pinniped

mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-03 11:45:45 +00:00

Author	SHA1	Message	Date
Ryan Richard	cba4e2a2e8	update test expectations for new oidc error message text	2025-12-05 10:30:46 -08:00
Ryan Richard	fdeca2c026	Revert "add integration test for TLS config validation in OIDCIdentityProvider" This reverts commit `59402bca7b`.	2024-08-05 12:52:29 -07:00
Ashish Amarnath	59402bca7b	add integration test for TLS config validation in OIDCIdentityProvider Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>	2024-08-05 11:32:21 -07:00
Ryan Richard	02e41baa47	small refactors	2024-08-05 11:32:21 -07:00
Ashish Amarnath	a0c259ffbc	update expectation conditions message when CA bundle is not configured fix a typo where we intended to use a configmap instead of a secret Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com> Co-authored-by: Ryan Richard <richardry@vmware.com>	2024-08-05 11:32:20 -07:00
Ryan Richard	9f17ba5ae4	change wording of TLS config loaded success messages	2024-08-05 11:32:20 -07:00
Ashish Amarnath	afcd80de37	more integration tests pass Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>	2024-08-05 11:32:19 -07:00
Joshua Casey	bafd578866	Merge branch 'main' into jtc/add-importas-linter	2024-06-11 09:39:48 -05:00
Ryan Richard	6364ac9ac7	change status condition type name to be "ClientCredentialsSecretValid" For both GitHubIdentityProvider and OIDCIdentityProvider to make them consistent with each other.	2024-05-31 09:59:30 -07:00
Joshua Casey	f5116cddb4	Enable 'makezero' and 'prealloc' linters, and require 'any' instead of 'interface{}' Enforce importas: - go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1 - go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1	2024-05-21 09:31:15 -05:00
Ryan Richard	7c85a511a2	first draft of an e2e integration test for GitHub login (skip while WIP)	2024-05-09 15:35:37 -07:00
Joshua Casey	64f1bff13f	Use Conditions from apimachinery, specifically k8s.io/apimachinery/pkg/apis/meta/v1.Conditions	2023-09-11 10:13:39 -07:00
Monis Khan	1e17418585	TestSupervisorUpstreamOIDCDiscovery: include AdditionalAuthorizeParametersValid condition Signed-off-by: Monis Khan <mok@vmware.com>	2021-10-25 10:21:51 -04:00
Monis Khan	266d64f7d1	Do not truncate x509 errors Signed-off-by: Monis Khan <mok@vmware.com>	2021-09-29 09:38:22 -04:00
Monis Khan	d78b845575	Fix bad test package name Signed-off-by: Monis Khan <mok@vmware.com>	2021-06-22 11:23:19 -04:00
Ryan Richard	675bbb2aba	Merge branch 'main' into initial_ldap	2021-05-11 11:09:37 -07:00
Mo Khan	56d316e8d3	upstreamwatcher: do not truncate explicit oidc errors This change makes it easier to understand misconfigurations caused by issuers with extraneous trailing slashes. Signed-off-by: Mo Khan <mok@vmware.com>	2021-05-10 01:45:19 -04:00
Mo Khan	7ece196893	upstreamwatcher: preserve oidc discovery error Signed-off-by: Mo Khan <mok@vmware.com>	2021-05-07 16:35:12 -04:00
Ryan Richard	1c55c857f4	Start to fill out LDAPIdentityProvider's fields and TestSupervisorLogin - Add some fields to LDAPIdentityProvider that we will need to be able to search for users during login - Enhance TestSupervisorLogin to test logging in using an upstream LDAP identity provider. Part of this new test is skipped for now because we haven't written the corresponding production code to make it pass yet. - Some refactoring and enhancement to env.go and the corresponding env vars to support the new upstream LDAP provider integration tests. - Use docker.io/bitnami/openldap for our test LDAP server instead of our own fork now that they have fixed the bug that we reported. Signed-off-by: Andrew Keesler <akeesler@vmware.com>	2021-04-07 12:56:09 -07:00
Matt Moyer	5a43a5d53a	Remove library.AssertNoRestartsDuringTest and make that assertion implicit in library.IntegrationEnv. This means we (hopefully) can't forget to include these assertions in any integration test. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2021-03-17 11:18:10 -05:00
Matt Moyer	6565265bee	Use new 'go.pinniped.dev/generated/latest' package. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2021-02-16 13:00:08 -06:00
Andrew Keesler	ae498f14b4	test/integration: ensure no pods restart during integration tests Signed-off-by: Andrew Keesler <akeesler@vmware.com>	2021-02-04 10:24:33 -05:00
Margo Crawford	5611212ea9	Changing references from 1.19 to 1.20	2021-01-07 15:25:47 -08:00
Margo Crawford	196e43aa48	Rename off of main Signed-off-by: Ryan Richard <richardry@vmware.com>	2020-12-16 14:27:09 -08:00
Matt Moyer	273ac62ec2	Extend the test client helpers in ./test/library/client.go. This adds a few new "create test object" helpers and extends `CreateTestOIDCProvider()` to optionally wait for the created OIDCProvider to enter some expected status condition. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2020-12-02 15:55:34 -06:00
Matt Moyer	bc700d58ae	Split test environment variables so there's a specific supervisor upstream client. Prior to this we re-used the CLI testing client to test the authorize flow of the supervisor, but they really need to be separate upstream clients. For example, the supervisor client should be a non-public client with a client secret and a different callback endpoint. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2020-11-20 08:03:06 -06:00
Matt Moyer	7520dadbdd	Use `omitempty` on UpstreamOIDCProvider `spec.authorizationConfig` field. This allows you to omit the field in creation requests, which was annoying. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2020-11-18 17:14:35 -06:00
Matt Moyer	b31deff0fb	Update integration tests to use HTTPS Dex for UpstreamOIDCProvider testing. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2020-11-16 20:23:20 -06:00
Matt Moyer	c10393b495	Mask the raw error messages from go-oidc, since they are dangerous. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2020-11-13 16:22:34 -06:00
Matt Moyer	d68a4b85f4	Add integration tests for UpstreamOIDCProvider status. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2020-11-13 12:30:38 -06:00

30 Commits