Ryan Richard
4f661aaa69
pay attention to web proxy settings during connection probes
...
- WebhookAuthenticator will now detect the proxy setting and skip
dialing the connection probe if it should go through a proxy
- GitHubIdentityProvider will avoid using tls.Dial altogether
by instead making a real request to the GitHub API as its
connection probe, because this will respect the proxy settings
2024-10-10 10:41:31 -07:00
Joshua Casey
f7fd209f29
Address PR feedback
2024-09-24 14:14:48 -05:00
Joshua Casey
76a116641f
Add ptls.Dialer to provide some common configuration for tls.Dial operations
2024-09-24 14:14:48 -05:00
Joshua Casey
f798777a3b
Refactor: reorder parameters to MergeConditions
2024-08-08 08:12:41 -05:00
Joshua Casey
afa3aa2232
LDAP and AD IDPs now always report condition with type LDAPConnectionValid, even if the status is unknown
...
Co-authored-by: Ryan Richard <richardry@vmware.com >
2024-08-06 16:08:25 -07:00
Ryan Richard
229b6a262e
when dialing github to test connection, dial api.github.com
...
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com >
2024-08-06 08:58:30 -07:00
Joshua Casey
a888083c50
Introduce type alias CABundleHash for the hash of a CA bundle ([32]byte)
...
Co-authored-by: Ryan Richard <richardry@vmware.com >
Co-authored-by: Ashish Amarnath <ashish.amarnath@broadcom.com >
2024-08-05 11:32:20 -07:00
Joshua Casey
fcceeed9fa
Refactor tlsconfigutil.CABundle 'getters' to not have 'get' in the name
...
Co-authored-by: Ryan Richard <richardry@vmware.com >
2024-08-05 11:32:20 -07:00
Joshua Casey
15d0006841
Pull tlsconfigutil.CABundle into a separate file
2024-08-05 11:32:20 -07:00
Ashish Amarnath
005dbf3aa8
refactor tlsconfigutil to return a caBundle type
...
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com >
2024-08-05 11:32:20 -07:00
Ryan Richard
414ff503ef
extract some common condition reason string constants
2024-08-05 11:32:20 -07:00
Joshua Casey
d62d6a1f27
Refactor github_controller_watcher to simplify the tls Dial
2024-08-05 11:32:19 -07:00
Joshua Casey
288e092d2e
GitHub IDP watcher should not dial an address that has already been validated
2024-08-05 11:32:19 -07:00
Joshua Casey
6e9023e090
add code review todos and light refactoring
...
Co-authored-by: Ryan Richard <richardry@vmware.com >
2024-08-05 11:32:19 -07:00
Ashish Amarnath
3a969a83b7
update supervisor controllers
...
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com >
2024-08-05 11:32:19 -07:00
Joshua Casey
678be9902a
Lint new files from the GitHub branch
2024-06-11 10:16:18 -05:00
Ryan Richard
6364ac9ac7
change status condition type name to be "ClientCredentialsSecretValid"
...
For both GitHubIdentityProvider and OIDCIdentityProvider to make them
consistent with each other.
2024-05-31 09:59:30 -07:00
Ryan Richard
8f8db3f542
Make github org comparison case-insensitive, but return original case
...
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com >
2024-05-22 21:21:45 -05:00
Ryan Richard
7277d00e1a
refactor upstreamgithub.ProviderConfig to hold more config
2024-05-09 15:35:37 -07:00
Benjamin A. Petersen
44edba6f75
Add tests for Github in FederationDomain ListerFinder
2024-04-25 17:01:57 -04:00
Joshua Casey
14b1b7c862
Polish up the github_upstream_watcher: default and verify spec.claims correctly
2024-04-24 13:37:40 -05:00
Joshua Casey
c8b90df6f1
Inline using phttp.Default
2024-04-23 18:06:26 -05:00
Joshua Casey
c9b61ef010
Populate internal GitHub IDP Config from CRD
2024-04-16 14:33:01 -05:00
Benjamin A. Petersen
e2db152c6c
Stub in TestUpstreamGithubIdentityProvider for unit tests
2024-04-02 13:59:11 -04:00
Benjamin A. Petersen
5c490e999d
Stub in unit tests for github_upstream_watcher
2024-04-02 12:38:06 -04:00
Benjamin A. Petersen
a11e1527f0
Add github-upstream-observer Controller
2024-04-02 10:53:26 -04:00
