mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2025-12-23 06:15:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,260 Commits 21 Branches 49 Tags
b3770401446844f81172163aac8d7602f964962c
Commit Graph

4260 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ryan Richard
b377040144 Merge pull request #2034 from vmware-tanzu/jtc/older-idps-should-use-unknown-condition-status 
OIDC/LDAP/AD IDPs should use unknown condition status
v0.33.0 		2024-08-06 20:13:02 -07:00
Ryan Richard
c1328d9619 update expectation in supervisor_ldap_idp_test.go 2024-08-06 16:08:25 -07:00
Joshua Casey
f918edd846 Add integration tests to ensure that LDAP/AD conditions with status Unknown if they cannot be validated 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-08-06 16:08:25 -07:00
Ryan Richard
6b49cd7d28 add Unknown SearchBaseFound status condition for AD only 2024-08-06 16:08:25 -07:00
Joshua Casey
afa3aa2232 LDAP and AD IDPs now always report condition with type LDAPConnectionValid, even if the status is unknown 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-08-06 16:08:25 -07:00
Joshua Casey
1c59a41cc5 Remove some dead code from LDAP/AD controllers 2024-08-06 16:08:25 -07:00
Joshua Casey
0626b22c70 OIDC Upstream Watcher now reports condition OIDCDiscoverySucceeded with status Unknown if TLS validation fails 2024-08-06 16:08:25 -07:00
Ryan Richard
fbbec507d1 Merge pull request #2036 from vmware-tanzu/bump_codegen 
Bump codegen
 2024-08-06 15:08:32 -07:00
Ryan Richard
a4b0416174 Merge pull request #2035 from vmware-tanzu/go-github-v62 
upgrade github.com/google/go-github from v62 to v63
 2024-08-06 15:08:10 -07:00
Ryan Richard
659f33dc55 run codegen for updated kube-versions.txt 2024-08-06 13:53:44 -07:00
Ryan Richard
20ddf553ce update kube-versions.txt 2024-08-06 13:50:25 -07:00
Ryan Richard
7483de5e90 upgrade github.com/google/go-github from v62 to v63 2024-08-06 13:45:38 -07:00
Joshua Casey
9f1d6258a2 Merge pull request #2032 from vmware-tanzu/github_api_host 
When testing connection for GitHubIdentityProvider host `github.com`, actually dial `api.github.com`
 2024-08-06 12:53:08 -05:00
Ryan Richard
99b59a90b6 run codegen for gihub doc change from previous commit 2024-08-06 08:58:30 -07:00
Ryan Richard
56bf9bad25 GitHubIdentityProvider: document github.com vs. api.github.com 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-08-06 08:58:30 -07:00
Ryan Richard
229b6a262e when dialing github to test connection, dial api.github.com 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-08-06 08:58:30 -07:00
Ryan Richard
74d9fb863f Merge pull request #2028 from vmware-tanzu/doc_typo 
fix WS1 doc typo
 2024-08-06 08:58:00 -07:00
Joshua Casey
e332fb505c Merge branch 'main' into doc_typo 2024-08-06 09:10:21 -05:00
Ashish Amarnath
dafde586ec Merge pull request #2033 from vmware-tanzu/update-comments 
fix typo in integration test function comments
 2024-08-06 06:50:44 -07:00
Joshua Casey
cb101e4dbe Merge branch 'main' into doc_typo 2024-08-06 08:28:22 -05:00
Ashish Amarnath
6fdfee36fe fix typo in integration test function comments 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 23:33:31 -07:00
Ryan Richard
0787301ddb Merge pull request #1996 from ashish-amarnath/ca-bundles-ref 
Implement proposal to allow Pinniped custom resources to ref configmaps or secrets for CA bundles
 2024-08-05 14:28:39 -07:00
Ryan Richard
2af510a3ee Revert "add integration test for TLS config validation in GitHubIdentityProvider" 
This reverts commit 23129da3e2.
 2024-08-05 12:52:41 -07:00
Ryan Richard
fdeca2c026 Revert "add integration test for TLS config validation in OIDCIdentityProvider" 
This reverts commit 59402bca7b.
 2024-08-05 12:52:29 -07:00
Ryan Richard
23fd15f840 Revert "Add integration tests for tls spec validation in JWTAuthenticator and WebhookAuthenticator" 
This reverts commit c3405095b2.
 2024-08-05 12:52:21 -07:00
Ryan Richard
06b7d302a2 fix typo in tmpl and run codegen 2024-08-05 11:32:21 -07:00
Ashish Amarnath
b70db9dc03 refactor to use new certificateAuthorityDataSourceKind enum 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:21 -07:00
Ryan Richard
d4ac69d88e run codegen for changes in previous commit 2024-08-05 11:32:21 -07:00
Ryan Richard
59c2295dfd improve api docs for TLSSpec in authenticator and IDP specs 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
Co-authored-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:21 -07:00
Ryan Richard
4eb9a09385 test more condition message cases in concierge_tls_spec_test.go and supervisor_tls_spec_test.go 2024-08-05 11:32:21 -07:00
Ryan Richard
db2d7c8c50 assert on condition message in concierge_tls_spec_test.go and supervisor_tls_spec_test.go 2024-08-05 11:32:21 -07:00
Ryan Richard
2ebf9d3d00 minor test refactor 2024-08-05 11:32:21 -07:00
Ryan Richard
67de14a3b8 ran codegen on previous commit's changes 2024-08-05 11:32:21 -07:00
Ryan Richard
a40c88ebf3 document allowed enum values and default values in all CR spec fields 2024-08-05 11:32:21 -07:00
Ashish Amarnath
23129da3e2 add integration test for TLS config validation in GitHubIdentityProvider 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:21 -07:00
Ashish Amarnath
59402bca7b add integration test for TLS config validation in OIDCIdentityProvider 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:21 -07:00
Ashish Amarnath
c3405095b2 Add integration tests for tls spec validation in JWTAuthenticator and WebhookAuthenticator 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:21 -07:00
Ryan Richard
2181418cc5 refactor test helpers in supervisor_login_test.go 
Co-authored-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:21 -07:00
Ryan Richard
e0235ed190 update docs and change struct name in types_tls.go.tmpl files 
Co-authored-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:21 -07:00
Ryan Richard
02e41baa47 small refactors 2024-08-05 11:32:21 -07:00
Ryan Richard
91ef68992c document new CA bundle source option in howto docs 2024-08-05 11:32:20 -07:00
Ashish Amarnath
43964ff7a2 update generated api docs 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:20 -07:00
Ashish Amarnath
19c4acf391 secret/configmap with CA bundle to be created in namespace where pinniped is installed 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:20 -07:00
Ryan Richard
ed502949dd webhookcachefiller and jwtcachefiller always update status when needed 
Even when the authenticator is found in the cache, try to update its
status. Failing to do so would mean that the actual status will not
be overwritten by the controller's newly computed desired status.

Co-authored-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:20 -07:00
Ashish Amarnath
a0c259ffbc update expectation conditions message when CA bundle is not configured 
fix a typo where we intended to use a configmap instead of a secret

Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>

Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-08-05 11:32:20 -07:00
Joshua Casey
d6d66faae3 jwtcachefiller now tests for exact log lines and prints when it chooses to not update the status 2024-08-05 11:32:20 -07:00
Ryan Richard
15c84fcc94 extract helper func in jwtcachefiller and webhookcachefiller 2024-08-05 11:32:20 -07:00
Joshua Casey
1438f06c12 webhookcachefiller adds more detail when it chooses to update or not update status conditions 2024-08-05 11:32:20 -07:00
Joshua Casey
ca5bb2170c webhookcontroller should use a logger that is built for each webhook authenticator 2024-08-05 11:32:20 -07:00
Joshua Casey
05a2fd97f8 webhookcontroller now only logs the webhook authenticator name instead of an object 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-08-05 11:32:20 -07:00