mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-08 15:21:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,070 Commits 20 Branches 50 Tags
f7f32f2f98cff3b194ebebc19e585146548808b8
Commit Graph

1269 Commits

Author SHA1 Message Date
Ryan Richard
f7f32f2f98 some mild refactoring of ptls common.go (mostly renames) 2024-06-14 13:27:38 -07:00
Ryan Richard
f0f9efa277 Refactor to make profiles.go and profiles_fips_strict.go more similar 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-06-14 10:42:17 -07:00
Joshua Casey
53031ad8d4 User can now configured allowed ciphers, to restrict the ciphers used by the Default profile 2024-06-14 10:42:17 -07:00
Joshua Casey
ce1ad010e9 Remove Legacy TLS Config, which is not used in the source code 2024-06-14 10:42:17 -07:00
Joshua Casey
011d6ba71b Remove plog.Logr, make plog.TestZapr private, and CLI logs do not need a name 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-06-11 17:27:45 -05:00
Joshua Casey
9296d95084 No need for calling code to use deprecated options 2024-06-11 13:09:59 -05:00
Joshua Casey
c6463831ac Use plog.Logger instead of logr.Logger wherever possible 2024-06-11 12:47:19 -05:00
Joshua Casey
678be9902a Lint new files from the GitHub branch 2024-06-11 10:16:18 -05:00
Joshua Casey
bafd578866 Merge branch 'main' into jtc/add-importas-linter 2024-06-11 09:39:48 -05:00
Ryan Richard
8ea9ba8860 ran go generate to update mocks 2024-06-03 14:48:06 -07:00
Ryan Richard
01723e0d12 Merge branch 'main' into github_identity_provider 2024-06-03 13:21:32 -07:00
Joshua Casey
58b4ecc0aa user sees error msg when GitHub login is denied due to allowed orgs 
Also renamed an interface function from GetName to GetResourceName.

Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-06-03 10:56:28 -07:00
Ryan Richard
6364ac9ac7 change status condition type name to be "ClientCredentialsSecretValid" 
For both GitHubIdentityProvider and OIDCIdentityProvider to make them
consistent with each other.
 2024-05-31 09:59:30 -07:00
Joshua Casey
eee737186f Clean up how lastTransitionTime and observedGeneration are checked in github_upstream_watcher_test 2024-05-30 21:34:29 -05:00
Ryan Richard
bb9cb739c6 more unit tests for github in token_handler_test.go 2024-05-29 08:55:41 -07:00
Joshua Casey
cc8d637715 Fix lint 2024-05-28 20:33:55 -05:00
Joshua Casey
d3fb567fdb Add callback_handler tests for GitHub+IdentityTransformations 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-05-28 15:59:52 -05:00
Joshua Casey
8b1e5aa320 Add callback_handler tests to confirm GitHub with downstream form_post and GitHub with an error case 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-05-28 15:17:04 -05:00
Joshua Casey
37e654faa0 bunch of renames 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-05-28 13:41:52 -05:00
Ryan Richard
f323690049 refactor upstream refresh test helpers to be more specific to IDP type 2024-05-23 13:35:31 -07:00
Joshua Casey
02ffff01d5 fix lint 2024-05-23 12:32:18 -05:00
Joshua Casey
65682aa60d Add sample unit test for GitHub in token_handler_test.go 2024-05-22 23:04:15 -05:00
Ryan Richard
fef494949f implement upstream refresh for github 2024-05-22 21:21:45 -05:00
Ryan Richard
0a15d488c8 Merge callback_handler_github_test.go into callback_handler_test.go 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-05-22 21:21:45 -05:00
Ryan Richard
8f8db3f542 Make github org comparison case-insensitive, but return original case 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-05-22 21:21:45 -05:00
Ryan Richard
8923704f3c Finish initial github login flow 
Also:
- fix github teams query: fix bug and sort/unique the results
- add IDP display name to github downstream subject
- fix error types returned by LoginFromCallback
- add trace logs to github API results
- update e2e test
- implement placeholder version of refresh for github
 2024-05-22 21:21:45 -05:00
Joshua Casey
ba2d122308 fix lint 2024-05-22 21:21:45 -05:00
Joshua Casey
938bea9910 upstreamgitub.go now uses githubclient to determine username and groups 2024-05-22 21:21:45 -05:00
Joshua Casey
8719c7a2db Standardize error messages and url handling within NewGitHubClient 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-05-22 21:21:45 -05:00
Ryan Richard
16fa12f455 Handle empty or invalid github API responses 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-05-22 21:21:45 -05:00
Joshua Casey
555b1c80e3 Use passed-in context 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-05-22 21:21:45 -05:00
Joshua Casey
a12a5f387a Empty allowedOrganizations will return all teams 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-05-22 21:21:45 -05:00
Joshua Casey
c087e33b86 Add client wrapper for github.com/google/go-github/v62 2024-05-22 21:21:45 -05:00
Ryan Richard
49c468f00a Add GetUser() interface and implement LoginFromCallback() for GitHub 
ALso fixed some of the GitHub test helpers
 2024-05-22 21:21:45 -05:00
Joshua Casey
b7f79f0adc Add github-specific tests in callback_handler_github_test.go 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-05-22 21:21:45 -05:00
Joshua Casey
c6749560b5 Fix plog test assertions that contain the plog library version 2024-05-22 09:35:16 -05:00
Joshua Casey
2f9df8c8e2 Add module generate command and update all generated files 2024-05-21 10:43:52 -05:00
Joshua Casey
0076f1251c Move all mock files into internal/mocks and use mock prefix 2024-05-21 10:38:25 -05:00
Joshua Casey
fe911a7b7a Prefer slices package and slices.Concat where possible 2024-05-21 09:31:16 -05:00
Joshua Casey
bdd79a9984 Enforce more imports 
- go.pinniped.dev/generated/latest/client/concierge/clientset/versioned/fake
- go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake
- go.pinniped.dev/generated/latest/client/concierge/informers/externalversions
- go.pinniped.dev/generated/latest/client/supervisor/informers/externalversions
 2024-05-21 09:31:15 -05:00
Joshua Casey
513f43f465 Enforce more imports 
- go.pinniped.dev/generated/latest/apis/concierge/config/v1alpha1
- go.pinniped.dev/generated/latest/client/concierge/clientset/versioned
- go.pinniped.dev/generated/latest/client/concierge/clientset/versioned/scheme
- go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned
- go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/scheme
 2024-05-21 09:31:15 -05:00
Joshua Casey
f5116cddb4 Enable 'makezero' and 'prealloc' linters, and require 'any' instead of 'interface{}' 
Enforce importas:

- go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1
- go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1
 2024-05-21 09:31:15 -05:00
Joshua Casey
e9252a9ee3 Enforce more imports 
- k8s.io/apimachinery/pkg/apis/meta/v1
- k8s.io/api/core/v1
- github.com/coreos/go-oidc/v3/oidc
- github.com/ory/fosite/handler/oauth2
- go.pinniped.dev/generated/latest/apis/concierge/authentication/v1alpha1
 2024-05-21 09:31:15 -05:00
Joshua Casey
875b0739aa Enforce aliases for 'k8s.io/apimachinery/pkg/util/errors' and 'k8s.io/apimachinery/pkg/api/errors' 2024-05-21 09:31:15 -05:00
Joshua Casey
e4daa5a924 Merge branch 'main' into jtc/merge-main-at-3fe3cf71-into-github 2024-05-16 16:05:34 -05:00
Ryan Richard
7e0a3c114d Pinniped CLI and the oidc-client package are now enhanced by pinniped_supported_identity_provider_types 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-05-16 12:57:12 -05:00
Joshua Casey
a86d7d27c1 Add pinniped_supported_identity_provider_types to the IDP discovery endpoint 2024-05-16 12:55:45 -05:00
Joshua Casey
69364b2183 Merge branch 'main' into jtc/merge-main-at-6b3f175-into-github 2024-05-16 09:22:28 -05:00
Ryan Richard
e13f4a7f29 refactor ptls to clarify the difference between FIPS and non-FIPS modes 
and backfill some basic tests
 2024-05-13 16:52:15 -07:00
Joshua Casey
f43b6f04dc Fix lint issues from golangci-lint 1.58.1 2024-05-10 15:15:59 -05:00