (ns)
(Limit %)
Command_Serde/apply/remove📈 view plot
🚷 view threshold		139,350.00 ns
(-15.83%)Baseline: 165,560.84 ns
645,925.60 ns
(21.57%)
Command_Serde/apply/set📈 view plot
🚷 view threshold		145,080.00 ns
(+3.39%)Baseline: 140,324.96 ns
348,793.00 ns
(41.59%)
Command_Serde/pack/delete📈 view plot
🚷 view threshold		127.12 ns
(+3.75%)Baseline: 122.52 ns
147.06 ns
(86.44%)
Command_Serde/pack/delete_index📈 view plot
🚷 view threshold		115.43 ns
(+0.99%)Baseline: 114.29 ns
136.34 ns
(84.66%)
Command_Serde/pack/set📈 view plot
🚷 view threshold		217.32 ns
(+9.21%)Baseline: 198.99 ns
244.32 ns
(88.95%)
Command_Serde/pack/set_index📈 view plot
🚷 view threshold		116.57 ns
(+1.84%)Baseline: 114.47 ns
136.16 ns
(85.61%)
Command_Serde/unpack/delete📈 view plot
🚷 view threshold		175.15 ns
(-6.35%)Baseline: 187.04 ns
230.60 ns
(75.96%)
Command_Serde/unpack/delete_index📈 view plot
🚷 view threshold		166.05 ns
(+1.76%)Baseline: 163.18 ns
203.63 ns
(81.54%)
Command_Serde/unpack/set📈 view plot
🚷 view threshold		252.53 ns
(+3.36%)Baseline: 244.33 ns
291.23 ns
(86.71%)
Command_Serde/unpack/set_index📈 view plot
🚷 view threshold		158.42 ns
(-1.96%)Baseline: 161.58 ns
201.87 ns
(78.48%)
Payload_encryption/pack/inner📈 view plot
🚷 view threshold		64.24 ns
(-1.19%)Baseline: 65.01 ns
77.81 ns
(82.56%)
Payload_encryption/pack/remove_cmd📈 view plot
🚷 view threshold		118.97 ns
(-2.21%)Baseline: 121.66 ns
147.42 ns
(80.70%)
Payload_encryption/pack/set_cmd📈 view plot
🚷 view threshold		254.68 ns
(+9.80%)Baseline: 231.95 ns
292.41 ns
(87.10%)
Payload_encryption/unpack/inner📈 view plot
🚷 view threshold		171.24 ns
(+5.38%)Baseline: 162.49 ns
193.03 ns
(88.71%)
Payload_encryption/unpack/remove_cmd📈 view plot
🚷 view threshold		202.47 ns
(+2.80%)Baseline: 196.95 ns
243.37 ns
(83.20%)
Payload_encryption/unpack/set_cmd📈 view plot
🚷 view threshold		259.76 ns
(+0.50%)Baseline: 258.46 ns
318.62 ns
(81.53%)
Raft_1Node_Latency/prefix/1node📈 view plot
🚷 view threshold		2,560,800.00 ns
(-28.17%)Baseline: 3,565,259.26 ns
6,666,929.58 ns
(38.41%)
Raft_1Node_Latency/read/1node📈 view plot
🚷 view threshold		573.80 ns
(+4.13%)Baseline: 551.04 ns
769.13 ns
(74.60%)
Raft_1Node_Latency/remove/1node📈 view plot
🚷 view threshold		383,120.00 ns
(-6.49%)Baseline: 409,694.81 ns
1,235,882.38 ns
(31.00%)
Raft_1Node_Latency/write/1node📈 view plot
🚷 view threshold		396,600.00 ns
(-0.14%)Baseline: 397,172.96 ns
977,555.99 ns
(40.57%)
build_snapshot/default📈 view plot
🚷 view threshold		86,831.00 ns
(-8.04%)Baseline: 94,418.68 ns
162,527.94 ns
(53.43%)
fernet token/project📈 view plot
🚷 view threshold		1,391.50 ns
(-5.55%)Baseline: 1,473.27 ns
1,632.87 ns
(85.22%)
get_data_keyspace📈 view plot
🚷 view threshold		0.31 ns
(-2.03%)Baseline: 0.32 ns
0.38 ns
(82.86%)
get_db📈 view plot
🚷 view threshold		0.31 ns
(-1.85%)Baseline: 0.32 ns
0.38 ns
(82.75%)
get_fernet_token_timestamp/project📈 view plot
🚷 view threshold		150.56 ns
(+1.63%)Baseline: 148.14 ns
172.89 ns
(87.08%)
get_keyspace📈 view plot
🚷 view threshold		4.37 ns
(-6.75%)Baseline: 4.68 ns
8.69 ns
(50.27%)
🐰 View full continuous benchmarking report in Bencher

@gtema
feat: Add spiffe provider
63ee333 
- add spiffe provider
- add support for bindings to map svid to the AuthenticationResult and a
  VSC
- rework auth extractor to apply svid binding
@gtema gtema merged commit 7831e41 into main May 27, 2026
35 checks passed
@openstack-experimental-release-plz openstack-experimental-release-plz Bot mentioned this pull request May 27, 2026
Open
@gtema gtema deleted the spiffe branch May 28, 2026 16:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gtema