mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-02-11 15:21:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,297 Commits 36 Branches 51 Tags
c1930833ebd41cbbb319eb604c3acf432c221dc5
Commit Graph

39 Commits

Author SHA1 Message Date
Ryan Richard
bee87395b1 ran update.sh 2024-08-19 15:23:51 -07:00
Ryan Richard
99b59a90b6 run codegen for gihub doc change from previous commit 2024-08-06 08:58:30 -07:00
Ryan Richard
06b7d302a2 fix typo in tmpl and run codegen 2024-08-05 11:32:21 -07:00
Ryan Richard
d4ac69d88e run codegen for changes in previous commit 2024-08-05 11:32:21 -07:00
Ryan Richard
67de14a3b8 ran codegen on previous commit's changes 2024-08-05 11:32:21 -07:00
Ryan Richard
e0235ed190 update docs and change struct name in types_tls.go.tmpl files 
Co-authored-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:21 -07:00
Ashish Amarnath
43964ff7a2 update generated api docs 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:20 -07:00
Ryan Richard
756966c55b add "Status" printer column to JWTAuthenticator and WebhookAuthenticator 2024-08-05 11:32:19 -07:00
Ashish Amarnath
19c3f2cb04 run hack/update.sh 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ryan Richard
6b64a8a9c6 ran update.sh to update generated code 2024-06-03 16:48:57 -07:00
Ryan Richard
dd3c1ac3cf Merge branch 'main' into github_identity_provider 2024-06-03 16:40:36 -07:00
Ryan Richard
1d8decfdad ran update.sh to update generated code 2024-06-03 14:30:53 -07:00
Benjamin A. Petersen
c43193a0c8 Merge branch 'main' into github_identity_provider 2024-05-01 12:15:08 -04:00
Ryan Richard
def2b35e6e Make ID token lifetimes configurable on OIDCClient resources 2024-04-24 14:13:40 -07:00
Joshua Casey
14b1b7c862 Polish up the github_upstream_watcher: default and verify spec.claims correctly 2024-04-24 13:37:40 -05:00
Joshua Casey
c9b61ef010 Populate internal GitHub IDP Config from CRD 2024-04-16 14:33:01 -05:00
Joshua Casey
42dd8d1d9d First draft of a GitHubIdentityProvider CRD 2024-04-01 15:10:46 -05:00
Benjamin A. Petersen
590e2d18f7 Add WebhookAuthenticator integration tests, expand unit tests 
- Add WebhookAuthenticator unit tests, update generated code
- Add validateTLSNegotiation(), update tests
- Update validateTLSNegotiation, add unit tests, factor out helpers
- Update generated code
 2024-03-19 16:48:05 -04:00
Benjamin A. Petersen
a4447fa606 Add .Status to JWTAuthenticator with Conditions,Phase 
- "Ready" condition & supporting conditions
- Legacy "Phase" for convenience
- Refactor newCachedJWTAuthenticator() func
  to improve ability to provide additional conditions
- Update JWTAuthenticator.Status type
- Update RBAC for SA to get/watch/update JWTAuthenticator.Status
- Update logger to plog, add tests for logs & statuses
- update Sync() to reduce enqueue when error is config/user managed, perhaps remove validateJWKSResponse()
 2024-02-27 15:45:32 -08:00
Ryan Richard
bf3b4bfca7 Rerun codegen after upgrading CI controller-gen from v0.13.0 to v0.14.0 2024-02-08 13:27:02 -08:00
Joshua Casey
ac9887afdc Use latest controller-gen, which allows CEL validations 2023-09-25 15:58:32 -05:00
Ryan Richard
a7bd494ec3 update FederationDomain.status.conditions to come from metav1 2023-09-11 13:06:52 -07:00
Ryan Richard
3521e129cd Change name of FederationDomain printer column back to "Status" 
To be consistent with the name of the pinter columns on our other CRDs,
which call the Phase "Status" in the printer column names.
 2023-09-11 11:14:04 -07:00
Ryan Richard
0b408f4fc0 Change FederationDomain.Status to use Phase and Conditions 2023-09-11 11:14:02 -07:00
Ryan Richard
be11966a64 Add APIs for multiple IDP and id transformations to FederationDomain CRD 2023-09-11 11:09:46 -07:00
Joshua Casey
64f1bff13f Use Conditions from apimachinery, specifically k8s.io/apimachinery/pkg/apis/meta/v1.Conditions 2023-09-11 10:13:39 -07:00
Joshua Casey
dc61d132cf Address PR feedback, especially to check that the CA bundle is some kind of valid cert 2023-08-03 14:57:21 -05:00
Joshua Casey
8df9033bfc Add CredentialIssuer.Spec.ImpersonationProxy.TLS to configure an externally provided TLS secret 2023-08-03 14:57:21 -05:00
Ryan Richard
0a1f966886 Add ActiveDirectoryIdentityProvider.spec.groupSearch.userAttributeForFilter 
Add the field to the tmpl file and run codegen.
Also update the count of the fields of our APIs in an integration test.
 2023-05-31 11:09:08 -07:00
Ryan Richard
bad5e60a8e Add LDAPIdentityProvider.spec.groupSearch.userAttributeForFilter 
Add the field to the tmpl file and run codegen.
Also update the count of the fields of our APIs in an integration test.
 2023-05-25 09:52:15 -07:00
Ryan Richard
8ff6ef32e9 Allow additional claims to map into an ID token issued by the supervisor 
- Specify mappings on OIDCIdentityProvider.spec.claims.additionalClaimMappings
- Advertise additionalClaims in the OIDC discovery endpoint under claims_supported

Co-authored-by: Ryan Richard <richardry@vmware.com>
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2023-01-13 14:59:50 -08:00
Ryan Richard
b65f872dcd Configure printer columns for OIDCClient CRD 2022-07-21 16:40:03 -07:00
Ryan Richard
be85e1ed0a TotalClientSecrets field gets omitempty and becomes int32 2022-07-14 09:30:03 -07:00
Ryan Richard
93939ccbd8 OIDCClient watcher controller updates based on PR feedback 2022-07-06 10:34:24 -07:00
Ryan Richard
5aa0d91267 New controller watches OIDCClients and updates validation Conditions 2022-06-17 13:11:26 -04:00
Monis Khan
59d67322d3 Static validation for OIDC clients 
The following validation is enforced:

1. Names must start with client.oauth.pinniped.dev-
2. Redirect URIs must start with https://
   or http://127.0.0.1
   or http://::1
3. All spec lists must not have duplicates

Added an integration test to assert all static validations.

Signed-off-by: Monis Khan <mok@vmware.com>
 2022-06-15 15:09:40 -04:00
Margo Crawford
0c1f48cbc1 Move oidcclient into config.supervisor.pinniped.dev 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-13 15:48:54 -07:00
Ryan Richard
77f37b5a57 run codegen 2022-06-08 09:41:35 -07:00
Ryan Richard
e78c7d4e0e update kube codegen versions and add 1.24 codegen 
Signed-off-by: Monis Khan <mok@vmware.com>
 2022-06-07 15:26:30 -04:00