Ryan Richard
23fd15f840
Revert "Add integration tests for tls spec validation in JWTAuthenticator and WebhookAuthenticator"
...
This reverts commit c3405095b2
2024-08-05 12:52:21 -07:00
Ashish Amarnath
b70db9dc03
refactor to use new certificateAuthorityDataSourceKind enum
...
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com >
2024-08-05 11:32:21 -07:00
Ashish Amarnath
c3405095b2
Add integration tests for tls spec validation in JWTAuthenticator and WebhookAuthenticator
...
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com >
2024-08-05 11:32:21 -07:00
Ryan Richard
e0235ed190
update docs and change struct name in types_tls.go.tmpl files
...
Co-authored-by: Ashish Amarnath <ashish.amarnath@broadcom.com >
2024-08-05 11:32:21 -07:00
Ryan Richard
ed502949dd
webhookcachefiller and jwtcachefiller always update status when needed
...
Even when the authenticator is found in the cache, try to update its
status. Failing to do so would mean that the actual status will not
be overwritten by the controller's newly computed desired status.
Co-authored-by: Ashish Amarnath <ashish.amarnath@broadcom.com >
2024-08-05 11:32:20 -07:00
Ryan Richard
290676e4d1
improve info/debug log messages for jwtcachefiller & webhookcachefiller
...
Co-authored-by: Ashish Amarnath <ashish.amarnath@broadcom.com >
2024-08-05 11:32:20 -07:00
Ryan Richard
9f17ba5ae4
change wording of TLS config loaded success messages
2024-08-05 11:32:20 -07:00
Joshua Casey
9420bfde5b
webhookcachefiller controller loops over all webhookauthenticators
2024-08-05 11:32:20 -07:00
Joshua Casey
bf1c02d328
jwtauthenticator controller redoes validations when external CA bundle changes
...
Co-authored-by: Ryan Richard <richardry@vmware.com >
2024-08-05 11:32:19 -07:00
Ashish Amarnath
afcd80de37
more integration tests pass
...
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com >
2024-08-05 11:32:19 -07:00
Ashish Amarnath
90e8cc86c2
integration tests pass
2024-08-05 11:32:19 -07:00
Ryan Richard
a2be4b7b5e
clarify some comments based on PR feedback
2024-07-17 09:58:26 -07:00
Joshua Casey
e9252a9ee3
Enforce more imports
...
- k8s.io/apimachinery/pkg/apis/meta/v1
- k8s.io/api/core/v1
- github.com/coreos/go-oidc/v3/oidc
- github.com/ory/fosite/handler/oauth2
- go.pinniped.dev/generated/latest/apis/concierge/authentication/v1alpha1
2024-05-21 09:31:15 -05:00
Joshua Casey
875b0739aa
Enforce aliases for 'k8s.io/apimachinery/pkg/util/errors' and 'k8s.io/apimachinery/pkg/api/errors'
2024-05-21 09:31:15 -05:00
Joshua Casey
206a16f9e3
Integration test fixes - updated condition messages
2024-04-18 21:32:54 -05:00
Benjamin A. Petersen
c6b0820438
Fix some utils, spacing, func naming, test inputs, etc.
2024-03-26 16:22:51 -04:00
Benjamin A. Petersen
f86c46e160
Update WebhookAuthenticator Status WebhookConnectionValid
...
- ConnectionProbeValid -> WebhookConnectionValid
- This is to conform with the pattern of other controllers, ex:
LDAPConnectionValid
2024-03-26 15:33:44 -04:00
Benjamin A. Petersen
bec5fe85cc
change WebhookAuthenticator TLSConnectionNegotiationValid to ConnectionProbeValid
2024-03-19 18:00:40 -04:00
Benjamin A. Petersen
5bc4e678bf
WebhookAuthenticator Status integration test refactor to test table
2024-03-19 17:45:26 -04:00
Benjamin A. Petersen
097e6d5340
Always pass spec to CreateTestWebhookAuthenticator
2024-03-19 16:48:07 -04:00
Benjamin A. Petersen
337459feb0
Update webhook status integration tests
...
- total api fields test 260->261
2024-03-19 16:48:05 -04:00
Benjamin A. Petersen
590e2d18f7
Add WebhookAuthenticator integration tests, expand unit tests
...
- Add WebhookAuthenticator unit tests, update generated code
- Add validateTLSNegotiation(), update tests
- Update validateTLSNegotiation, add unit tests, factor out helpers
- Update generated code
2024-03-19 16:48:05 -04:00
Benjamin A. Petersen
ef36b454ba
Improve WebhookAuthenticator Status and Validations
...
- Validate TLS Configuration
- Validate Endpoint
- Validate TLS Negotiation
- Report status handshake negotiation with webhook
- Unit tests
- Integration tests
2024-03-19 16:48:03 -04:00
