pinniped

mirror of https://github.com/vmware-tanzu/pinniped.git synced 2025-12-23 06:15:47 +00:00

Author	SHA1	Message	Date
Ryan Richard	54d530784d	upgrade to golangci-lint v2.7.2, bring back some nolint directives	2025-12-22 11:03:46 -08:00
Ryan Richard	5218c20c76	upgrade linter and remove newly unused linter directives	2025-12-05 10:56:33 -08:00
Joshua Casey	08abff1cae	Bump golanglint-ci to 1.60.3	2024-09-04 20:52:01 -05:00
Monis Khan	0674215ef3	Switch to go.uber.org/zap for JSON formatted logging Signed-off-by: Monis Khan <mok@vmware.com>	2022-05-24 11:17:42 -04:00
Monis Khan	cd686ffdf3	Force the use of secure TLS config This change updates the TLS config used by all pinniped components. There are no configuration knobs associated with this change. Thus this change tightens our static defaults. There are four TLS config levels: 1. Secure (TLS 1.3 only) 2. Default (TLS 1.2+ best ciphers that are well supported) 3. Default LDAP (TLS 1.2+ with less good ciphers) 4. Legacy (currently unused, TLS 1.2+ with all non-broken ciphers) Highlights per component: 1. pinniped CLI - uses "secure" config against KAS - uses "default" for all other connections 2. concierge - uses "secure" config as an aggregated API server - uses "default" config as a impersonation proxy API server - uses "secure" config against KAS - uses "default" config for JWT authenticater (mostly, see code) - no changes to webhook authenticater (see code) 3. supervisor - uses "default" config as a server - uses "secure" config against KAS - uses "default" config against OIDC IDPs - uses "default LDAP" config against LDAP IDPs Signed-off-by: Monis Khan <mok@vmware.com>	2021-11-17 16:55:35 -05:00
Andrew Keesler	93ebd0f949	internal/plog: add Enabled() Signed-off-by: Andrew Keesler <akeesler@vmware.com>	2021-02-02 18:01:06 -05:00
Monis Khan	a5643e3738	Add log level support Signed-off-by: Monis Khan <mok@vmware.com>	2020-11-10 10:22:27 -05:00

7 Commits