mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-07 05:57:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,808 Commits 23 Branches 50 Tags
cbce243d57f3ffc5480125ef8890785404d14f56
Commit Graph

171 Commits

Author SHA1 Message Date
Ryan Richard
b2747a0ebe bump deps to kube 1.35 with new codegen 2025-12-18 13:20:41 -08:00
Ryan Richard
1623b2c46e ran codegen after update of kube-versions.txt 2025-08-28 12:34:05 -07:00
Ryan Richard
4fe8167f60 account for move of repo from vmware-tanzu to vmware on GitHub 2025-08-02 15:08:15 -07:00
Ryan Richard
1428444c24 refactor how Concierge ConfigMap gets templated 
Make it similar to how the Supervisor templates
work. This creates a more human-readable ConfigMap
on the cluster.
 2025-05-16 10:43:13 -05:00
Ryan Richard
b50da60c84 run codegen post-bump controller-gen to v0.18.0 2025-05-12 15:52:11 -07:00
Ryan Richard
a010794873 generated code changes from running update.sh 2025-03-18 15:32:37 -07:00
Ryan Richard
d90b3c23ef introduce new configuration option to disable admission plugin types 2025-03-17 14:49:17 -07:00
Joshua Casey
430c73b903 FederationDomain.spec.issuer must now be an HTTPS URL 2025-01-27 10:46:55 -06:00
Ryan Richard
f040f098dc rerun codegen after bumping controller-gen and crd-ref-docs 2025-01-14 11:04:42 -08:00
Ryan Richard
ced8686d11 add config for audit logging, remove Audit() from Logger interface 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-11-27 13:53:01 -06:00
Ryan Richard
a7edbd19ad run codegen again after updating version of controller-gen in CI 2024-11-04 15:36:24 -08:00
Ryan Richard
eb5ed1490c run codegen again after bumping controller-gen to v0.16.4 2024-10-15 14:22:09 -07:00
Ryan Richard
bee87395b1 ran update.sh 2024-08-19 15:23:51 -07:00
Ryan Richard
99b59a90b6 run codegen for gihub doc change from previous commit 2024-08-06 08:58:30 -07:00
Ryan Richard
06b7d302a2 fix typo in tmpl and run codegen 2024-08-05 11:32:21 -07:00
Ryan Richard
d4ac69d88e run codegen for changes in previous commit 2024-08-05 11:32:21 -07:00
Ryan Richard
67de14a3b8 ran codegen on previous commit's changes 2024-08-05 11:32:21 -07:00
Ryan Richard
e0235ed190 update docs and change struct name in types_tls.go.tmpl files 
Co-authored-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:21 -07:00
Ashish Amarnath
43964ff7a2 update generated api docs 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:20 -07:00
Ashish Amarnath
edc327ba33 update supervisor RBAC to allow get, list, and watch on configmaps 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ashish Amarnath
19c3f2cb04 run hack/update.sh 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
 2024-08-05 11:32:19 -07:00
Ryan Richard
f0f9efa277 Refactor to make profiles.go and profiles_fips_strict.go more similar 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-06-14 10:42:17 -07:00
Joshua Casey
53031ad8d4 User can now configured allowed ciphers, to restrict the ciphers used by the Default profile 2024-06-14 10:42:17 -07:00
Ryan Richard
6b64a8a9c6 ran update.sh to update generated code 2024-06-03 16:48:57 -07:00
Ryan Richard
dd3c1ac3cf Merge branch 'main' into github_identity_provider 2024-06-03 16:40:36 -07:00
Ryan Richard
1d8decfdad ran update.sh to update generated code 2024-06-03 14:30:53 -07:00
Ryan Richard
afb032f8f9 Merge branch 'main' into github_identity_provider 2024-05-07 13:08:50 -07:00
Ryan Richard
ad7df9f7d1 don't remove user's ability to configure http port to listen on loopback 2024-05-01 12:36:39 -07:00
Joshua Casey
5ec1ee086d Remove deprecated deploy options 2024-05-01 12:36:39 -07:00
Benjamin A. Petersen
c43193a0c8 Merge branch 'main' into github_identity_provider 2024-05-01 12:15:08 -04:00
Ryan Richard
9838a7cb6d avoid the ValidatingAdmissionPolicy admission plugin when it can't work 2024-04-29 13:22:14 -07:00
Joshua Casey
51b1dbd2af WIP for deployment templates 2024-04-26 11:54:53 -07:00
Ryan Richard
def2b35e6e Make ID token lifetimes configurable on OIDCClient resources 2024-04-24 14:13:40 -07:00
Joshua Casey
14b1b7c862 Polish up the github_upstream_watcher: default and verify spec.claims correctly 2024-04-24 13:37:40 -05:00
Joshua Casey
c9b61ef010 Populate internal GitHub IDP Config from CRD 2024-04-16 14:33:01 -05:00
Joshua Casey
42dd8d1d9d First draft of a GitHubIdentityProvider CRD 2024-04-01 15:10:46 -05:00
Ryan Richard
4a8cd180f8 Use ghcr instead of Harbor as the default for pinniped-server images 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-03-08 15:52:39 -08:00
Ryan Richard
bf3b4bfca7 Rerun codegen after upgrading CI controller-gen from v0.13.0 to v0.14.0 2024-02-08 13:27:02 -08:00
Ryan Richard
88a97033fb Refined ytt schemas 
Co-authored-by: Benjamin A. Petersen <ben@benjaminapetersen.me>
 2023-11-08 13:37:31 -08:00
Benjamin A. Petersen
c4f9869e7c Relax image_pull_dockerconfigjson validation, improve endpoints 
validation
 2023-11-08 13:10:20 -08:00
Benjamin A. Petersen
c455a17abe Adjust validation for run_as_user,run_as_group 2023-11-08 13:10:20 -08:00
Benjamin A. Petersen
1b540181a7 Adjust types on some supervisor validations 2023-11-08 13:10:19 -08:00
Benjamin A. Petersen
46bea27cb7 no_proxy adjustment for concierge 2023-11-08 13:10:19 -08:00
Benjamin A. Petersen
c3410c4b14 improve custom_labels validation func 2023-11-08 13:10:19 -08:00
Benjamin A. Petersen
1e9f9181a1 Enhance schemas with validations, etc. 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2023-11-08 13:10:19 -08:00
Ryan Richard
07e9c5bd93 refactor carvel packaing scripts 2023-11-08 13:10:19 -08:00
Benjamin A. Petersen
e10d21d678 Support Carvel Package as alternate deployment mechanism 
- update kind config to include local registry
- configure kind cluster to talk to local registry
- docker build & push pinniped dev code to local registry
- deploy dev code of the following via the local registry:
  - concierge
  - supervisor
  - local-user-authenticator
- Update values.yaml for supervisor,concierge to schema files
- Update values.yaml for local-user-authenticator to schema file
- Add ytt openapi-v3 generation to build carvel package script
- Add supervisor carvel package files
- Add concierge carvel package files
- Add local-user-authenticator carvel package files
- Add hack script to build openapi-v3 files
- add --post-install to hack/prepare-for-integration-tests.sh
- cleanup local registry in kind-down.sh
- webhook_ca_bundle moved in hack script
- adjust were to call post-install script
- deploy/{}/values.yml image_pull_dockerconfigjson type change to base64 string
- Add PINNIPED_USE_LOCAL_KIND_REGISTRY env var
 - ensures regular use of hack/prepare-for-integration-tests.sh
  - PINNIPED_USE_LOCAL_KIND_REGISTRY=1  ./hack/prepare-for-integration-tests.sh --clean --alternate-deploy ./hack/noop.sh --post-install ./hack/build-carvel-packages.sh
  - ./hack/prepare-for-integration-tests.sh --clean
- if PINNIPED_USE_LOCAL_KIND_REGISTRY for kind-down.sh in hack/prepare-for-integration-tests.sh
- Split carvel build & deploy scripts, add --pre-install flag
  - add pre-install flag to hack/prepare-for-integration-tests.sh
  - split /hack/build-carvel-packages.sh and
    /hack/deploy-carvel-packages.sh
- Remove --alternate-deploy-* flags from hack script
- Move scripts to hack/lib/carvel_packages
- Split build.sh deploy.sh
- Separate template files from install artifacts
- Generate all install artifacts in $root/deploy_carvel
  - remove $root/deploy_carvel from git
- Extract ytt values to file in hack/prepare-for-integration-tests.sh
- pass registry/repo to carvel build scripts
 2023-11-08 13:10:19 -08:00
Ryan Richard
776e436e35 Support building and deploying multi-arch linux amd64 and arm64 images 2023-10-04 08:55:26 -07:00
Joshua Casey
ac9887afdc Use latest controller-gen, which allows CEL validations 2023-09-25 15:58:32 -05:00
Ryan Richard
a7bd494ec3 update FederationDomain.status.conditions to come from metav1 2023-09-11 13:06:52 -07:00