pinniped

mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-07 14:05:50 +00:00

Author	SHA1	Message	Date
Joshua Casey	362d982906	Start to backfill some audit unit tests for the token_handler	2024-11-27 13:53:01 -06:00
Ryan Richard	1006dd9379	resolve some todos	2024-11-27 13:53:01 -06:00
Joshua Casey	369316556a	Add configuration to audit internal endpoints and backfill unit tests	2024-11-27 13:53:01 -06:00
Joshua Casey	cf4b29de4b	Clarify docs	2024-11-27 13:53:00 -06:00
Joshua Casey	09ca7920ea	Extract testutil helper function	2024-11-27 13:53:00 -06:00
Joshua Casey	9994e033b2	Add audit event tests for login_handler	2024-11-27 13:53:00 -06:00
Joshua Casey	dd56f2b47f	Add audit event tests for callback_handler	2024-11-27 13:53:00 -06:00
Joshua Casey	dd42f35db0	plog.TestLogger returns a buffer that holds the logs # Conflicts: # internal/controller/apicerts/certs_expirer_test.go # internal/plog/plog_test.go # internal/plog/testing.go # pkg/oidcclient/login_test.go	2024-11-27 13:53:00 -06:00
Joshua Casey	a67af9455b	Refactor: don't copy the loop variable in test loops	2024-11-27 13:53:00 -06:00
Joshua Casey	d729c82f84	fix lint	2024-11-27 13:53:00 -06:00
Joshua Casey	44e218194b	Add 'AuthorizeID From Parameters' audit logs to the /callback and /login endpoints Co-authored-by: Ryan Richard <richardry@vmware.com>	2024-11-27 13:53:00 -06:00
Joshua Casey	bf1e37f149	Use a helper to verify audit messages	2024-11-27 13:53:00 -06:00
Joshua Casey	aee56c388f	Check the sessionID as well Co-authored-by: Ryan Richard <richardry@vmware.com>	2024-11-27 13:53:00 -06:00
Joshua Casey	fd5a10bee7	WIP: Add audit event when upstream redirect occurs and backfill tests	2024-11-27 13:53:00 -06:00
Joshua Casey	b20e890f15	Add testutil.RequireLogLines to verify multiple log lines at once	2024-11-27 13:53:00 -06:00
Ryan Richard	4f9530eec7	audit logging WIP	2024-11-27 13:53:00 -06:00
Ryan Richard	e44d70b41d	kube cert agent controller avoids unschedulable nodes when possible	2024-11-25 14:20:12 -08:00
Joshua Casey	0c131f11f8	plog.TestLogger returns a buffer instead of taking one in	2024-11-07 17:46:01 -06:00
Ryan Richard	106a480dad	JWTAuthenticator must reload when spec.audience or spec.claims changes	2024-11-04 12:49:18 -08:00
Joshua Casey	590f001f17	Run go generate with new version of mock library	2024-10-23 09:09:41 -05:00
Ryan Richard	e37d1444c4	bump to github.com/google/go-github/v66	2024-10-15 14:06:34 -07:00
Ryan Richard	f36298c542	use required headers for GitHub API connection probe request	2024-10-14 11:12:34 -07:00
Ryan Richard	dc195536d0	also use port number when checking https proxy for WebhookAuthenticator	2024-10-11 14:49:46 -07:00
Ryan Richard	4d2bbac674	use .cluster.local address for LUA (squid cannot resolve .svc addresses)	2024-10-10 14:44:14 -07:00
Ryan Richard	4f661aaa69	pay attention to web proxy settings during connection probes - WebhookAuthenticator will now detect the proxy setting and skip dialing the connection probe if it should go through a proxy - GitHubIdentityProvider will avoid using tls.Dial altogether by instead making a real request to the GitHub API as its connection probe, because this will respect the proxy settings	2024-10-10 10:41:31 -07:00
Joshua T Casey	629f89d95b	Check TLS bundle before dialing for performance reasons, and add godoc to clarify intent Signed-off-by: Ryan Richard <richardry@vmware.com>	2024-10-02 14:54:30 -05:00
Joshua Casey	01c2377de0	Refactor tests to use a table	2024-09-24 14:45:07 -05:00
Ashish Amarnath	0fab37c089	Update internal/crypto/ptls/dialer_test.go ignore lint error on nil context in unit test validating nil context	2024-09-24 14:14:48 -05:00
Joshua Casey	f7fd209f29	Address PR feedback	2024-09-24 14:14:48 -05:00
Joshua Casey	76a116641f	Add ptls.Dialer to provide some common configuration for tls.Dial operations	2024-09-24 14:14:48 -05:00
Ashish Amarnath	ab2c2e30cb	refactor and fix comments Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>	2024-09-19 13:38:12 -07:00
Joshua Casey	702d5bdc01	Bump golangci-lint to 1.61.0	2024-09-10 15:14:53 -05:00
Joshua Casey	08abff1cae	Bump golanglint-ci to 1.60.3	2024-09-04 20:52:01 -05:00
Joshua Casey	c87f091a44	Upcoming k8s versions have an additional extra field in the CSR response - failure due to https://github.com/kubernetes/kubernetes/pull/125634	2024-09-04 11:23:11 -05:00
Joshua Casey	6c97600174	Merge branch 'main' into log_msg_level	2024-09-03 06:22:09 -05:00
Joshua Casey	b78e2c7ded	Update comments for testing	2024-08-27 13:26:40 -05:00
Joshua Casey	9b3bcca15e	Add test to confirm that pversion.Get() returns something that utilversion.NewEffectiveVersion can consume	2024-08-27 13:26:40 -05:00
Joshua Casey	f7f25a8815	Refactor pversion_test to use a test table	2024-08-27 13:26:39 -05:00
Joshua Casey	94809ee396	Use a real binary version when setting up the aggregated API servers	2024-08-27 13:26:39 -05:00
Joshua Casey	2a6a0d2997	Refactor certauthority_test to not need pool.Subjects()	2024-08-27 13:26:39 -05:00
Joshua Casey	05098c68f6	Refactor kubeclient_test to not use pool.Subjects()	2024-08-27 13:26:39 -05:00
Joshua Casey	a1dafcf45a	Refactor provider_test to not use pool.Subjects()	2024-08-27 13:26:39 -05:00
Joshua Casey	0ee8ee80e1	Use sha256.Size	2024-08-27 13:26:39 -05:00
Joshua Casey	436112252d	Lint fixes	2024-08-27 13:26:39 -05:00
Joshua Casey	8bd9b94d0a	Impersonator server should take in a cancellable context instead of a stop channel	2024-08-27 13:26:39 -05:00
Joshua Casey	504f0dc26f	Fix some unit tests	2024-08-27 13:26:38 -05:00
Joshua Casey	f09b3c2f72	Bump K8s libs to 1.31 and fix compilation errors	2024-08-27 13:26:38 -05:00
Ryan Richard	f194594e5b	failed token exchanges should show in log at default log config	2024-08-22 10:09:19 -07:00
Ryan Richard	376b83050a	upgrade linter and fix new lint errors	2024-08-19 15:45:32 -07:00
Joshua Casey	d0f5c2c7ab	Merge branch 'main' into jtc/refactor-conditions-util	2024-08-09 11:22:59 -05:00

1 2 3 4 5 ...

1444 Commits