mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-08 07:11:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,998 Commits 20 Branches 50 Tags
8733a24ebfd13541c44387537cb2c22e2b3ceef5
Commit Graph

958 Commits

Author SHA1 Message Date
Joshua Casey
58b4ecc0aa user sees error msg when GitHub login is denied due to allowed orgs 
Also renamed an interface function from GetName to GetResourceName.

Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-06-03 10:56:28 -07:00
Ryan Richard
e3d8c71f97 sleep longer before generating any GitHib OTP codes 2024-05-31 12:03:36 -07:00
Ryan Richard
6364ac9ac7 change status condition type name to be "ClientCredentialsSecretValid" 
For both GitHubIdentityProvider and OIDCIdentityProvider to make them
consistent with each other.
 2024-05-31 09:59:30 -07:00
Ryan Richard
e89daadfcf dump debugging info when a browser-based test fails 2024-05-31 09:09:24 -07:00
Ryan Richard
c5b54ec27e resolve a todo in supervisor_discovery_test.go 2024-05-30 14:48:35 -07:00
Ryan Richard
6327f51f5b repeat same github int tests using OAuth client in supervisor_login_test 2024-05-30 09:58:10 -07:00
Ryan Richard
2bf11ffde1 update error message assertion for github in supervisor_login_test.go 2024-05-29 09:45:43 -07:00
Ryan Richard
bb1737daec slow down github integration tests to avoid OTP reuse errors from github 2024-05-22 21:21:45 -05:00
Ryan Richard
fef494949f implement upstream refresh for github 2024-05-22 21:21:45 -05:00
Ryan Richard
e69eb46911 Add github integration tests to supervisor_login_test.go 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-05-22 21:21:45 -05:00
Ryan Richard
8923704f3c Finish initial github login flow 
Also:
- fix github teams query: fix bug and sort/unique the results
- add IDP display name to github downstream subject
- fix error types returned by LoginFromCallback
- add trace logs to github API results
- update e2e test
- implement placeholder version of refresh for github
 2024-05-22 21:21:45 -05:00
Joshua Casey
e4daa5a924 Merge branch 'main' into jtc/merge-main-at-3fe3cf71-into-github 2024-05-16 16:05:34 -05:00
Joshua Casey
7787885463 Add federation domain cleanup in E2E integration test 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-05-16 14:18:43 -05:00
Ryan Richard
f320980006 Add integration test to prove that 'pinniped login oidc' will infer the flowtype from the Supervisor's IDP discovery 
Co-authored-by: Joshua T Casey <caseyj@vmware.com>
 2024-05-16 12:57:33 -05:00
Ryan Richard
7e0a3c114d Pinniped CLI and the oidc-client package are now enhanced by pinniped_supported_identity_provider_types 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-05-16 12:57:12 -05:00
Joshua Casey
69364b2183 Merge branch 'main' into jtc/merge-main-at-6b3f175-into-github 2024-05-16 09:22:28 -05:00
Ryan Richard
e13f4a7f29 refactor ptls to clarify the difference between FIPS and non-FIPS modes 
and backfill some basic tests
 2024-05-13 16:52:15 -07:00
Joshua Casey
f43b6f04dc Fix lint issues from golangci-lint 1.58.1 2024-05-10 15:15:59 -05:00
Joshua Casey
791b785dea Merge branch 'main' into jtc/merge-main-at-d7849c79-to-github 2024-05-10 14:22:09 -05:00
Joshua Casey
81f3acfa38 Update some build tags since go1.22+ is now required 2024-05-10 12:51:03 -05:00
Joshua Casey
e9d0ac5110 Enable 'intrange' linter 2024-05-10 12:51:02 -05:00
Joshua Casey
7b36c8ab54 Enable 'copyloopvar' linter 2024-05-10 12:51:02 -05:00
Joshua Casey
e04e5e0185 Fix revive linter issues for all production code, and exclude revive linter issues for test code 2024-05-10 12:51:02 -05:00
Ryan Richard
7c85a511a2 first draft of an e2e integration test for GitHub login (skip while WIP) 2024-05-09 15:35:37 -07:00
Ryan Richard
6be92f92fb bump Supervisor session storage versions 2024-05-09 15:35:37 -07:00
Joshua Casey
96e4442181 Add docs to configure the Supervisor with a GitHub IDP. 
- Does not include docs for configuring GitHub Apps or GitHub OAuth Apps
 2024-05-08 15:57:21 -05:00
Benjamin A. Petersen
c43193a0c8 Merge branch 'main' into github_identity_provider 2024-05-01 12:15:08 -04:00
Benjamin A. Petersen
00567645d0 Add conditional AD to IDP discovery test 2024-04-30 15:43:32 -04:00
Benjamin A. Petersen
92b9d68863 Add OIDC, LDAP to supervisor discovery test 2024-04-30 14:19:54 -04:00
Ryan Richard
1ac2215724 update an assertion in integration test leaderelection_test.go 2024-04-29 13:22:14 -07:00
Benjamin A. Petersen
6424f45c19 Add IDP Discovery integration test for GitHub 2024-04-29 14:57:14 -04:00
Joshua Casey
9c2df74e54 Adjust to new K8s 1.30 API 2024-04-26 11:54:53 -07:00
Benjamin A. Petersen
2753b468fd Update TestSupervisorFederationDomainStatus test 2024-04-25 17:02:07 -04:00
Ryan Richard
57a07a498f Refactors for custom ID token lifetime based on PR feedback 2024-04-24 15:05:00 -07:00
Ryan Richard
136bc7ac09 Mild refactor of integration test for custom ID token lifetimes 2024-04-24 14:13:41 -07:00
Ryan Richard
5dbf05c31d Update the session storage versions due to new ID token lifetime field 2024-04-24 14:13:41 -07:00
Joshua Casey
b31a893caf Add integration test and fix totalExpectedAPIFields 2024-04-24 14:13:40 -07:00
Ryan Richard
def2b35e6e Make ID token lifetimes configurable on OIDCClient resources 2024-04-24 14:13:40 -07:00
Joshua Casey
14b1b7c862 Polish up the github_upstream_watcher: default and verify spec.claims correctly 2024-04-24 13:37:40 -05:00
Joshua Casey
fe5d037600 Merge branch 'main' into jtc/merge-main-5fe94c4e-into-github 2024-04-23 12:42:07 -05:00
Ryan Richard
1d8310ed44 clarify error message for when there is no healthy controller manager 2024-04-22 09:29:37 -07:00
Ryan Richard
7c0c3211d1 fix typo in securetls_fips_test.go 2024-04-19 12:50:05 -07:00
Joshua Casey
94bee9e882 Remove testutil.TLSTestServerWithCert in favor of the testutil/tlsserver package 2024-04-19 10:30:23 -05:00
Joshua Casey
206a16f9e3 Integration test fixes - updated condition messages 2024-04-18 21:32:54 -05:00
Joshua Casey
c9b61ef010 Populate internal GitHub IDP Config from CRD 2024-04-16 14:33:01 -05:00
Joshua Casey
8ea339139e ldap.Conn.Start() is now deprecated as of https://github.com/go-ldap/ldap/releases/tag/v3.4.7 2024-04-08 06:49:03 -05:00
Joshua Casey
42dd8d1d9d First draft of a GitHubIdentityProvider CRD 2024-04-01 15:10:46 -05:00
Benjamin A. Petersen
c6b0820438 Fix some utils, spacing, func naming, test inputs, etc. 2024-03-26 16:22:51 -04:00
Benjamin A. Petersen
f86c46e160 Update WebhookAuthenticator Status WebhookConnectionValid 
- ConnectionProbeValid -> WebhookConnectionValid
  - This is to conform with the pattern of other controllers, ex:
    LDAPConnectionValid
 2024-03-26 15:33:44 -04:00
Benjamin A. Petersen
bec5fe85cc change WebhookAuthenticator TLSConnectionNegotiationValid to ConnectionProbeValid 2024-03-19 18:00:40 -04:00