mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-05-19 14:21:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Commit Graph

  • 7b1ecf79a6 Fix race between err chan send and re-queue Monis Khan 2021-03-11 10:13:07 -05:00
  • 32b038c639 test/integration: add 'kubectl cp' test to TestImpersonationProxy Andrew Keesler 2021-03-11 10:02:28 -05:00
  • d13bb07b3e Add integration test for using WhoAmIRequest through impersonator Ryan Richard 2021-03-10 16:57:15 -08:00
  • 24396b6af1 Use gorilla websocket library so squid proxy works Margo Crawford 2021-03-10 15:49:09 -08:00
  • 006dc8aa79 Small test refactor Ryan Richard 2021-03-10 14:50:46 -08:00
  • 2a2e2f532b Remove an integration test that is covered elsewhere now Ryan Richard 2021-03-10 14:17:20 -08:00
  • 1078bf4dfb Don't pass credentials when testing impersonation proxy port is closed Ryan Richard 2021-03-10 13:08:15 -08:00
  • c14621428f Merge pull request #485 from vmware-tanzu/pabloschuhmacher-patch-2 Matt Moyer 2021-03-10 12:43:55 -08:00
  • 6582c23edb Fix a race detector error in a unit test Monis Khan 2021-03-10 11:24:42 -08:00
  • 0b300cbe42 Use TokenCredentialRequest instead of base64 token with impersonator Ryan Richard 2021-03-10 10:30:06 -08:00
  • 876f0a55d8 Create ROADMAP.md in actual markdown Pablo Schuhmacher 2021-03-09 18:41:40 -08:00
  • c853707889 Added integration test for using websockets via the impersonation proxy Margo Crawford 2021-03-09 16:58:44 -08:00
  • 005133fbfb Add more debug logging when waiting for pending strategies. Matt Moyer 2021-03-09 16:56:53 -06:00
  • 0cb1538b39 Fix linter warnings, including a bit of refactoring. Matt Moyer 2021-03-09 15:16:46 -06:00
  • 0abe10e6b2 Add new behavior to "pinniped get kubeconfig" to wait for pending strategies to become non-pending. Matt Moyer 2021-03-09 14:48:16 -06:00
  • 883b90923d Add integration test for kubectl port-forward with impersonation Margo Crawford 2021-03-09 11:32:27 -08:00
  • d6a0dfa497 Add some debug logging when "pinniped get kubeconfig" fails to find a successful strategy. Matt Moyer 2021-03-09 12:39:44 -06:00
  • 29d5e43220 Fix minor typo in e2e_test.go. Matt Moyer 2021-03-09 12:12:52 -06:00
  • eef1fd0c64 Merge pull request #481 from vmware-tanzu/dependabot/go_modules/github.com/ory/fosite-0.39.0 Matt Moyer 2021-03-09 07:51:27 -06:00
  • b2be83ee45 Bump github.com/ory/fosite from 0.38.0 to 0.39.0 dependabot[bot] 2021-03-09 05:50:01 +00:00
  • b20a8358d3 Merge branch 'main' of github.com:vmware-tanzu/pinniped into impersonation-proxy Matt Moyer 2021-03-08 15:16:40 -06:00
  • a58b460bcb Switch TestImpersonationProxy to get clients from library.NewKubeclient instead of directly from kubernetes.NewForConfig. Matt Moyer 2021-03-08 15:03:34 -06:00
  • 8fd6a71312 Use simpler prefix matching for impersonation headers. Matt Moyer 2021-03-08 14:36:29 -06:00
  • 6efbd81f75 Rename this flag types for consistency. Matt Moyer 2021-03-08 14:33:38 -06:00
  • a059d8dfce Refactor "get kubeconfig" a bit more to clean things up. Matt Moyer 2021-03-08 14:31:13 -06:00
  • 8c0a073cb6 Fix this constant name to match its value. Matt Moyer 2021-03-08 13:31:16 -06:00
  • 389cd3486b Rework "pinniped get kubeconfig" so that --concierge-mode can be used even when auto-discovering other parameters. Matt Moyer 2021-03-08 11:43:56 -06:00
  • eac108aee5 Merge pull request #478 from vmware-tanzu/prepare-script-macos-big-sur Matt Moyer 2021-03-08 10:02:52 -06:00
  • 49ec16038c Add integration test for using "kubectl exec" through the impersonator Ryan Richard 2021-03-05 16:14:45 -08:00
  • 4bd68b1fa1 Use LC_ALL=C instead of LC_CTYPE=C because it works on Big Sur Margo Crawford 2021-03-05 15:25:52 -08:00
  • 73419313ee Log when the validation eventually succeeds. Matt Moyer 2021-03-05 16:59:43 -06:00
  • 4750d7d7d2 The stderr from "pinniped get kubeconfig" is no longer empty. Matt Moyer 2021-03-05 16:57:24 -06:00
  • ba0dc3bf52 Remove this test retry loop since the "get kubeconfig" step should now wait. Matt Moyer 2021-03-05 16:39:57 -06:00
  • 5d8594b285 Add validation step to "pinniped get kubeconfig". Matt Moyer 2021-03-05 16:35:42 -06:00
  • ce1b6303d9 Add an "--output" flag to "pinniped get kubeconfig". Matt Moyer 2021-03-05 15:53:30 -06:00
  • 36bc679142 Add diagnostic logging to "pinniped get kubeconfig". Matt Moyer 2021-03-05 15:52:17 -06:00
  • c4f6fd5b3c Add a bit nicer assertion helper in testutil/testlogger. Matt Moyer 2021-03-05 15:49:45 -06:00
  • 52f58477b8 Wait for the ELB to become available _before_ starting the kubectl command. Matt Moyer 2021-03-05 09:32:49 -06:00
  • d848499176 Close this HTTP response body in TestE2EFullIntegration. Matt Moyer 2021-03-05 08:45:25 -06:00
  • c3b7d21037 Be less picky about what error code is returned here. Matt Moyer 2021-03-05 08:39:48 -06:00
  • 832bc2726e Merge pull request #477 from vmware-tanzu/dependabot/go_modules/github.com/google/go-cmp-0.5.5 Matt Moyer 2021-03-05 08:20:51 -06:00
  • 3833ba0430 Bump github.com/google/go-cmp from 0.5.4 to 0.5.5 dependabot[bot] 2021-03-05 05:59:54 +00:00
  • ec133b9743 Resolve some new linter errors Ryan Richard 2021-03-04 17:44:01 -08:00
  • d8c6894cbc All controller unit tests should not cancel context until test is over Ryan Richard 2021-03-04 17:25:43 -08:00
  • b102aa8991 In unit test, wait for obj from informer instead of resource version Ryan Richard 2021-03-04 15:36:51 -08:00
  • 9eb97e2683 Use Eventually when making tls connections and avoid resource version 0 Ryan Richard 2021-03-04 13:52:34 -08:00
  • fea626b654 Remove this proxy-related test code that we ended up not needing. Matt Moyer 2021-03-04 17:19:59 -06:00
  • 16163b989b Use regular http.Client in this test. Matt Moyer 2021-03-04 17:18:24 -06:00
  • 165fce67af Use the unversioned REST client for this check. Matt Moyer 2021-03-04 16:23:39 -06:00
  • 6a8f377781 Fix a linter warning. Matt Moyer 2021-03-04 16:16:03 -06:00
  • d24cf4b8a7 Go back to testing entirely through the proxy, but add a retry loop during the first connection. Matt Moyer 2021-03-04 16:05:56 -06:00
  • 34e15f03c3 Simplify const declarations in flag_types.go. Matt Moyer 2021-03-04 15:17:42 -06:00
  • 274e6281a8 Whoops, missed these fixes in test/library/env.go. Matt Moyer 2021-03-04 15:21:17 -06:00
  • 7146cb3880 Remove old debug-make-impersonation-token command. Matt Moyer 2021-03-04 15:02:42 -06:00
  • 9dfbe60253 Do the kubeconfig proxy environment injection, but actually render back out the YAML. Matt Moyer 2021-03-04 14:41:20 -06:00
  • 1734280a19 Merge branch 'main' of github.com:vmware-tanzu/pinniped into impersonation-proxy Matt Moyer 2021-03-04 12:38:00 -06:00
  • 9a0f75980d Set a special proxy environment just for the "pinniped login oidc" command in the E2E test. Matt Moyer 2021-03-04 12:35:29 -06:00
  • ddd1d29e5d Fix "pinniped get kubeconfig" strategy detection to pick the _first_ working strategy. Matt Moyer 2021-03-04 12:24:57 -06:00
  • 03f09c6870 Allow TestE2EFullIntegration to run on clusters where only the impersonation proxy works (again). Matt Moyer 2021-03-03 16:49:33 -06:00
  • f99c186c55 Merge pull request #475 from vmware-tanzu/dependabot/go_modules/k8s.io/klog/v2-2.6.0 Matt Moyer 2021-03-04 10:04:08 -06:00
  • 14b8def320 Bump k8s.io/klog/v2 from 2.5.0 to 2.6.0 dependabot[bot] 2021-03-04 06:10:36 +00:00
  • 5697adc36a Revert "Allow TestE2EFullIntegration to run on clusters where only the impersonation proxy works." Ryan Richard 2021-03-03 17:24:10 -08:00
  • 9c1c760f56 Always clean up the ConfigMap at the end of the impersonator int test Ryan Richard 2021-03-03 16:23:07 -08:00
  • 48f2ae9eb4 Fix a typo in concierge_impersonation_proxy_test.go Ryan Richard 2021-03-03 15:17:45 -08:00
  • 7c9aff3278 Allow TestE2EFullIntegration to run on clusters where only the impersonation proxy works. Matt Moyer 2021-03-03 16:49:33 -06:00
  • 58607c7e81 Update TestCredentialIssuer int test to ignore ImpersonationProxy type Ryan Richard 2021-03-03 14:19:24 -08:00
  • 1b3103c9b5 Remove a nolint comment to satisfy the version of the linter used in CI Ryan Richard 2021-03-03 13:37:03 -08:00
  • 666c0b0e18 Use CredentialIssuer for URL/CA discovery in impersonator int test Ryan Richard 2021-03-03 12:53:23 -08:00
  • f0fc84c922 Add new allowed values to field validations on CredentialIssuer Ryan Richard 2021-03-03 12:30:21 -08:00
  • 7b7901af36 Add -timeout 0 when describing how to run integration tests Ryan Richard 2021-03-03 12:08:40 -08:00
  • 57453773ea CONTRIBUTING.md: remove mention of Tilt, since it isn't working well Ryan Richard 2021-03-03 12:06:44 -08:00
  • f4fcb9bde6 Sort CredentialIssuer strategies in preferred order. Matt Moyer 2021-03-03 14:03:27 -06:00
  • 0799a538dc change FromString to Parse so TargetPort parses correctly Margo Crawford 2021-03-03 11:11:58 -08:00
  • 4f700d4811 Merge pull request #473 from enj/enj/r/oidc_discovery_json Mo Khan 2021-03-03 14:12:33 -05:00
  • d7edc41c24 oidc discovery: encode metadata once and reuse Monis Khan 2021-03-03 13:37:43 -05:00
  • 333a3ab4c2 impersonator_config_test.go: Add another unit test Ryan Richard 2021-03-03 09:37:08 -08:00
  • 730092f39c impersonator_config.go: refactor to clean up cert name handling Ryan Richard 2021-03-03 09:22:35 -08:00
  • d3599c541b Fill in the frontend field of CredentialIssuer status for impersonator Ryan Richard 2021-03-02 16:51:35 -08:00
  • 454f35ccd6 Edit a comment on a type and run codegen Ryan Richard 2021-03-02 16:00:49 -08:00
  • 27daf0a2fe Increase timeout for creating load balancer in impersonation proxy test Margo Crawford 2021-03-02 15:49:01 -08:00
  • 8bf03257f4 Add new impersonation-related constants to api types and run codegen Ryan Richard 2021-03-02 15:27:54 -08:00
  • 1ad2c38509 Impersonation controller updates CredentialIssuer on every call to Sync Ryan Richard 2021-03-02 14:48:58 -08:00
  • 84cc42b2ca Remove tls field from the impersonator config Ryan Richard 2021-03-02 12:23:32 -08:00
  • 4c68050706 Allow all headers besides impersonation-* through impersonation proxy Margo Crawford 2021-03-02 14:56:54 -08:00
  • aa826a1579 Merge pull request #472 from mattmoyer/deflake-getpinnipedcategory-test Matt Moyer 2021-03-02 16:42:23 -06:00
  • 60f92d5fe2 Merge branch 'main' of github.com:vmware-tanzu/pinniped into impersonation-proxy Matt Moyer 2021-03-02 16:06:19 -06:00
  • df27c2e1fc Use randomly generated API groups in TestKubeClientOwnerRef. Matt Moyer 2021-03-02 15:41:21 -06:00
  • 45f57939af Make TestGetPinnipedCategory more resilient. Matt Moyer 2021-03-02 14:17:27 -06:00
  • 30f5f66090 Merge pull request #471 from vmware-tanzu/change-credentialissuer-strategies-api Matt Moyer 2021-03-02 15:39:41 -06:00
  • 2a29303e3f Fix label handling in kubecertagent controllers. Matt Moyer 2021-03-02 13:59:46 -06:00
  • 643c60fd7a Drop NewKubeConfigInfoPublisherController, start populating strategy frontend from kubecertagent execer controller. Matt Moyer 2021-03-02 12:55:24 -06:00
  • 7174f857d8 Add generated code. Matt Moyer 2021-03-01 16:17:04 -06:00
  • 0be2c0d40f Add CredentialIssuer "status.strategies[].frontend" field. Matt Moyer 2021-03-01 14:26:43 -06:00
  • a75c2194bc Read the names of the impersonation-related resources from the config Ryan Richard 2021-03-02 09:31:24 -08:00
  • 41140766f0 Add integration test which demonstrates double impersonation Ryan Richard 2021-03-01 17:53:26 -08:00
  • 045c427317 Merge branch 'main' into impersonation-proxy Ryan Richard 2021-03-01 17:03:56 -08:00
  • ac404af48f Add .DS_Store files to .gitignore Ryan Richard 2021-03-01 17:03:05 -08:00
  • a2ecd05240 Impersonator config controller writes CA cert & key to different Secret Ryan Richard 2021-03-01 17:02:08 -08:00
  • a778a5ef81 Merge pull request #469 from mattmoyer/split-out-credentialissuer-status-helpers Matt Moyer 2021-03-01 18:14:16 -06:00
  • c94ee7188c Factor out issuerconfig.UpdateStrategy helper. Matt Moyer 2021-03-01 15:41:55 -06:00