mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-02-06 21:11:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Commit Graph

  • abc941097c Add WhoAmIRequest Aggregated Virtual REST API Monis Khan 2021-02-19 13:21:10 -05:00
  • 62630d6449 getAggregatedAPIServerScheme: move group version logic internally Monis Khan 2021-02-19 10:10:30 -05:00
  • f228f022f5 Merge pull request #435 from enj/enj/c/bump_v0.20.4 Mo Khan 2021-02-19 10:59:40 -05:00
  • 1c1decfaf1 Generated Monis Khan 2021-02-19 10:33:10 -05:00
  • 7786c83b0d Bump kube deps to v0.20.4 Monis Khan 2021-02-19 10:26:53 -05:00
  • 41b75e6977 Merge pull request #431 from enj/enj-patch-1 Mo Khan 2021-02-19 08:48:06 -05:00
  • a54e1145a5 concierge API service: update groupPriorityMinimum and versionPriority Mo Khan 2021-02-19 07:47:38 -05:00
  • b8592a361c Add some comments to concierge_impersonation_proxy_test.go Ryan Richard 2021-02-18 16:27:03 -08:00
  • 19881e4d7f Increase how long we wait for loadbalancers to be deleted for int test Margo Crawford 2021-02-18 15:58:27 -08:00
  • 126f9c0da3 certs_manager.go: Rename some local variables Ryan Richard 2021-02-18 11:16:34 -08:00
  • 7a140bf63c concierge_impersonation_proxy_test.go: add an eventually loop Margo Crawford 2021-02-18 11:08:13 -08:00
  • f5fedbb6b2 Add Service resource "delete" permission to Concierge RBAC Ryan Richard 2021-02-18 10:59:58 -08:00
  • 957cb2d56c Merge remote-tracking branch 'upstream/main' into impersonation-proxy Andrew Keesler 2021-02-18 13:37:28 -05:00
  • b3cdc438ce internal/concierge/impersonator: reuse kube bearertoken.Authenticator Andrew Keesler 2021-02-18 10:13:24 -05:00
  • 22a3e73bac impersonator_config_test.go: use require.Len() when applicable Margo Crawford 2021-02-17 17:29:56 -08:00
  • 0ad91c43f7 ImpersonationConfigController uses servicesinformer Margo Crawford 2021-02-17 17:22:13 -08:00
  • 2b208807a6 Merge pull request #426 from mattmoyer/website-accessibility-tweaks Matt Moyer 2021-02-17 17:28:03 -06:00
  • 25f841d063 Tweak website styles for accessibility. Matt Moyer 2021-02-17 17:08:34 -06:00
  • 10b769c676 Fixed integration tests for load balancer capabilities Margo Crawford 2021-02-17 10:32:29 -08:00
  • 67da840097 Add loadbalancer for impersonation proxy when needed Margo Crawford 2021-02-16 15:57:02 -08:00
  • 93d4581721 Workaround a bad module version to fix Dependabot. Matt Moyer 2021-02-16 17:05:33 -06:00
  • 0a7c5b0604 Merge pull request #403 from mattmoyer/add-latest-generated-package Matt Moyer 2021-02-16 15:30:48 -06:00
  • acbeb93f79 Don't lint generated code. Matt Moyer 2021-02-16 13:18:18 -06:00
  • 6565265bee Use new 'go.pinniped.dev/generated/latest' package. Matt Moyer 2021-02-16 13:00:08 -06:00
  • b42a34d822 Add generated client code for 'latest'. Matt Moyer 2021-02-09 09:46:38 -06:00
  • 3ce3403b95 Update ./hack/update.sh to add a "latest" package. Matt Moyer 2021-02-09 09:45:28 -06:00
  • eb19980110 internal/concierge/impersonator: set user extra impersonation headers Andrew Keesler 2021-02-16 09:09:54 -05:00
  • c7905c6638 internal/concierge/impersonator: fail if impersonation headers set Andrew Keesler 2021-02-16 08:15:50 -05:00
  • fdd8ef5835 internal/concierge/impersonator: handle custom login API group Andrew Keesler 2021-02-15 18:00:10 -05:00
  • 25bc8dd8a9 test/integration: hopefully fix TestImpersonationProxy Andrew Keesler 2021-02-15 18:04:12 -05:00
  • 6512ab1351 internal/concierge/impersonator: don't care about namespace Andrew Keesler 2021-02-11 17:27:27 -05:00
  • 5cd60fa5f9 Move starting/stopping impersonation proxy server to a new controller Ryan Richard 2021-02-11 17:22:47 -08:00
  • fac571b51a Merge pull request #410 from ankeesler/update-copyright Andrew Keesler 2021-02-11 12:26:31 -05:00
  • 9b87906a30 Merge remote-tracking branch 'upstream/main' into impersonation-proxy Andrew Keesler 2021-02-11 10:38:08 -05:00
  • c8b1f00107 generated: include 2021 in copyright Andrew Keesler 2021-02-11 10:52:01 -05:00
  • f015ad5852 Merge pull request #405 from enj/enj/i/cluster_scope_concierge v0.6.0 Mo Khan 2021-02-11 08:50:42 -05:00
  • b04fd46319 Update federation domain logic to use status subresource Monis Khan 2021-02-10 21:46:03 -05:00
  • 4c304e4224 Assert all APIs have a status subresource Monis Khan 2021-02-10 21:20:19 -05:00
  • 0a9f446893 Update credential issuer logic to use status subresource Monis Khan 2021-02-10 20:59:46 -05:00
  • 96cec59236 Generated Monis Khan 2021-02-10 20:03:15 -05:00
  • 4faf724c2c Make credential issuer status optional Monis Khan 2021-02-10 20:02:36 -05:00
  • de88ae2f61 Fix status related RBAC Monis Khan 2021-02-10 18:02:18 -05:00
  • dd3d1c8b1b Generated Monis Khan 2021-02-10 17:49:21 -05:00
  • 2e9baf9fa6 Correctly generate status subresource for all CRDs Monis Khan 2021-02-10 17:42:08 -05:00
  • ac01186499 Use API service as owner ref for cluster scoped resources Monis Khan 2021-02-10 11:12:03 -05:00
  • 2eb01bd307 authncache: remove namespace concept Monis Khan 2021-02-09 18:16:22 -05:00
  • 741b8fe88d Generated Monis Khan 2021-02-09 16:21:17 -05:00
  • d25c6d9d0a Make kubebuilder CRDs cluster scoped Monis Khan 2021-02-09 16:17:53 -05:00
  • 89b00e3702 Declare war on namespaces Monis Khan 2021-02-09 13:59:32 -05:00
  • d2480e6300 Generated Monis Khan 2021-02-09 12:23:22 -05:00
  • 4205e3dedc Make concierge APIs cluster scoped Monis Khan 2021-02-09 11:57:34 -05:00
  • ee80920ffd Merge pull request #409 from mattmoyer/upgrade-debian Matt Moyer 2021-02-10 16:57:09 -06:00
  • 45f4a0528c Upgrade Debian base images from 10.7 to 10.8. Matt Moyer 2021-02-10 15:56:56 -06:00
  • d0266cecdb Merge pull request #390 from ankeesler/use-more-middleware Andrew Keesler 2021-02-10 16:38:54 -05:00
  • 0fc1f17866 internal/groupsuffix: mutate TokenCredentialRequest's Authenticator Andrew Keesler 2021-02-04 20:02:59 -05:00
  • ae6503e972 internal/plog: add KObj() and KRef() Andrew Keesler 2021-02-04 20:02:38 -05:00
  • 44b7679e9f Merge pull request #407 from ankeesler/test-flake Mo Khan 2021-02-10 14:24:44 -05:00
  • 12d5b8959d test/integration: make TestKubeCertAgent more stable Andrew Keesler 2021-02-10 11:25:08 -05:00
  • 5b076e7421 Merge pull request #404 from ankeesler/remove-deprecated-commands Andrew Keesler 2021-02-10 08:33:00 -05:00
  • 1ffe70bbea cmd/pinniped: delete get-kubeconfig + exchange-token Andrew Keesler 2021-02-09 11:17:11 -05:00
  • e4c49c37b9 Merge branch 'main' into impersonation-proxy Ryan Richard 2021-02-09 13:45:37 -08:00
  • 268ca5b7f6 Add config structs in impersonator package Ryan Richard 2021-02-09 13:42:56 -08:00
  • cf735715f6 Merge pull request #394 from enj/enj/i/server_side_tcr_api_group Mo Khan 2021-02-09 16:36:13 -05:00
  • 2679d27ced Use server scheme to handle credential request API group changes Monis Khan 2021-02-09 15:51:38 -05:00
  • 6b71b8d8ad Revert server side token credential request API group changes Monis Khan 2021-02-09 15:51:35 -05:00
  • 8697488126 internal/concierge/impersonator: use kubeconfig from kubeclient Andrew Keesler 2021-02-09 15:28:56 -05:00
  • dfcc2a1eb8 Introduce clusterhost package to determine whether a cluster has control plane nodes Margo Crawford 2021-02-05 17:01:39 -08:00
  • 812f5084a1 internal/concierge/impersonator: don't mutate ServeHTTP() req Andrew Keesler 2021-02-09 13:25:24 -05:00
  • 43da4ab2e0 SECURITY.md: follow established pattern Andrew Keesler 2021-02-09 09:07:49 -05:00
  • e4d8af6701 Merge pull request #399 from mattmoyer/upgrade-go Matt Moyer 2021-02-08 18:17:17 -06:00
  • d06c935c2c Upgrade Go from 1.15.7 to 1.15.8. Matt Moyer 2021-02-08 10:58:51 -06:00
  • 9399b5d800 Merge pull request #395 from enj/enj/i/remove_multierror Mo Khan 2021-02-05 15:14:25 -05:00
  • 05a471fdf9 Migrate callers to k8s.io/apimachinery/pkg/util/errors.NewAggregate Monis Khan 2021-02-05 12:56:05 -05:00
  • 81d4e50f94 Remove multierror package Monis Khan 2021-02-05 12:55:18 -05:00
  • 850f030fe3 Merge pull request #393 from enj/enj/i/no_op_tcr_list Matt Moyer 2021-02-05 11:09:09 -06:00
  • f7958ae75b Add no-op list support to token credential request Monis Khan 2021-02-05 10:55:19 -05:00
  • ee05f155ca Merge pull request #392 from ankeesler/flowcontrol-rbac Andrew Keesler 2021-02-05 09:19:50 -05:00
  • 2ae631b603 deploy/concierge: add RBAC for flowschemas and prioritylevelconfigurations Andrew Keesler 2021-02-05 08:19:12 -05:00
  • 9c64476aee Tweak some small bits in the blog post. Matt Moyer 2021-02-04 17:51:35 -06:00
  • b6e98b5783 Update the get.pinniped.dev redirect to always point at the latest version. Matt Moyer 2021-02-04 17:48:41 -06:00
  • 9addb4d6e0 Merge pull request #385 from vmware-tanzu/credential_request_spec_api_group v0.5.0 Matt Moyer 2021-02-04 16:19:20 -06:00
  • 2a921f7090 Merge branch 'main' into credential_request_spec_api_group Ryan Richard 2021-02-04 13:44:53 -08:00
  • bb8b65cca6 Merge pull request #387 from vmware-tanzu/blog/multiple-pinnipeds Matt Moyer 2021-02-04 15:22:52 -06:00
  • 5c331e9002 Fix go.pinniped.dev redirects. Matt Moyer 2021-02-04 14:51:31 -06:00
  • 1382fc6e5f Add a v0.5.0 "multiple Pinnipeds" blog post. Matt Moyer 2021-02-03 22:07:09 -06:00
  • cc8c917249 Merge pull request #325 from ankeesler/restart-test Andrew Keesler 2021-02-04 13:07:40 -05:00
  • ae498f14b4 test/integration: ensure no pods restart during integration tests Andrew Keesler 2021-01-12 15:55:31 -05:00
  • 288d9c999e Use custom suffix in Spec.Authenticator.APIGroup of TokenCredentialRequest Ryan Richard 2021-02-03 15:49:15 -08:00
  • 26922307ad prepare-for-integration-tests.sh: New cmdline option --api_group_suffix Andrew Keesler 2021-02-03 12:07:13 -08:00
  • 5549a262b9 Rename client_test.go to concierge_client_test.go Ryan Richard 2021-02-03 12:05:21 -08:00
  • 6b46bae6c6 Fixed integration test compile failures after rebase Margo Crawford 2021-02-03 11:32:29 -08:00
  • c5df66fbd5 Merge pull request #383 from enj/enj/i/avoid_scheme_double_register Mo Khan 2021-02-03 13:55:33 -05:00
  • 23e8c35918 Revert "CredentialIssuer contains Impersonation Proxy spec" Margo Crawford 2021-02-01 12:43:34 -08:00
  • ab60396ac4 CredentialIssuer contains Impersonation Proxy spec Margo Crawford 2021-01-29 16:38:50 -08:00
  • 343c275f46 Path to ci bundle rather than the actual value for get kubeconfig Margo Crawford 2021-01-27 15:39:16 -08:00
  • 12e41d783f Refactored execCredentialForImpersonationProxy to be shared Margo Crawford 2021-01-26 16:49:03 -08:00
  • 2f891b4bfb Add --concierge-use-impersonation-proxy to static login Margo Crawford 2021-01-26 16:08:27 -08:00
  • 170b86d0c6 Add happy path test for login oidc Margo Crawford 2021-01-26 13:34:09 -08:00
  • 07b7b743b4 Impersonation proxy cli arguments Margo Crawford 2021-01-26 11:39:42 -08:00
  • 64aff7b983 Only log user ID, not user name/groups. Matt Moyer 2021-01-22 12:12:12 -06:00