mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-05 13:07:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,490 Commits 21 Branches 50 Tags
1ebe2fcd1a95e4dfa80de3105c2d37b5c0a41618
Commit Graph

1049 Commits

Author SHA1 Message Date
Joshua Casey
e9252a9ee3 Enforce more imports 
- k8s.io/apimachinery/pkg/apis/meta/v1
- k8s.io/api/core/v1
- github.com/coreos/go-oidc/v3/oidc
- github.com/ory/fosite/handler/oauth2
- go.pinniped.dev/generated/latest/apis/concierge/authentication/v1alpha1
 2024-05-21 09:31:15 -05:00
Joshua Casey
875b0739aa Enforce aliases for 'k8s.io/apimachinery/pkg/util/errors' and 'k8s.io/apimachinery/pkg/api/errors' 2024-05-21 09:31:15 -05:00
Joshua Casey
e4daa5a924 Merge branch 'main' into jtc/merge-main-at-3fe3cf71-into-github 2024-05-16 16:05:34 -05:00
Joshua Casey
7787885463 Add federation domain cleanup in E2E integration test 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-05-16 14:18:43 -05:00
Ryan Richard
f320980006 Add integration test to prove that 'pinniped login oidc' will infer the flowtype from the Supervisor's IDP discovery 
Co-authored-by: Joshua T Casey <caseyj@vmware.com>
 2024-05-16 12:57:33 -05:00
Ryan Richard
7e0a3c114d Pinniped CLI and the oidc-client package are now enhanced by pinniped_supported_identity_provider_types 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-05-16 12:57:12 -05:00
Joshua Casey
69364b2183 Merge branch 'main' into jtc/merge-main-at-6b3f175-into-github 2024-05-16 09:22:28 -05:00
Ryan Richard
e13f4a7f29 refactor ptls to clarify the difference between FIPS and non-FIPS modes 
and backfill some basic tests
 2024-05-13 16:52:15 -07:00
Joshua Casey
f43b6f04dc Fix lint issues from golangci-lint 1.58.1 2024-05-10 15:15:59 -05:00
Joshua Casey
791b785dea Merge branch 'main' into jtc/merge-main-at-d7849c79-to-github 2024-05-10 14:22:09 -05:00
Joshua Casey
81f3acfa38 Update some build tags since go1.22+ is now required 2024-05-10 12:51:03 -05:00
Joshua Casey
e9d0ac5110 Enable 'intrange' linter 2024-05-10 12:51:02 -05:00
Joshua Casey
7b36c8ab54 Enable 'copyloopvar' linter 2024-05-10 12:51:02 -05:00
Joshua Casey
e04e5e0185 Fix revive linter issues for all production code, and exclude revive linter issues for test code 2024-05-10 12:51:02 -05:00
Ryan Richard
7c85a511a2 first draft of an e2e integration test for GitHub login (skip while WIP) 2024-05-09 15:35:37 -07:00
Ryan Richard
6be92f92fb bump Supervisor session storage versions 2024-05-09 15:35:37 -07:00
Joshua Casey
96e4442181 Add docs to configure the Supervisor with a GitHub IDP. 
- Does not include docs for configuring GitHub Apps or GitHub OAuth Apps
 2024-05-08 15:57:21 -05:00
Benjamin A. Petersen
c43193a0c8 Merge branch 'main' into github_identity_provider 2024-05-01 12:15:08 -04:00
Benjamin A. Petersen
00567645d0 Add conditional AD to IDP discovery test 2024-04-30 15:43:32 -04:00
Benjamin A. Petersen
92b9d68863 Add OIDC, LDAP to supervisor discovery test 2024-04-30 14:19:54 -04:00
Ryan Richard
1ac2215724 update an assertion in integration test leaderelection_test.go 2024-04-29 13:22:14 -07:00
Benjamin A. Petersen
6424f45c19 Add IDP Discovery integration test for GitHub 2024-04-29 14:57:14 -04:00
Joshua Casey
9c2df74e54 Adjust to new K8s 1.30 API 2024-04-26 11:54:53 -07:00
Benjamin A. Petersen
2753b468fd Update TestSupervisorFederationDomainStatus test 2024-04-25 17:02:07 -04:00
Ryan Richard
57a07a498f Refactors for custom ID token lifetime based on PR feedback 2024-04-24 15:05:00 -07:00
Ryan Richard
136bc7ac09 Mild refactor of integration test for custom ID token lifetimes 2024-04-24 14:13:41 -07:00
Ryan Richard
5dbf05c31d Update the session storage versions due to new ID token lifetime field 2024-04-24 14:13:41 -07:00
Joshua Casey
b31a893caf Add integration test and fix totalExpectedAPIFields 2024-04-24 14:13:40 -07:00
Ryan Richard
def2b35e6e Make ID token lifetimes configurable on OIDCClient resources 2024-04-24 14:13:40 -07:00
Joshua Casey
14b1b7c862 Polish up the github_upstream_watcher: default and verify spec.claims correctly 2024-04-24 13:37:40 -05:00
Joshua Casey
fe5d037600 Merge branch 'main' into jtc/merge-main-5fe94c4e-into-github 2024-04-23 12:42:07 -05:00
Ryan Richard
1d8310ed44 clarify error message for when there is no healthy controller manager 2024-04-22 09:29:37 -07:00
Ryan Richard
7c0c3211d1 fix typo in securetls_fips_test.go 2024-04-19 12:50:05 -07:00
Joshua Casey
94bee9e882 Remove testutil.TLSTestServerWithCert in favor of the testutil/tlsserver package 2024-04-19 10:30:23 -05:00
Joshua Casey
206a16f9e3 Integration test fixes - updated condition messages 2024-04-18 21:32:54 -05:00
Joshua Casey
c9b61ef010 Populate internal GitHub IDP Config from CRD 2024-04-16 14:33:01 -05:00
Joshua Casey
8ea339139e ldap.Conn.Start() is now deprecated as of https://github.com/go-ldap/ldap/releases/tag/v3.4.7 2024-04-08 06:49:03 -05:00
Joshua Casey
42dd8d1d9d First draft of a GitHubIdentityProvider CRD 2024-04-01 15:10:46 -05:00
Benjamin A. Petersen
c6b0820438 Fix some utils, spacing, func naming, test inputs, etc. 2024-03-26 16:22:51 -04:00
Benjamin A. Petersen
f86c46e160 Update WebhookAuthenticator Status WebhookConnectionValid 
- ConnectionProbeValid -> WebhookConnectionValid
  - This is to conform with the pattern of other controllers, ex:
    LDAPConnectionValid
 2024-03-26 15:33:44 -04:00
Benjamin A. Petersen
bec5fe85cc change WebhookAuthenticator TLSConnectionNegotiationValid to ConnectionProbeValid 2024-03-19 18:00:40 -04:00
Benjamin A. Petersen
5bc4e678bf WebhookAuthenticator Status integration test refactor to test table 2024-03-19 17:45:26 -04:00
Benjamin A. Petersen
097e6d5340 Always pass spec to CreateTestWebhookAuthenticator 2024-03-19 16:48:07 -04:00
Benjamin A. Petersen
5c1fa6d52c Adjust testlib/client.go for lint quirk 2024-03-19 16:48:06 -04:00
Benjamin A. Petersen
337459feb0 Update webhook status integration tests 
- total api fields test 260->261
 2024-03-19 16:48:05 -04:00
Benjamin A. Petersen
590e2d18f7 Add WebhookAuthenticator integration tests, expand unit tests 
- Add WebhookAuthenticator unit tests, update generated code
- Add validateTLSNegotiation(), update tests
- Update validateTLSNegotiation, add unit tests, factor out helpers
- Update generated code
 2024-03-19 16:48:05 -04:00
Benjamin A. Petersen
ef36b454ba Improve WebhookAuthenticator Status and Validations 
- Validate TLS Configuration
- Validate Endpoint
- Validate TLS Negotiation
  - Report status handshake negotiation with webhook
- Unit tests
- Integration tests
 2024-03-19 16:48:03 -04:00
Ryan Richard
d49b011d65 Merge branch 'main' into cli_callback_cors_get 2024-03-08 11:36:32 -08:00
Ryan Richard
f55d56bf4a CLI's localhost listener handles CORS preflight requests for GETs 2024-03-08 10:45:57 -08:00
Joshua Casey
ffc49d96b3 Integration tests should use a valid value for CredentialIssuer spec.impersonationProxy.service.type 2024-03-08 11:19:15 -06:00