mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-05 13:07:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,795 Commits 21 Branches 50 Tags
c9b61ef010ada937dac8d04c061ef487de587dc5
Commit Graph

3795 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ryan Richard
80b65619bf Increase the lint timeout in hack/module.sh for when CI workers get slow 2024-01-19 11:34:47 -08:00
Ryan Richard
2aa87dd069 update CI URL in CONTRIBUTING.md 2024-01-19 11:34:47 -08:00
Ryan Richard
bb99d269eb Merge pull request #1836 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2024-01-19 11:32:42 -08:00
Pinny
84a1f2a771 Bump dependencies 2024-01-19 17:06:03 +00:00
Ryan Richard
e67838932d Merge pull request #1841 from vmware-tanzu/new_fips_compiler 
Support new golang fips compiler
 2024-01-19 08:17:43 -08:00
Ryan Richard
50e4d6db6c Support the new Go FIPS compiler which was upgraded inside Go 1.21.6 
The release of Go 1.21.6 includes the new boring crypto when compiling
with FIPS enabled. See https://go.dev/doc/devel/release#go1.21.0 and
https://github.com/golang/go/issues/64717.

This new version of boring crypto allows the use of TLS v1.3 for the
first time, so we changed the Pinniped code to use TLS v1.3 where
appropriate when compiled with the FIPS compiler. It also changed the
allowed TLS v1.2 ciphers, so we updated those as well.

After this commit, the project must be compiled by at least Go v1.21.6
when compiling in fips mode. The hack/Dockerfile_fips was already
updated to use that version of Go in a previous commit.

Co-authored-by: Benjamin A. Petersen <ben@benjaminapetersen.me>
 2024-01-18 14:23:26 -08:00
Pinny
bcf070cb73 Bump dependencies 2024-01-16 12:33:40 -08:00
Ryan Richard
4ce96634c6 Merge pull request #1835 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2024-01-09 09:55:19 -08:00
Pinny
c356754aaa Bump dependencies 2024-01-09 09:24:04 +00:00
Ryan Richard
75a130bafd Merge pull request #1830 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2024-01-08 08:59:14 -08:00
Pinny
1d6e51d14a Bump dependencies 2024-01-08 09:03:58 +00:00
Ryan Richard
da9432b5b2 Merge pull request #1829 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2024-01-05 09:23:14 -08:00
Pinny
d4971ef2da Bump dependencies 2024-01-05 16:34:26 +00:00
Ryan Richard
bdb7f80571 Merge pull request #1825 from vmware-tanzu/kube_v0.29.0 
Update dependencies, including Kube packages to v0.29.0
 2024-01-04 13:29:44 -08:00
Ryan Richard
c7299f4daf Update dependencies, including Kube packages to v0.29.0 2024-01-04 12:30:22 -08:00
Pinny
659224a207 Updated versions in docs for v0.28.0 release 2023-12-15 18:56:15 +00:00
Ryan Richard
2c5214724b Merge pull request #1815 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
v0.28.0 		2023-12-13 09:29:34 -08:00
Pinny
b2e3f84156 Bump dependencies 2023-12-13 16:39:49 +00:00
Ben Petersen
a58649faa6 Merge pull request #1813 from vmware-tanzu/disable_feature_gate 
Disable UnauthenticatedHTTP2DOSMitigation feature gate
 2023-12-12 16:12:14 -05:00
Ryan Richard
a4883507b5 Disable UnauthenticatedHTTP2DOSMitigation feature gate 2023-12-12 08:47:03 -08:00
Ben Petersen
461e272d79 Merge pull request #1812 from vmware-tanzu/tcr_test_more_output_on_failure 
Add more output on failure of TokenCredentialRequest integration tests
 2023-12-12 11:04:06 -05:00
Ryan Richard
981004eec4 Admin kubeconfigs with system:masters can have kubeadm:cluster-admins 2023-12-11 13:05:29 -08:00
Ryan Richard
0332362598 Add more output on failure of TokenCredentialRequest integration tests 2023-12-11 12:09:12 -08:00
Ryan Richard
f519b271d2 Merge pull request #1810 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2023-12-11 08:57:12 -08:00
Pinny
be7a4f781f Bump dependencies 2023-12-11 09:04:33 +00:00
Ryan Richard
0e3c815e9b Merge pull request #1809 from vmware-tanzu/sdump_in_whoami_test 
Add more debugging output for when concierge_whoami_test.go fails
 2023-12-08 12:43:32 -08:00
Ryan Richard
3b4147f90e Add more debugging output for when concierge_whoami_test.go fails 2023-12-08 10:31:40 -08:00
Ryan Richard
3b10cc3097 Merge pull request #1808 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2023-12-08 09:18:57 -08:00
Pinny
d8ec87d0e1 Bump dependencies 2023-12-08 16:17:12 +00:00
Ryan Richard
cdd38dd55e Merge pull request #1807 from vmware-tanzu/replace_grpc_version 
replace version of google.golang.org/grpc
 2023-12-07 12:33:30 -08:00
Ryan Richard
236a7cf3fb replace version of google.golang.org/grpc 2023-12-07 10:29:36 -08:00
Ryan Richard
3e74b38a95 Merge pull request #1806 from vmware-tanzu/revert_supervisor_disabling_http2 
revert the disabling of http2 for the Supervisor OIDC endpoints
 2023-12-06 20:33:27 -08:00
Ryan Richard
a05acadf80 Merge pull request #1594 from vmware-tanzu/jtc/add-ldapsearch-hack-script 
Add ldapsearch hack script
 2023-12-06 14:02:20 -08:00
Ryan Richard
c5d1f380d2 revert the disabling of http2 for the Supervisor OIDC endpoints 
Due to the unintended consequence of potentially breaking Ingresses
which were configured to use http2 on their backends.
 2023-12-06 13:10:51 -08:00
Ryan Richard
9883b4e236 rename the ldap debugging hack script and add parens to search filters 2023-12-06 12:56:35 -08:00
Ryan Richard
348187d2f4 Enchance and move the ldapsearch hack script 2023-12-06 09:16:16 -08:00
Joshua Casey
86ee66d21d Add ldapsearch hack script 
[#185658904]
 2023-12-06 09:16:16 -08:00
Ryan Richard
2198b4820a Merge pull request #1789 from vmware-tanzu/http2 
Defensive changes to mitigate potential http2 rapid reset attacks
 2023-12-06 09:15:07 -08:00
Ryan Richard
4b7b9e4362 Defensive changes to mitigate potential http2 rapid reset attacks 2023-12-05 14:57:50 -08:00
Ryan Richard
70f2bbf4f8 Merge pull request #1804 from vmware-tanzu/upgrade_fosite 
Upgrade fosite to the latest commit on their main branch
 2023-12-05 14:51:34 -08:00
Ryan Richard
7a3efb9981 change update-go-mod.sh to use head of main for fosite via config file 2023-12-05 11:25:02 -08:00
Ryan Richard
e1954b1df9 update session storage version from 5 to 6 due to fosite upgrade 
A small part of the session storage changed type in the latest version
of fosite compared to the old version of fosite that we were using.
Just to be safe, update our session storage version to invalidate
any pre-existing sessions upon upgrade of Pinniped.
 2023-12-04 14:49:22 -08:00
Ryan Richard
37c2ce53d7 upgrade fosite pkg to latest 2023-12-04 14:49:21 -08:00
Ryan Richard
9d3773e58a Merge pull request #1803 from vmware-tanzu/bump_codegen 
Update kube-versions.txt and rerun codegen
 2023-12-04 14:48:37 -08:00
Ryan Richard
aa651973fc Update kube-versions.txt and rerun codegen 2023-12-04 12:11:37 -08:00
Ryan Richard
745852ef2e Merge pull request #1801 from vmware-tanzu/pinny/bump-deps 
Bump dependencies
 2023-12-04 11:58:04 -08:00
Ryan Richard
ca5ad85bbd Switch from gopkg.in/square/go-jose.v2 to github.com/go-jose/go-jose/v3 
Made the switch wherever possible, but since fosite still uses the old
gopkg.in/square/go-jose.v2 there was one test where we still need to use
it as a direct dependency.
 2023-12-04 11:05:12 -08:00
Ryan Richard
8296093beb Increase fudge factor in tokenclient_test.go due to CI failures 2023-12-04 10:04:05 -08:00
Pinny
6d79fe5f4c Bump dependencies 2023-12-04 09:40:51 -08:00
Ryan Richard
ef6369d71e Merge pull request #1733 from vmware-tanzu/jtc/issue-1700/impersonation-proxy-token-request-api 
The Impersonation Proxy should use a short-lived token from the `TokenRequest` API
 2023-12-01 11:48:52 -08:00