mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-04 20:24:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,363 Commits 21 Branches 50 Tags
4d2bbac674cdfce65e825b5bdc9e127b6189e5e6
Commit Graph

4363 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ryan Richard
4d2bbac674 use .cluster.local address for LUA (squid cannot resolve .svc addresses) 2024-10-10 14:44:14 -07:00
Ryan Richard
eca8914760 fix integration test for WebhookAuthenticator status conditions 2024-10-10 14:41:49 -07:00
Ryan Richard
2aa30edb88 explicitly define "podSelector" in NetworkPolicies 
because Kube API docs say it is not optional
 2024-10-10 11:45:16 -07:00
Ryan Richard
4f661aaa69 pay attention to web proxy settings during connection probes 
- WebhookAuthenticator will now detect the proxy setting and skip
  dialing the connection probe if it should go through a proxy
- GitHubIdentityProvider will avoid using tls.Dial altogether
  by instead making a real request to the GitHub API as its
  connection probe, because this will respect the proxy settings
 2024-10-10 10:41:31 -07:00
Ryan Richard
60cfa470b5 hack/prepare-for-integration-tests.sh has new option to firewall IDPs 2024-10-10 10:41:31 -07:00
Ryan Richard
7a41b74ac1 Merge pull request #2068 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2024-10-10 10:01:57 -07:00
Pinny
b400648e56 Bump dependencies 2024-10-10 13:01:47 +00:00
Ryan Richard
d4bb12ec6d Merge pull request #2065 from vmware-tanzu/jtc/dont-leak-goroutines-during-ldap-dial 
Check TLS bundle before dialing for performance reasons, and add godoc to clarify intent
 2024-10-08 09:06:07 -07:00
Ryan Richard
6fe55a3b48 assume port 443 when not specified in printServerCert() test helper 2024-10-07 13:18:42 -07:00
Joshua Casey
3e72e40af2 Merge pull request #2067 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2024-10-04 18:05:39 -05:00
Pinny
2501d41d93 Bump dependencies 2024-10-04 19:29:57 +00:00
Joshua T Casey
629f89d95b Check TLS bundle before dialing for performance reasons, and add godoc to clarify intent 
Signed-off-by: Ryan Richard <richardry@vmware.com>
 2024-10-02 14:54:30 -05:00
Joshua Casey
bb00587bd7 Merge pull request #2064 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2024-09-30 10:45:01 -05:00
Pinny
973886b683 Bump dependencies 2024-09-30 13:04:24 +00:00
Joshua Casey
4e30bc37f1 Merge pull request #2056 from vmware-tanzu/jtc/tls-dial-should-have-timeout 
GitHubIdentityProvider and WebhookAuthenticator should perform `tls.Dial` with a timeout
 2024-09-24 16:38:13 -05:00
Joshua Casey
01c2377de0 Refactor tests to use a table 2024-09-24 14:45:07 -05:00
Ashish Amarnath
0fab37c089 Update internal/crypto/ptls/dialer_test.go 
ignore lint error on nil context in unit test validating nil context
 2024-09-24 14:14:48 -05:00
Joshua Casey
f7fd209f29 Address PR feedback 2024-09-24 14:14:48 -05:00
Joshua Casey
76a116641f Add ptls.Dialer to provide some common configuration for tls.Dial operations 2024-09-24 14:14:48 -05:00
Joshua Casey
1e0f7d8437 Merge pull request #2063 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2024-09-24 14:11:17 -05:00
Pinny
7295ec661f Bump dependencies 2024-09-24 13:04:13 +00:00
Ashish Amarnath
1a1aac7d09 Merge pull request #2061 from vmware-tanzu/aa/fix-comments 
refactor and fix comments
 2024-09-23 14:27:00 -07:00
Ashish Amarnath
ab2c2e30cb refactor and fix comments 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-09-19 13:38:12 -07:00
Joshua Casey
65b93f0822 Merge pull request #2059 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2024-09-16 22:55:42 -05:00
Pinny
da77fb1c3f Bump dependencies 2024-09-16 13:04:19 +00:00
Joshua Casey
d9ccb11092 Merge pull request #2058 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2024-09-11 10:16:57 -05:00
Pinny
e62f9b2b48 Bump dependencies 2024-09-11 13:03:58 +00:00
Joshua Casey
62d17155ec Merge pull request #2057 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2024-09-10 18:54:55 -05:00
Joshua Casey
702d5bdc01 Bump golangci-lint to 1.61.0 2024-09-10 15:14:53 -05:00
Pinny
8ee08050cc Bump dependencies 2024-09-10 13:02:05 +00:00
Ashish Amarnath
1d81474d1b Merge pull request #2052 from vmware-tanzu/jtc/bump-all 
Bump dependencies and lint
 2024-09-06 13:30:00 -07:00
Joshua Casey
00e9b347db Bump BUILD_IMAGE in Dockerfiles 2024-09-05 08:16:36 -05:00
Joshua Casey
72fa369fc9 Integration tests should use PINNIPED_TEST_SUPERVISOR_SERVICE_NAME to decide where to port-forward 2024-09-04 20:52:01 -05:00
Joshua Casey
08abff1cae Bump golanglint-ci to 1.60.3 2024-09-04 20:52:01 -05:00
Joshua Casey
f476259bbf Bump all dependencies 2024-09-04 20:52:01 -05:00
Joshua Casey
c87f091a44 Upcoming k8s versions have an additional extra field in the CSR response 
- failure due to https://github.com/kubernetes/kubernetes/pull/125634
 2024-09-04 11:23:11 -05:00
Joshua Casey
d165899870 Merge pull request #2049 from vmware-tanzu/log_msg_level 
failed upstream OIDC token exchanges should show in log at default log config
 2024-09-03 10:50:41 -05:00
Joshua Casey
6c97600174 Merge branch 'main' into log_msg_level 2024-09-03 06:22:09 -05:00
Joshua Casey
3e2f7456c4 Merge pull request #2047 from vmware-tanzu/jtc/bump-to-k8s-1-31 
Bump K8s libs to 1.31 and add generated code for 1.31
 2024-09-03 06:21:54 -05:00
Joshua Casey
ca9503e4c0 Be sure to update the DEFAULT cert instead of the per-FederationDomain cert when the supervisor is using an IP address 2024-09-02 07:46:15 -05:00
Joshua Casey
dc72a36cb1 Add some logging to debug TLS validation failures with IP addresses 2024-09-01 08:26:23 -05:00
Joshua Casey
18e2024e3f Environment variables with 'https_address' in them should have 'https://' scheme 2024-08-31 17:46:35 -05:00
Joshua Casey
7d83e209c8 Integration tests should expect that the Supervisor hostname might be an IP address 2024-08-31 08:51:31 -05:00
Joshua Casey
1bbfa4984d Test refactor for clarity 2024-08-30 17:50:29 -05:00
Joshua Casey
557dee06f0 Allow the integration tests to set an IP address for the Supervisor issuer 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-08-30 15:48:04 -05:00
Joshua Casey
c0bab69cd1 Allow the Dex hostname to be set by integration tests 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-08-30 12:42:03 -05:00
Joshua Casey
f480daf7dc Upgrade all dependencies 2024-08-27 13:31:08 -05:00
Joshua Casey
cf56d808f2 No longer ship or generate code for Kubernetes 1.24 2024-08-27 13:26:40 -05:00
Joshua Casey
b78e2c7ded Update comments for testing 2024-08-27 13:26:40 -05:00
Joshua Casey
9b3bcca15e Add test to confirm that pversion.Get() returns something that utilversion.NewEffectiveVersion can consume 2024-08-27 13:26:40 -05:00