looking the IBM istio appid adapter for auth purposes, i could see that the adapter generates the cookie in code using a random hashkey thats created at the adapter's startup.
If i want to run multiple instances of the adapter for high availability, won't that be problematic as they don't share the cookie signing key ?
Looking at the source code what is the config.proto in config\adapter\config.proto used for ? What could one potentially use it for ?
Using a common signing key for cookies is supported but undocumented.
The adapter looks for k8s secret named appidentityandaccessadapter-cookie-sig-enc-keys in the istio-system namespace