Joshua Casey
7577f20c61
Merge pull request #2166 from vmware-tanzu/avoid_kube_32
...
CodeQL / Analyze (go) (push) Failing after 1m28s
CodeQL / Analyze (javascript) (push) Failing after 48s
temporarily avoid upgrades to kube v0.32.0 without using replace directives for direct deps
2024-12-26 13:16:18 -06:00
Joshua Casey
f441714f93
Bump codegen for 1.31, 1.30, and 1.29
2024-12-26 11:31:19 -06:00
Ryan Richard
2c9547e6a4
bump build image to latest
2024-12-24 12:38:55 -08:00
Ryan Richard
3bf3ed03f5
temporarily avoid upgrades to kube v0.32.0 without replace directives
2024-12-24 12:37:48 -08:00
Joshua Casey
c279253e20
Merge pull request #2163 from vmware-tanzu/jtc/pin-k8s-to-1-31-4
...
CodeQL / Analyze (go) (push) Failing after 1m38s
CodeQL / Analyze (javascript) (push) Failing after 46s
Pin k8s.io libs to 1.31.4
2024-12-23 12:59:01 -06:00
Joshua Casey
fa9ddf48d5
Pin k8s.io dependencies to v0.31.4
2024-12-20 15:39:26 -06:00
Joshua Casey
b8a9c4d1e5
Bump all dependencies
2024-12-20 15:38:57 -06:00
Joshua Casey
b4365c100f
Merge pull request #2162 from vmware-tanzu/build_tags_for_tls_versions
...
CodeQL / Analyze (go) (push) Failing after 1m30s
CodeQL / Analyze (javascript) (push) Failing after 39s
Introduce new build tags to optionally override some min and max TLS settings
2024-12-20 14:25:22 -06:00
Ryan Richard
ef4b0c9cff
bump golang.org/x/net
2024-12-20 10:28:32 -08:00
Ryan Richard
b625b4a076
introduce build tags to optionally override some TLS settings
2024-12-20 10:28:32 -08:00
Joshua Casey
acbe9ce23d
Merge pull request #2158 from vmware-tanzu/upgrade_fosite
...
CodeQL / Analyze (go) (push) Has started running
CodeQL / Analyze (javascript) (push) Has started running
upgrade fosite to v0.49.0 and handle its API changes
2024-12-13 14:11:25 -06:00
Ryan Richard
90c95866d1
upgrade fosite to v0.49.0 and handle its API changes
2024-12-13 10:17:42 -08:00
Ryan Richard
57fc177266
Merge pull request #2156 from vmware-tanzu/pinny/bump-deps
...
CodeQL / Analyze (go) (push) Failing after 2m9s
CodeQL / Analyze (javascript) (push) Failing after 1m11s
Bump dependencies
2024-12-11 10:53:48 -08:00
Pinny
0366f4087f
Bump dependencies
2024-12-11 14:00:52 +00:00
Joshua Casey
3f6d287b44
Merge pull request #2155 from vmware-tanzu/pinny/bump-deps
...
CodeQL / Analyze (go) (push) Failing after 1m9s
CodeQL / Analyze (javascript) (push) Failing after 1m12s
Bump dependencies
2024-12-10 16:28:15 -06:00
Joshua Casey
36aa701b56
Merge branch 'main' into pinny/bump-deps
2024-12-10 13:29:48 -06:00
Pinny
fc5a776645
Updated versions in docs for v0.36.0 release
2024-12-10 19:00:02 +00:00
Pinny
c2b4390bfa
Bump dependencies
2024-12-10 14:06:14 +00:00
Ryan Richard
b371389c27
Merge pull request #2154 from vmware-tanzu/jtc/fixup-before-audit-release
...
CodeQL / Analyze (go) (push) Failing after 1m11s
CodeQL / Analyze (javascript) (push) Failing after 1m9s
Small fixups prior to releasing audit log story
2024-12-09 12:36:49 -08:00
Joshua Casey
87640ca54a
Callback endpoint emits audit log with authorizeID even when code param not found
...
Co-authored-by: Ryan Richard <richardry@vmware.com >
2024-12-09 12:47:54 -06:00
Joshua Casey
8322b03d63
Merge pull request #2153 from vmware-tanzu/pinny/bump-deps
...
CodeQL / Analyze (go) (push) Failing after 2m2s
CodeQL / Analyze (javascript) (push) Failing after 1m8s
Bump dependencies
2024-12-09 10:04:13 -06:00
Pinny
594c3580f2
Bump dependencies
2024-12-09 14:11:21 +00:00
Joshua Casey
0d80c492f1
Merge pull request #2152 from vmware-tanzu/pinny/bump-deps
...
CodeQL / Analyze (go) (push) Failing after 2m28s
CodeQL / Analyze (javascript) (push) Failing after 1m29s
Bump dependencies
2024-12-05 15:23:10 -06:00
Pinny
1a29cca1ca
Bump dependencies
2024-12-05 14:07:26 +00:00
Ryan Richard
b54191f29f
Merge pull request #2150 from vmware-tanzu/pinny/bump-deps
...
CodeQL / Analyze (go) (push) Failing after 2m32s
CodeQL / Analyze (javascript) (push) Failing after 1m26s
Bump dependencies
2024-12-04 13:39:11 -08:00
Pinny
422e4e4785
Bump dependencies
2024-12-04 14:06:21 +00:00
Joshua Casey
4187cc1f61
Merge pull request #2149 from vmware-tanzu/upgrade_majors
...
CodeQL / Analyze (go) (push) Failing after 14m1s
CodeQL / Analyze (javascript) (push) Failing after 14m3s
New hack script to help us upgrade major versions of modules from `go.mod`
2024-12-03 19:07:28 -06:00
Ryan Richard
ede9e45211
make audit_test.go ignore pod log lines that aren't JSON
2024-12-03 17:20:25 -06:00
Ryan Richard
a36550d94b
ran update.sh after updating kube minor versions for codegen
2024-12-03 13:06:15 -06:00
Ryan Richard
7c3870f3fa
update kube-versions.txt for new patch versions
2024-12-03 13:05:27 -06:00
Ryan Richard
7ca2796774
update release_checklist.md for new hack script
2024-12-03 13:05:05 -06:00
Ryan Richard
170cc3bba4
ran new hack script to update all majors: updated github mod
2024-12-03 12:52:29 -06:00
Ryan Richard
1980912ebe
add hack script to help update major versions of modules
2024-12-03 12:51:40 -06:00
Joshua Casey
1571859d67
Merge pull request #2147 from vmware-tanzu/pinny/bump-deps
...
CodeQL / Analyze (go) (push) Failing after 9m3s
CodeQL / Analyze (javascript) (push) Failing after 3m7s
Bump dependencies
2024-12-03 11:22:23 -06:00
Pinny
eb4c20a6aa
Bump dependencies
2024-12-03 14:04:18 +00:00
Joshua Casey
1154139b91
Merge pull request #2145 from vmware-tanzu/pinny/bump-deps
...
CodeQL / Analyze (go) (push) Failing after 14m14s
CodeQL / Analyze (javascript) (push) Failing after 14m10s
Bump dependencies
2024-12-02 16:52:50 -06:00
Joshua Casey
28e22d7dd2
Update error text assertion due to change in ory/fosite
...
- db74aa7abd
2024-12-02 11:08:30 -06:00
Joshua Casey
9cfbbb541a
Standardize casing in Dockerfiles
2024-12-02 10:00:39 -06:00
Pinny
21bce1cb92
Bump dependencies
2024-12-02 14:10:28 +00:00
Joshua Casey
fe045343ee
Merge pull request #2009 from vmware-tanzu/audit_logging
...
CodeQL / Analyze (go) (push) Failing after 18m37s
CodeQL / Analyze (javascript) (push) Failing after 2m36s
Add audit logging for Supervisor and Concierge
2024-11-27 15:46:34 -06:00
Ryan Richard
df017f9267
attempt to fix a test flake seen sometimes in CI
2024-11-27 13:53:03 -06:00
Ryan Richard
ae5aad178d
TokenCredentialRequest uses actual cert expiry time instead of estimate
...
and also audit logs both the NotBefore and NotAfter of the issued cert.
Implemented by changing the return type of the cert issuer helpers
to make them also return the NotBefore and NotAfter values of the new
cert, along with the key PEM and cert PEM.
2024-11-27 13:53:03 -06:00
Ryan Richard
032160a85e
simplify single-node.yaml
...
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com >
2024-11-27 13:53:03 -06:00
Ryan Richard
ecd23e86ce
callback endpoint renders more useful user-facing error messages
...
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com >
2024-11-27 13:53:03 -06:00
Ryan Richard
51ae782135
fix typo in audit-logging.md
2024-11-27 13:53:03 -06:00
Ryan Richard
54b35c30da
rename tokenIdentifier to tokenID in the audit logs
...
Because `tokenID` is more consistent with the names of
the other correlation keys.
2024-11-27 13:53:03 -06:00
Ryan Richard
dfe04c5a58
update audit-logging.md to reflect changes in recent commits
2024-11-27 13:53:03 -06:00
Ryan Richard
4423d472da
allow audit correlation between token being issued and being used
2024-11-27 13:53:03 -06:00
Joshua Casey
c803a182be
Allow override of audit.log_usernames_and_groups for local debugging
2024-11-27 13:53:02 -06:00
Joshua Casey
bc73505e35
Easily enable kind audit logs with ENABLE_AUDIT_LOGGING=true ./hack/kind-up.sh
2024-11-27 13:53:02 -06:00
