pinniped

mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-04 20:24:26 +00:00

Author	SHA1	Message	Date
Ryan Richard	5218c20c76	upgrade linter and remove newly unused linter directives	2025-12-05 10:56:33 -08:00
Ryan Richard	cba4e2a2e8	update test expectations for new oidc error message text	2025-12-05 10:30:46 -08:00
Ryan Richard	fa5f75464d	upgrade dep github.com/google/go-github to v75	2025-10-24 09:58:52 -07:00
Ryan Richard	9be6bb0b94	allow the kube cert agent deployment's strategy type to be configured	2025-10-23 18:10:19 -07:00
Joshua Casey	270594cdb1	Allow users to specify the RunAsUser and RunAsGroup for the kube-cert-agent container	2025-10-20 13:45:46 -05:00
Joshua Casey	2f68041c88	fix lint issues	2025-10-17 07:29:52 -05:00
Joshua Casey	513f1cf7d9	Update net/url as per https://github.com/golang/go/issues/75713	2025-10-17 07:29:52 -05:00
Ryan Richard	c51fde6c5a	upgrade to github.com/google/go-github/v74	2025-08-28 10:52:36 -07:00
Ryan Richard	577797d569	add new supervisor configmap option to ignore userinfo endpoints by matching issuer URLs	2025-08-27 13:22:17 -07:00
Ryan Richard	e427a5202e	add new bool supervisor configmap option to ignore userinfo endpoints	2025-08-27 12:13:15 -07:00
Ryan Richard	4fe8167f60	account for move of repo from vmware-tanzu to vmware on GitHub	2025-08-02 15:08:15 -07:00
Ryan Richard	9c1cc8db50	update github.com/google/go-github and Kube versions in generated code	2025-08-01 13:41:39 -07:00
Ryan Richard	3a02eec765	avoid using t.Context inside t.Cleanup because it is already cancelled	2025-07-30 15:22:20 -07:00
Joshua Casey	1c1b3b7f2e	Bump golangci-lint to 2.3.0 and fix issues	2025-07-30 10:25:23 -05:00
Joshua Casey	17cb4c2ee5	Update unit test malformed jwt error messages due to https://github.com/coreos/go-oidc/compare/v3.14.1...v3.15.0	2025-07-30 09:21:37 -05:00
Ryan Richard	83696fd023	improve errors and docs for JWTAuthenticator features, with int tests	2025-07-18 12:22:06 -07:00
Ryan Richard	64e5e20010	add usernameExpression and groupsExpression to JWTAuthenticator CRD	2025-07-16 14:56:44 -07:00
Ryan Richard	2a83d00373	add claimValidationRules, userValidationRules, and claims.extra to JWTAuthenticator CRD	2025-07-16 14:56:44 -07:00
Ryan Richard	96ef1b75a7	update github client, kube versions, linter	2025-07-02 13:31:37 -07:00
Ryan Richard	5258bd542c	update test expectation due to dependency bump	2025-07-01 13:46:39 -07:00
Ryan Richard	7276a1df53	add new concierge configuration option kubeCertAgent.priorityClassName	2025-05-16 10:43:13 -05:00
Ryan Richard	e743beac53	upgrade k8s libs to v0.33.0	2025-05-13 11:56:03 -07:00
Joshua Casey	b8e7a64afe	Bump libs to k8s.io@v0.32.3, add codegen for k8s 1.32, and drop codegen for k8s 1.25	2025-05-12 16:36:46 -07:00
Ryan Richard	dfc4c38259	upgrade github.com/google/go-github to v71	2025-05-12 15:47:36 -07:00
Ryan Richard	c600cf7949	upgrade linter to latest	2025-05-12 15:19:50 -07:00
Ryan Richard	85c94116ce	ignore a new lint warning	2025-04-08 12:55:20 -07:00
Joshua Casey	6057b0c912	Bump to github.com/google/go-github/v70	2025-03-24 10:13:45 -05:00
Ryan Richard	d625ada06a	upgrade github.com/google/go-github and k8s.io packages	2025-03-18 12:38:29 -07:00
Ryan Richard	d90b3c23ef	introduce new configuration option to disable admission plugin types	2025-03-17 14:49:17 -07:00
Ryan Richard	749633e43c	support response_mode=form_post in upstream OIDC IDPs	2025-03-06 15:28:47 -08:00
Ryan Richard	3a6573f89e	remove fips_enable_tls13_max_for_default_profile build tag	2025-02-19 11:47:34 -08:00
Ryan Richard	4e04f5b606	remove fips_strict insecure ciphers which do not seem to be in Go 1.24	2025-02-19 08:13:55 -08:00
Ryan Richard	39a86e7d52	upgrade Go linter to current latest	2025-02-18 10:47:24 -08:00
Ryan Richard	8cfc1c08ec	allow both TLS v1.2 and v1.3 in fips mode, supported starting in Go 1.24	2025-02-18 10:46:59 -08:00
Joshua Casey	5c39374915	Update code for fosite changes	2025-02-03 10:28:42 -06:00
Joshua Casey	1d873be184	Make sure that CEL errors are checked for the appropriate Kube version	2025-01-27 10:46:55 -06:00
Joshua Casey	31b45525ce	Remove deprecated CredentialIssuer.status.kubeConfigInfo	2025-01-27 10:46:55 -06:00
Ryan Richard	abe3391cce	use github.Ptr where deprecated github.String and github.Int64 were used	2025-01-14 09:40:48 -08:00
Ryan Richard	6ae27c87f6	upgrade dep to github.com/google/go-github/v68/github	2025-01-14 09:03:06 -08:00
Ryan Richard	7221be5a8a	add doc describing all tokens and credentials	2025-01-08 12:35:34 -08:00
Ryan Richard	9619a0f226	change remoteAddr to sourceIPs in Supervisor audit log for incoming reqs	2025-01-06 21:21:01 -06:00
Ryan Richard	4872be0a84	upgrade golangci-lint to v1.63.4	2025-01-06 13:03:46 -08:00
Ryan Richard	b625b4a076	introduce build tags to optionally override some TLS settings	2024-12-20 10:28:32 -08:00
Ryan Richard	90c95866d1	upgrade fosite to v0.49.0 and handle its API changes	2024-12-13 10:17:42 -08:00
Joshua Casey	87640ca54a	Callback endpoint emits audit log with authorizeID even when code param not found Co-authored-by: Ryan Richard <richardry@vmware.com>	2024-12-09 12:47:54 -06:00
Ryan Richard	170cc3bba4	ran new hack script to update all majors: updated github mod	2024-12-03 12:52:29 -06:00
Joshua Casey	28e22d7dd2	Update error text assertion due to change in ory/fosite - `db74aa7abd`	2024-12-02 11:08:30 -06:00
Ryan Richard	ae5aad178d	TokenCredentialRequest uses actual cert expiry time instead of estimate and also audit logs both the NotBefore and NotAfter of the issued cert. Implemented by changing the return type of the cert issuer helpers to make them also return the NotBefore and NotAfter values of the new cert, along with the key PEM and cert PEM.	2024-11-27 13:53:03 -06:00
Ryan Richard	ecd23e86ce	callback endpoint renders more useful user-facing error messages Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>	2024-11-27 13:53:03 -06:00
Ryan Richard	54b35c30da	rename `tokenIdentifier` to `tokenID` in the audit logs Because `tokenID` is more consistent with the names of the other correlation keys.	2024-11-27 13:53:03 -06:00

1 2 3 4 5 ...

1478 Commits