mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-05-19 14:21:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Commit Graph

  • ec25259901 Update impersonatorconfig controller to use new CredentialIssuer update helper. Matt Moyer 2021-05-20 12:26:07 -05:00
  • e4dd83887a Merge remote-tracking branch 'origin/main' into credentialissuer-spec-api Matt Moyer 2021-05-20 10:53:53 -05:00
  • 562942cdbf Merge pull request #627 from mattmoyer/use-informers-for-credentialissuer-updates Matt Moyer 2021-05-20 10:13:41 -05:00
  • 025b37f839 upstreamldap.New() now supports a StartTLS config option Ryan Richard 2021-05-19 17:17:44 -07:00
  • 63c39454f6 WIP on impersonation clusterip service Margo Crawford 2021-05-19 17:00:28 -07:00
  • 657488fe90 Create CredentialIssuer at install, not runtime. Matt Moyer 2021-05-19 16:53:00 -05:00
  • 9e61640c92 LoadBalancerIP updated dynamically Margo Crawford 2021-05-19 14:16:15 -07:00
  • 94d6b76958 Merge branch 'initial_ldap_group_support' into ldap_starttls Ryan Richard 2021-05-19 13:12:56 -07:00
  • 424c112bbc Merge branch 'main' into initial_ldap_group_support Ryan Richard 2021-05-19 13:12:17 -07:00
  • 3bb95f1de2 Give kubeclient_test some default values for credentialissuer spec Margo Crawford 2021-05-19 11:56:54 -07:00
  • 0b66321902 Changes to make the linter pass Margo Crawford 2021-05-19 11:05:35 -07:00
  • 297a484948 Add more validation and update tests for impersonationProxy as pointer. Matt Moyer 2021-05-19 11:40:32 -05:00
  • 13372a43e6 Update generated code from previous commit. Matt Moyer 2021-05-19 11:39:53 -05:00
  • 54e0b83146 Update API so that impersonationProxy spec is a pointer. Matt Moyer 2021-05-19 11:39:28 -05:00
  • 94c370ac85 Annotations for impersonation load balancer Margo Crawford 2021-05-18 16:54:59 -07:00
  • b5063e59ab Merge branch 'initial_ldap_group_support' into ldap_starttls Ryan Richard 2021-05-18 16:39:59 -07:00
  • a6f95cfff1 Configure openldap to disallow non-TLS clients Ryan Richard 2021-05-18 16:38:12 -07:00
  • eaea3471ec Validation for service type none and external endpoint none Margo Crawford 2021-05-18 13:50:52 -07:00
  • 4a785e73e6 WIP fixing impersonatorconfig tests Matt Moyer 2021-05-18 14:54:04 -05:00
  • 51f1a0ec13 WIP: not using impersonator.config just credentialissuer directly Margo Crawford 2021-05-18 12:16:27 -07:00
  • 9af3cb1115 Change impersonation integration test to use CredentialIssuer spec Matt Moyer 2021-05-18 09:51:11 -07:00
  • 18ccf11905 Update impersonatorconfig controller to use CredentialIssuer API instead of ConfigMap. Matt Moyer 2021-05-17 17:08:05 -05:00
  • 1a131e64fe Start deploying an initial CredentialIssuer in our install YAML. Matt Moyer 2021-05-17 10:05:42 -05:00
  • e885114221 Add generated code from adding spec fields to CredentialIssuer. Matt Moyer 2021-05-14 11:55:12 -05:00
  • 26da763962 Add spec fields to CredentialIssuer. Matt Moyer 2021-05-14 10:19:45 -05:00
  • 4a456446ff Update doc comments for types_credentialissuer.go.tmpl. Matt Moyer 2021-05-11 21:23:43 -05:00
  • efeb25b8eb Merge pull request #619 from vmware-tanzu/dependabot/go_modules/github.com/creack/pty-1.1.12 Matt Moyer 2021-05-18 09:16:27 -05:00
  • f595e81dbb Bump github.com/creack/pty from 1.1.11 to 1.1.12 dependabot[bot] 2021-05-18 05:56:45 +00:00
  • 0f5f72829b Merge pull request #594 from enj/enj/i/tcr_strict_user_info Mo Khan 2021-05-17 19:28:21 -04:00
  • f40fd29c7c local-user-authenticator: stop setting UID Monis Khan 2021-05-03 15:19:28 -04:00
  • 35479e2978 cred req: disallow lossy user info translations Monis Khan 2021-05-03 14:06:49 -04:00
  • 742b70d6a4 Merge branch 'main' into initial_ldap_group_support Ryan Richard 2021-05-17 14:24:56 -07:00
  • dab5ff3788 ldap_client_test.go: Forgot to change an assertion related to groups Ryan Richard 2021-05-17 14:21:57 -07:00
  • 99099fd32f Yet more debugging of tests which only fail in main CI Ryan Richard 2021-05-17 14:20:41 -07:00
  • 65cab53a11 Merge branch 'main' into initial_ldap_group_support Ryan Richard 2021-05-17 14:12:20 -07:00
  • 8c660f09bc More debugging of tests which only fail in main CI Ryan Richard 2021-05-17 13:53:17 -07:00
  • ac431ddc6d Add more to failure message in test which only fails in main CI Ryan Richard 2021-05-17 12:57:34 -07:00
  • 3e1e8880f7 Initial support for upstream LDAP group membership Ryan Richard 2021-05-17 11:10:26 -07:00
  • 14b8fcc472 Merge pull request #555 from vmware-tanzu/initial_ldap Ryan Richard 2021-05-17 10:40:50 -07:00
  • 20b1c41bf5 Experiment to see if we can ignore read /dev/ptmx: input/output error Ryan Richard 2021-05-13 16:02:24 -07:00
  • f5bf8978a3 Cache ResourceVersion of the validated bind Secret in memory Ryan Richard 2021-05-13 15:22:36 -07:00
  • 514ee5b883 Merge branch 'main' into initial_ldap Ryan Richard 2021-05-13 14:24:10 -07:00
  • 39d7f8b6eb Merge pull request #614 from vmware-tanzu/gc-bug-tests Margo Crawford 2021-05-13 13:08:07 -07:00
  • 609883c49e Update TestSupervisorOIDCDiscovery for versioned IDP discovery endpoint Ryan Richard 2021-05-13 13:07:31 -07:00
  • f15fc66e06 pinniped get kubeconfig refactor to use oidc.NewProvider for discovery Ryan Richard 2021-05-13 12:27:42 -07:00
  • 6479015caf Remove timeout so this test doesnt take forever Margo Crawford 2021-05-13 10:23:44 -07:00
  • 67dca688d7 Add an API version to the Supervisor IDP discovery endpoint Ryan Richard 2021-05-13 10:05:56 -07:00
  • b391d5ae02 Also check that the authcode storage is around for a while Margo Crawford 2021-05-12 14:22:14 -07:00
  • 29ca8acab4 oidc_upstream_watcher.go: two methods become private funcs Ryan Richard 2021-05-12 14:05:08 -07:00
  • 1ae3c6a1ad Split package upstreamwatchers into four packages Ryan Richard 2021-05-12 14:00:39 -07:00
  • 22092e9aed Missed a usage of int64Ptr in previous commit Ryan Richard 2021-05-12 14:00:26 -07:00
  • 874f938fc7 unit test for garbage collection time for refresh and access tokens Margo Crawford 2021-05-12 13:55:54 -07:00
  • 4804c837d4 Insignificant change in ldap_upstream_watcher_test.go Ryan Richard 2021-05-12 13:37:01 -07:00
  • f0652c1ce1 Replace all usages of strPtr() with pointer.StringPtr() Ryan Richard 2021-05-12 13:20:00 -07:00
  • 044443f315 Rename X-Pinniped-Idp-* headers to Pinniped-* Ryan Richard 2021-05-12 13:06:08 -07:00
  • 9ca72fcd30 login.go: Respect overallTimeout for LDAP login-related http requests Ryan Richard 2021-05-12 12:57:10 -07:00
  • 3008d1a85c Log slow LDAP authentication attempts for debugging purposes Ryan Richard 2021-05-12 11:59:48 -07:00
  • 6c2a775c9b Use proxy for pinniped get kubeconfig in hack/prepare-supervisor-on-kind.sh Ryan Richard 2021-05-12 11:34:16 -07:00
  • 41d3e3b6ec Fix lint error in e2e_test.go Ryan Richard 2021-05-12 11:24:00 -07:00
  • 20b86ac0a9 Merge pull request #589 from vmware-tanzu/ldap-get-kubeconfig Ryan Richard 2021-05-12 10:10:49 -07:00
  • df0e715bb7 Add integration test that waits for access token expiry Margo Crawford 2021-05-12 09:05:13 -07:00
  • 6723ed9fd8 Add end-to-end integration test for CLI-based LDAP login Ryan Richard 2021-05-11 13:55:46 -07:00
  • f98aa96ed3 Merge branch 'initial_ldap' into ldap-get-kubeconfig Ryan Richard 2021-05-11 11:10:25 -07:00
  • 675bbb2aba Merge branch 'main' into initial_ldap Ryan Richard 2021-05-11 11:09:37 -07:00
  • e25eb05450 Move Supervisor IDP discovery to its own new endpoint Ryan Richard 2021-05-11 10:31:33 -07:00
  • dbde150c38 Update CLI docs for v0.8.0 release Pinny 2021-05-10 22:01:16 +00:00
  • c0fcd27594 Fix typo in test/integration/e2e_test.go Ryan Richard 2021-05-10 12:51:56 -07:00
  • 1ddc85495f Merge pull request #610 from enj/enj/t/eks_extra_nested_impersonation v0.8.0 Mo Khan 2021-05-10 13:49:24 -04:00
  • 716659b74a impersonation proxy test: handle admin users with mixed case extra keys Monis Khan 2021-05-10 13:22:51 -04:00
  • 696c2b9133 Merge pull request #609 from enj/enj/t/eks_uid_nested_impersonation Mo Khan 2021-05-10 10:35:26 -04:00
  • 0770682bf9 impersonation proxy test: handle admin users with UID such as on EKS Mo Khan 2021-05-10 00:50:59 -04:00
  • 88ff3164a2 Merge pull request #608 from enj/enj/i/discovery_keep_oidc_err Mo Khan 2021-05-10 09:18:13 -04:00
  • 56d316e8d3 upstreamwatcher: do not truncate explicit oidc errors Mo Khan 2021-05-10 00:22:34 -04:00
  • 9fc7f43245 Merge pull request #607 from mattmoyer/fix-eks-nested-impersonation-tests Matt Moyer 2021-05-07 16:46:40 -05:00
  • 47f5e822d0 Fix TestImpersonationProxy on EKS. Matt Moyer 2021-05-07 16:22:08 -05:00
  • cc99d9aeb4 Merge pull request #606 from enj/enj/i/log_discovery_err Mo Khan 2021-05-07 16:56:52 -04:00
  • 7ece196893 upstreamwatcher: preserve oidc discovery error Mo Khan 2021-05-07 15:59:04 -04:00
  • a08a28d67b Merge pull request #603 from vmware-tanzu/dependabot/docker/golang-1.16.4 Matt Moyer 2021-05-07 06:58:13 -05:00
  • 2634c9f04a Bump golang from 1.16.3 to 1.16.4 dependabot[bot] 2021-05-07 05:49:58 +00:00
  • 29a1ca5168 Merge pull request #602 from vmware-tanzu/access-token-lifetime Margo Crawford 2021-05-06 14:39:52 -07:00
  • 5240f5e84a Change access token storage lifetime to be the same as the refresh token's Margo Crawford 2021-05-06 11:53:41 -07:00
  • a8bccc5432 Merge pull request #599 from mattmoyer/docs-tweak-configure-supervisor-with-gitlab Matt Moyer 2021-05-04 17:32:14 -05:00
  • f167a075dd Clean up this language in configure-supervisor-with-gitlab.md a bit more. Matt Moyer 2021-05-04 15:47:18 -05:00
  • 8136c787a7 More adjustments to configure-supervisor-with-gitlab.md. Matt Moyer 2021-05-04 15:33:33 -05:00
  • 3e13b5f39d Do some minor copyediting on "configure-supervisor-with-gitlab.md". Matt Moyer 2021-05-04 14:13:20 -05:00
  • 1a2940c278 Merge pull request #560 from vmware-tanzu/client-debug-logging Margo Crawford 2021-05-04 13:46:47 -07:00
  • 4bb0fdeddd Merge pull request #598 from enj/enj/i/gc_tz Mo Khan 2021-05-04 15:08:06 -04:00
  • 4ce77c4837 supervisor gc: use singleton queue Monis Khan 2021-05-04 12:38:47 -04:00
  • 1586171876 Merge pull request #595 from mattmoyer/fix-psp-related-regression Matt Moyer 2021-05-04 11:04:16 -05:00
  • 165bef7809 Split out kube-cert-agent service account and bindings. Matt Moyer 2021-05-03 16:31:48 -05:00
  • b80cbb8cc5 Run kube-cert-agent pod as Concierge ServiceAccount. Matt Moyer 2021-05-03 16:20:13 -05:00
  • 71e38d232e login.go discards logs by default Ryan Richard 2021-05-03 09:13:18 -07:00
  • 778c194cc4 Autodetection with multiple idps in discovery document Margo Crawford 2021-04-30 17:14:28 -07:00
  • a8754b5658 Refactor: extract helper func from runGetKubeconfig() Margo Crawford 2021-04-30 15:00:54 -07:00
  • 1c66ffd5ff WIP: add supervisor upstream flags to pinniped get kubeconfig Ryan Richard 2021-04-30 14:28:03 -07:00
  • ab94b97f4a Change login.go to use logr.logger Margo Crawford 2021-04-30 12:10:04 -07:00
  • d6a172214d Merge pull request #587 from vmware-tanzu/supervisor-gitlab-docs Margo Crawford 2021-04-30 11:01:22 -07:00
  • 638fa7ba27 Merge pull request #592 from enj/enj/t/valueless_ctx_2 Mo Khan 2021-04-30 11:07:32 -04:00
  • b5ffab6330 valuelesscontext: make unit tests more clear Monis Khan 2021-04-30 10:33:11 -04:00
  • 8556a638a2 Merge pull request #591 from enj/enj/t/valueless_ctx Mo Khan 2021-04-30 10:10:48 -04:00