mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-07 05:57:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Refined ytt schemas

Browse Source 
Co-authored-by: Benjamin A. Petersen <ben@benjaminapetersen.me>
This commit is contained in:
Ryan Richard
2023-11-08 12:56:16 -08:00
parent c4f9869e7c
commit 88a97033fb
6 changed files with 113 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hack/prepare-impersonator-on-kind.sh
View File

@@ -1,6 +1,6 @@
#!/usr/bin/env bash
# Copyright 2021 the Pinniped contributors. All Rights Reserved.
# Copyright 2021-2023 the Pinniped contributors. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
#
@@ -106,7 +106,7 @@ function cleanup() {
kubectl delete webhookauthenticator local-user-authenticator
log_note "Stopping kubectl port-forward and exiting..."
# It may have already shut down, so ignore errors.
kill -9 $port_forward_pid &> /dev/null || true
kill -9 $port_forward_pid &>/dev/null || true
}
trap cleanup EXIT

13
hack/prepare-supervisor-on-kind.sh
View File

@@ -39,7 +39,6 @@ cd "$ROOT"
source hack/lib/helpers.sh
use_oidc_upstream=no
use_ldap_upstream=no
use_ad_upstream=no
@@ -115,8 +114,8 @@ if [[ "${PINNIPED_USE_CONTOUR:-}" != "" ]]; then
# Wait for its pods to be ready.
echo "Waiting for Contour to be ready..."
kubectl wait --for 'jsonpath={.status.phase}=Succeeded' pods -l 'app=contour-certgen' -n projectcontour --timeout 60s
kubectl wait --for 'jsonpath={.status.phase}=Running' pods -l 'app!=contour-certgen' -n projectcontour --timeout 60s
kubectl wait --for 'jsonpath={.status.phase}=Succeeded' pods -l 'app=contour-certgen' -n projectcontour --timeout 60s
kubectl wait --for 'jsonpath={.status.phase}=Running' pods -l 'app!=contour-certgen' -n projectcontour --timeout 60s
# Create an ingress for the Supervisor which uses TLS passthrough to allow the Supervisor to terminate TLS.
cat <<EOF | kubectl apply --namespace "$PINNIPED_TEST_SUPERVISOR_NAMESPACE" -f -
@@ -313,7 +312,7 @@ kubectl create secret tls -n "$PINNIPED_TEST_SUPERVISOR_NAMESPACE" my-federation
# Make a FederationDomain using the TLS Secret and identity providers from above in a temp file.
fd_file="/tmp/federationdomain.yaml"
cat << EOF > $fd_file
cat <<EOF >$fd_file
apiVersion: config.supervisor.pinniped.dev/v1alpha1
kind: FederationDomain
metadata:
@@ -327,7 +326,7 @@ EOF
if [[ "$use_oidc_upstream" == "yes" ]]; then
# Indenting the heredoc by 4 spaces to make it indented the correct amount in the FederationDomain below.
cat << EOF >> $fd_file
cat <<EOF >>$fd_file
- displayName: "My OIDC IDP 🚀"
objectRef:
@@ -351,7 +350,7 @@ fi
if [[ "$use_ldap_upstream" == "yes" ]]; then
# Indenting the heredoc by 4 spaces to make it indented the correct amount in the FederationDomain below.
cat << EOF >> $fd_file
cat <<EOF >>$fd_file
- displayName: "My LDAP IDP 🚀"
objectRef:
@@ -405,7 +404,7 @@ fi
if [[ "$use_ad_upstream" == "yes" ]]; then
# Indenting the heredoc by 4 spaces to make it indented the correct amount in the FederationDomain below.
cat << EOF >> $fd_file
cat <<EOF >>$fd_file
- displayName: "My AD IDP"
objectRef: