mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-08 07:11:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,181 Commits 20 Branches 50 Tags
06b47a5792b7769f4844368118bf229c2cdfe332
Commit Graph

4181 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ryan Richard
06b47a5792 jwtcachefiller controller loops over all jwtauthenticators 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-08-05 11:32:20 -07:00
Ryan Richard
ca2dd2d476 refactor InferSupervisorIssuerURL() func; remove a TODO 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
Co-authored-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:20 -07:00
Joshua Casey
60f82d2a55 Fix integration test typo 2024-08-05 11:32:20 -07:00
Ryan Richard
414ff503ef extract some common condition reason string constants 2024-08-05 11:32:20 -07:00
Joshua Casey
4ec5766ea9 Modify Concierge/Superivsor TLS spec integration tests to allow for older K8s versions 2024-08-05 11:32:20 -07:00
Joshua Casey
b7c26c43ca Add LDAPIdentityProvider and ActiveDirectoryIdentityProvider to the Supervisor TLS config static validation integration tests 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-08-05 11:32:20 -07:00
Joshua Casey
4b2ed52f44 Add GitHubIdentityProvider to the Supervisor TLS config static validation integration tests 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-08-05 11:32:20 -07:00
Ryan Richard
f381c92f0b Use templates to reduce duplication in concierge_tls_spec_test.go 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-08-05 11:32:20 -07:00
Joshua Casey
3a303cc8fb Supervisor TLS Spec validation integration tests should use helper method 2024-08-05 11:32:20 -07:00
Ryan Richard
09724cfa71 Add unit test: when discovery is already cached for OIDCIdentityProvider 2024-08-05 11:32:20 -07:00
Joshua Casey
d74c2a6e3f Supervisor TLS spec integration tests should use an OIDC issuer url from the test environment 2024-08-05 11:32:19 -07:00
Joshua Casey
0f9352db3b Integration tests should use a helper func to infer Supervisor's downstream issuer URL 2024-08-05 11:32:19 -07:00
Joshua Casey
afec420ce6 Add JWTAuthenticators to the static validation checks for concierge TLS spec 2024-08-05 11:32:19 -07:00
Joshua Casey
d5e3ad9da0 Concierge external TLS static integration tests use the real URL of the deployed local-user-authenticator 2024-08-05 11:32:19 -07:00
Ryan Richard
0f103ed2a4 Add unit tests for external CA bundle in oidc_upstream_watcher_test.go 2024-08-05 11:32:19 -07:00
Joshua Casey
d62d6a1f27 Refactor github_controller_watcher to simplify the tls Dial 2024-08-05 11:32:19 -07:00
Ryan Richard
a4ad5d68a9 Fix *_tls_spec_test.go for old versions of Kubernetes 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-08-05 11:32:19 -07:00
Ryan Richard
30c0fd479e Fix e2e_test.go 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-08-05 11:32:19 -07:00
Ryan Richard
756966c55b add "Status" printer column to JWTAuthenticator and WebhookAuthenticator 2024-08-05 11:32:19 -07:00
Joshua Casey
288e092d2e GitHub IDP watcher should not dial an address that has already been validated 2024-08-05 11:32:19 -07:00
Ryan Richard
72745cd8fe run codegen to update copyrights 2024-08-05 11:32:19 -07:00
Ryan Richard
8060e82745 include external CA bundles in the cache key in oidc_upstream_watcher.go 2024-08-05 11:32:19 -07:00
Ryan Richard
373713f7e0 webhook controller redoes validations when external CA bundle changes 2024-08-05 11:32:19 -07:00
Joshua Casey
66401b42d8 Add GitHubIDP tests for a CA bundle in a Secret or a ConfigMap 2024-08-05 11:32:19 -07:00
Joshua Casey
2d5943b21a Move conditions reason Success to conditions_util 2024-08-05 11:32:19 -07:00
Ryan Richard
920b519ebf error when CA bundle from Secret or ConfigMap is empty 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-08-05 11:32:19 -07:00
Joshua Casey
bf1c02d328 jwtauthenticator controller redoes validations when external CA bundle changes 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-08-05 11:32:19 -07:00
Joshua Casey
6e9023e090 add code review todos and light refactoring 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
1b7a26d932 test secret and configmap filtering in concierge authenticator controllers 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
cb4b63f8b3 integration tests for concierge authenticators 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
8eb15a924f integration tests for supervisor oidc, ldap, activedirectory IDP 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
6a610a9d51 add namespace to jwt authenticator controller 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
821a893f70 integration tests for supervisor oidc, ldap, activedirectory IDP 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
afcd80de37 more integration tests pass 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
edc327ba33 update supervisor RBAC to allow get, list, and watch on configmaps 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
90e8cc86c2 integration tests pass 2024-08-05 11:32:19 -07:00
Ashish Amarnath
9ab7c39d56 jwt cache filler 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
207bac9452 webhook cache filler 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
199562fd05 get all supervisor unit tests to pass 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
3a969a83b7 update supervisor controllers 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
aab1ee9edc unify TLS Spec between supervisor and concierge 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
080c75efe6 refactor tls spec validation into its own package 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
7e6dadb508 add CRD validation integration tests 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
19c3f2cb04 run hack/update.sh 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
842f14af4c update go templates for TLSSpec for concierge and supervisor 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:18 -07:00
Joshua Casey
1bb38911dc Merge pull request #2030 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2024-08-05 13:23:30 -05:00
Joshua Casey
ec943fffdc Bump golang.org/x/mod from 0.19.0 to 0.20.0 in /hack/update-go-mod 2024-08-05 12:08:46 -05:00
Pinny
ae1d182b30 Bump dependencies 2024-08-05 13:01:14 +00:00
Joshua Casey
7acc2aa383 Merge pull request #2026 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2024-08-02 16:04:46 -05:00
Pinny
d587c6b10e Bump dependencies 2024-08-02 13:02:39 +00:00