mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-08 07:11:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,868 Commits 20 Branches 50 Tags
47de5118f2bc88d0f74e183639ca9ba01462d298
Commit Graph

1190 Commits

Author SHA1 Message Date
Joshua Casey
81f3acfa38 Update some build tags since go1.22+ is now required 2024-05-10 12:51:03 -05:00
Joshua Casey
e9d0ac5110 Enable 'intrange' linter 2024-05-10 12:51:02 -05:00
Joshua Casey
7b36c8ab54 Enable 'copyloopvar' linter 2024-05-10 12:51:02 -05:00
Joshua Casey
e04e5e0185 Fix revive linter issues for all production code, and exclude revive linter issues for test code 2024-05-10 12:51:02 -05:00
Joshua Casey
67d3b5fb82 Fix misspell lint issues 2024-05-10 12:51:01 -05:00
Ryan Richard
85e5970d6e only auto-detect version v1 of ValidatingAdmissionPlugin during startup 2024-05-06 09:11:39 -07:00
Joshua Casey
e6cb439d9c Merge branch 'main' into ben/fuzzing-error-message 2024-05-02 12:12:18 -05:00
Benjamin A. Petersen
fbc3334e8c Improve TestFuzzAndJSONNewValidEmptyAuthorizeCodeSession message 2024-05-02 11:36:24 -04:00
Ryan Richard
ad7df9f7d1 don't remove user's ability to configure http port to listen on loopback 2024-05-01 12:36:39 -07:00
Joshua Casey
d67238d46f Remove code related to deprecated config params logLevel and HTTP networking 2024-05-01 12:36:39 -07:00
Ryan Richard
0a63dd104d fix test failures caused by dep bump and update replace statements 2024-05-01 11:01:13 -07:00
Ryan Richard
3bdb380a1a don't change public signature of endpointaddr.Parse() 2024-04-29 13:31:49 -07:00
Ryan Richard
9838a7cb6d avoid the ValidatingAdmissionPolicy admission plugin when it can't work 2024-04-29 13:22:14 -07:00
Joshua Casey
9c2df74e54 Adjust to new K8s 1.30 API 2024-04-26 11:54:53 -07:00
Ryan Richard
57a07a498f Refactors for custom ID token lifetime based on PR feedback 2024-04-24 15:05:00 -07:00
Ryan Richard
a1efcefdce Unit tests for token endpoint for custom ID token lifetimes 2024-04-24 14:13:41 -07:00
Ryan Richard
5dbf05c31d Update the session storage versions due to new ID token lifetime field 2024-04-24 14:13:41 -07:00
Ryan Richard
af9612e98e Update more unit tests for configurable token lifetimes 2024-04-24 14:13:41 -07:00
Joshua Casey
c8bc192e0b Start working on units tests for configurable token lifetimes 2024-04-24 14:13:40 -07:00
Ryan Richard
def2b35e6e Make ID token lifetimes configurable on OIDCClient resources 2024-04-24 14:13:40 -07:00
Ryan Richard
1d8310ed44 clarify error message for when there is no healthy controller manager 2024-04-22 09:29:37 -07:00
Ryan Richard
0ef98f0558 Use new helpers to assert that all webhook dials use ptls settings 2024-04-19 11:15:59 -07:00
Joshua Casey
94bee9e882 Remove testutil.TLSTestServerWithCert in favor of the testutil/tlsserver package 2024-04-19 10:30:23 -05:00
Joshua Casey
da135d9958 Webhookcachefiller now uses a real tls.Dial, which means we can test IPv6 2024-04-19 09:24:17 -05:00
Ryan Richard
e048859afd Use ptls package when calling webhook during authentication 2024-04-18 16:00:57 -07:00
Ryan Richard
8c081c50d4 Use ptls package to determine TLS config when probing webhook for status 2024-04-18 12:55:49 -07:00
Joshua Casey
8ea339139e ldap.Conn.Start() is now deprecated as of https://github.com/go-ldap/ldap/releases/tag/v3.4.7 2024-04-08 06:49:03 -05:00
Benjamin A. Petersen
c6b0820438 Fix some utils, spacing, func naming, test inputs, etc. 2024-03-26 16:22:51 -04:00
Benjamin A. Petersen
f86c46e160 Update WebhookAuthenticator Status WebhookConnectionValid 
- ConnectionProbeValid -> WebhookConnectionValid
  - This is to conform with the pattern of other controllers, ex:
    LDAPConnectionValid
 2024-03-26 15:33:44 -04:00
Ben Petersen
eed0c9d5b0 Update ParseFromURL usage comment. 
- Carefully note the rfc27732 design for IPv6 in URLs, while also clarifying the handling of IPv6 in Golang.

Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-03-26 15:32:15 -04:00
Benjamin A. Petersen
e38a27d93d Add endpointaddr.ParseFromURL helper, WebhookAuthenticator handle additional IPv6 cases 2024-03-22 15:57:57 -04:00
Benjamin A. Petersen
b0904c2e99 change TestNewWebhookAuthenticator to test table style 2024-03-20 11:39:55 -04:00
Benjamin A. Petersen
bec5fe85cc change WebhookAuthenticator TLSConnectionNegotiationValid to ConnectionProbeValid 2024-03-19 18:00:40 -04:00
Joshua Casey
90e7343fb5 Add IPv6 test to WebhookAuthenticator ctrl tests 
Co-authored-by: Benjamin A. Petersen <ben@benjaminapetersen.me>
 2024-03-19 16:48:08 -04:00
Benjamin A. Petersen
5c0d67dc50 refactor WebhookAuthenticator newWebhookAuthenticator func 2024-03-19 16:48:08 -04:00
Benjamin A. Petersen
b6512bcbb6 add WebhookCacheFiller updateStatus tests 2024-03-19 16:48:07 -04:00
Benjamin A. Petersen
097e6d5340 Always pass spec to CreateTestWebhookAuthenticator 2024-03-19 16:48:07 -04:00
Benjamin A. Petersen
a45a537cdb Improve JWTAuthenticator validation of Issuer,Discovery 2024-03-19 16:48:06 -04:00
Benjamin A. Petersen
0467e5c1d5 Refactor logLines to SplitByNewline, deduplicate 2024-03-19 16:48:06 -04:00
Benjamin A. Petersen
337459feb0 Update webhook status integration tests 
- total api fields test 260->261
 2024-03-19 16:48:05 -04:00
Benjamin A. Petersen
590e2d18f7 Add WebhookAuthenticator integration tests, expand unit tests 
- Add WebhookAuthenticator unit tests, update generated code
- Add validateTLSNegotiation(), update tests
- Update validateTLSNegotiation, add unit tests, factor out helpers
- Update generated code
 2024-03-19 16:48:05 -04:00
Benjamin A. Petersen
ef36b454ba Improve WebhookAuthenticator Status and Validations 
- Validate TLS Configuration
- Validate Endpoint
- Validate TLS Negotiation
  - Report status handshake negotiation with webhook
- Unit tests
- Integration tests
 2024-03-19 16:48:03 -04:00
Joshua Casey
bc8aebeffe Use go.uber.org/mock instead of github.com/golang/mock and rerun mock generation 2024-03-11 13:42:30 -05:00
Joshua Casey
ffc49d96b3 Integration tests should use a valid value for CredentialIssuer spec.impersonationProxy.service.type 2024-03-08 11:19:15 -06:00
Joshua Casey
ab0682917a whoami integration test now allows for additional extra fields in K8s 1.30+ 2024-03-07 08:09:16 -06:00
Benjamin A. Petersen
e8482ab9e9 Update jwtauthenticator unit tests to check actions 
- Add test to verify timestamps are particularly updated
- Improve diff output in tests for actions
- Make jwtauthenticator status tests parallel
- Update copyright headers in multiple files
 2024-02-27 15:45:32 -08:00
Benjamin A. Petersen
42acf8dcce Add Status & tests for jwks key fetching 2024-02-27 15:45:32 -08:00
Benjamin A. Petersen
1c7e7048a8 Update copyright year in modified files 2024-02-27 15:45:32 -08:00
Benjamin A. Petersen
73e4d3144b Add integration tests for JWTAuthenticators 
- paired with changes to e2e_test.go, adds Status.Condition assertions
  around JWTAuthenticators
 2024-02-27 15:45:32 -08:00
Benjamin A. Petersen
084c3114f4 Improve jwtcachefiller tests 
- some format updates
- add timestamp to test
- fix order of expect,actual in some assertions
- remove some commented code no longer needed
 2024-02-27 15:45:32 -08:00