mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-02-06 04:51:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Commit Graph

  • cbd71df574 Add "upstream-watcher" controller to supervisor. Matt Moyer 2020-11-11 17:10:06 -06:00
  • c05cbca0b0 Reduce client cert TTL back to 5 mins Monis Khan 2020-11-13 11:43:23 -05:00
  • 2e7d869ccc Add generated API/client code for new UpstreamOIDCProvider CRD. Matt Moyer 2020-11-03 14:55:25 -06:00
  • bac3c19bec Add UpstreamOIDCProvider API type definition. Matt Moyer 2020-10-22 21:03:46 -05:00
  • 81b9a48437 callback_handler.go: initial API/test shape with 1 test Andrew Keesler 2020-11-13 12:31:39 -05:00
  • 271640b66d docs/architecture.md: Fix broken link Alexander Brand 2020-11-13 09:17:47 -05:00
  • 6b0d4184d5 docs/architecture.md: Fix broken link Alexander Brand 2020-11-13 09:15:46 -05:00
  • d351ef430c Merge pull request #206 from vmware-tanzu/authorize_endpoint_reuse_cookie Ryan Richard 2020-11-12 16:26:01 -08:00
  • e6f128e2a7 Merge pull request #205 from mattmoyer/more-careful-categories Matt Moyer 2020-11-12 17:37:20 -06:00
  • 080bb594b2 Supervisor authorize endpoint reuses existing CSRF cookies and signs new ones Andrew Keesler 2020-11-12 15:36:59 -08:00
  • f1696411d9 Test that Pinniped APis do not have short names, either. Matt Moyer 2020-11-12 16:49:21 -06:00
  • 5580ca82ac Merge pull request #204 from mattmoyer/cleanup-update-script Matt Moyer 2020-11-12 16:28:24 -06:00
  • 7f2c43cd62 Put all of our APIs into a "pinniped" category, and never use "all". Matt Moyer 2020-11-12 16:24:25 -06:00
  • 372cfe1601 Remove CRD count check, since we can now use wildcards. Matt Moyer 2020-11-12 15:48:03 -06:00
  • d73fdb1d33 Merge pull request #202 from mattmoyer/remove-internal-crd-packages Mo Khan 2020-11-12 15:29:29 -05:00
  • 821190004c Remove extraneous internal packages for CRD APIs. Matt Moyer 2020-11-12 13:44:51 -06:00
  • 8321773a22 auth_handler.go: fix lint error Andrew Keesler 2020-11-12 12:24:40 -05:00
  • 3a943a3b9a auth_handler.go: ignore encoding timestamp for deterministic tests Andrew Keesler 2020-11-12 12:13:58 -05:00
  • 6d380c629a auth_handler.go: use encryption in tests Ryan Richard 2020-11-12 12:13:21 -05:00
  • 5fd105496f Merge pull request #201 from amymanion/am-dev Matt Moyer 2020-11-12 09:12:24 -06:00
  • b3e622c914 Merge pull request #200 from jonasrosland/website-fixes Matt Moyer 2020-11-12 09:10:28 -06:00
  • c4ed768c9e Adjust hero font size Amy Manion 2020-11-12 09:46:44 -05:00
  • ef11f97a75 Style updates -adjust font sizes -fix ordered lists Amy Manion 2020-11-11 22:03:27 -05:00
  • 0b41469527 Website fixes for broken links, formatting, and more Jonas Rosland 2020-11-11 21:40:49 -05:00
  • 8859172025 Merge pull request #198 from enj/enj/i/multi_api_service Mo Khan 2020-11-11 20:44:42 -05:00
  • 9c8b081906 Prevent multiple pinnipeds from thrashing on the API service Monis Khan 2020-11-11 17:49:13 -05:00
  • 300d522eb0 Merge pull request #185 from vmware-tanzu/authorize_endpoint Ryan Richard 2020-11-11 16:03:15 -08:00
  • 203e040be1 Remove an unfinished integration test Ryan Richard 2020-11-11 15:40:40 -08:00
  • fdcea0de05 Merge pull request #197 from jonasrosland/a-seal-of-approval Matt Moyer 2020-11-11 17:33:40 -06:00
  • db6fc234b7 Add NullStorage for the authorize endpoint to use Monis Khan 2020-11-11 14:49:24 -08:00
  • e6838ace6b Add first blog post jonasrosland 2020-11-11 17:06:36 -05:00
  • 4b8c1de647 Add unit test to auth_handler_test.go for non-openid authorize requests Ryan Richard 2020-11-11 13:13:57 -08:00
  • c2262773e6 Finish the WIP from the previous commit for saving authorize endpoint state Andrew Keesler 2020-11-11 12:29:14 -08:00
  • f806768039 Merge pull request #196 from ankeesler/ytt-logging Andrew Keesler 2020-11-11 09:29:24 -05:00
  • 83a156d72b Enable debug logging in all testing scenarios Andrew Keesler 2020-11-11 07:51:51 -05:00
  • 724c0d3eb0 Add YTT template value for setting log level Andrew Keesler 2020-11-11 07:49:46 -05:00
  • dd190dede6 WIP for saving authorize endpoint state into upstream state param Monis Khan 2020-11-10 17:58:00 -08:00
  • 5b8e0c4d99 Merge pull request #195 from mattmoyer/fix-links Matt Moyer 2020-11-10 17:22:37 -06:00
  • b2b8d5457d Fix some links on the community page. Matt Moyer 2020-11-10 17:19:30 -06:00
  • 16ef0b2d41 Merge pull request #194 from jonasrosland/website-fixes Matt Moyer 2020-11-10 16:24:51 -06:00
  • d097de7fdf Minor website fixes and adding netlify configs jonasrosland 2020-11-10 16:03:07 -05:00
  • 101394c714 Merge pull request #188 from smalltalk-ai/main Matt Moyer 2020-11-10 14:51:45 -06:00
  • 06df825dab Merge pull request #193 from mattmoyer/add-extra-sites Matt Moyer 2020-11-10 14:03:37 -06:00
  • f7efc360a0 Add Netlify configs for extra redirect domains. Matt Moyer 2020-11-10 13:58:31 -06:00
  • ad74f259de Content updates -remove extra blog posts -remove extra images -replace Andrew’s picture Amy Manion 2020-11-10 13:39:13 -05:00
  • 005225d5f9 Use the new plog pkg in auth_handler.go Andrew Keesler 2020-11-10 10:33:52 -08:00
  • b9726615dd Merge branch 'main' into authorize_endpoint Ryan Richard 2020-11-10 09:29:21 -08:00
  • 01941d6b2a Run Tilt containers as root because live-reload breaks otherwise Ryan Richard 2020-11-10 09:27:44 -08:00
  • b21c27b219 Merge branch 'main' into authorize_endpoint Ryan Richard 2020-11-10 09:24:19 -08:00
  • 9bfcaa33c6 Merge pull request #190 from enj/enj/f/klog_levels Mo Khan 2020-11-10 12:14:02 -05:00
  • 1c60e09f13 Make race detector happy by removing parallelism Monis Khan 2020-11-10 11:23:42 -05:00
  • 15a5332428 Reduce log spam Monis Khan 2020-11-10 10:22:16 -05:00
  • a5643e3738 Add log level support Monis Khan 2020-11-10 09:57:29 -05:00
  • 9356f64c55 Remove global klog --log-flush-frequency flag Monis Khan 2020-11-10 08:48:42 -05:00
  • 246471bc91 Also run OIDC validations in supervisor authorize endpoint Ryan Richard 2020-11-06 14:44:58 -08:00
  • 896e1b45f0 Hugo version of Pinniped site Adam Powell 2020-11-06 12:42:57 -10:00
  • 4032ed32ae Auth endpoint integration test initial thoughts Andrew Keesler 2020-11-05 10:59:03 -05:00
  • 33ce79f89d Expose the Supervisor OIDC authorization endpoint to the public Ryan Richard 2020-11-04 17:06:47 -08:00
  • 3bc13517b2 prepare-for-integration-tests.sh: add check for chromedriver Andrew Keesler 2020-11-04 15:53:12 -08:00
  • a36f7c6c07 Test that the port of localhost redirect URI is ignored during validation Andrew Keesler 2020-11-04 15:04:50 -08:00
  • ba688f56aa Supervisor authorize endpoint errors when PKCE code_challenge_method is invalid Ryan Richard 2020-11-04 12:29:43 -08:00
  • 8684f8f628 Merge pull request #139 from enj/enj/i/use_parent_func Matt Moyer 2020-11-04 14:21:50 -06:00
  • 2564d1be42 Supervisor authorize endpoint errors when missing PKCE params Andrew Keesler 2020-11-04 12:19:07 -08:00
  • 4da3d93f6e The supervisor JWKS observer and TLS cert controllers use the ctx after all, whoops. Matt Moyer 2020-11-04 13:08:50 -06:00
  • 0045ce4286 Refactor auth_handler_test.go's creation of paths and urls to use helpers Ryan Richard 2020-11-04 09:58:40 -08:00
  • 418f4d20ae Use parent func to indicate when the controller queue is a singleton Monis Khan 2020-10-02 13:22:18 -04:00
  • 8a7e22e63e @ankeesler: Maybe, but not this time ;) Ryan Richard 2020-11-04 08:43:45 -08:00
  • 9e4ffd1cce One of these days I will get here.Doc() spacing correct Andrew Keesler 2020-11-04 11:29:33 -05:00
  • 6fe455c687 auth_handler.go: comment out currently unused fosite wiring Andrew Keesler 2020-11-04 11:20:03 -05:00
  • d8c8f04860 auth_handler.go: write some more negative tests Andrew Keesler 2020-11-04 11:12:26 -05:00
  • e8f433643f auth_handler.go: only inject oauth store into handler Andrew Keesler 2020-11-04 10:35:26 -05:00
  • 4f95e6a372 auth_handler.go: add test for invalid downstream redirect uri Andrew Keesler 2020-11-04 10:30:53 -05:00
  • 259ffb5267 Checkpoint: write a single negative test using fosite Andrew Keesler 2020-11-04 10:15:19 -05:00
  • aab0fd644f Merge remote-tracking branch 'upstream/main' into authorize_endpoint Andrew Keesler 2020-11-04 10:14:54 -05:00
  • e7a817e67a Merge pull request #186 from ankeesler/bump-jose Andrew Keesler 2020-11-04 10:14:32 -05:00
  • 0bbf55e46f gopkg.in/square/go-jose.v2: v2.2.2 -> v2.5.1 Andrew Keesler 2020-11-04 09:55:18 -05:00
  • c34e5a727d Starting the implementation of an OIDC authorization endpoint handler Ryan Richard 2020-11-03 16:17:38 -08:00
  • 0d8477ea8a Add a type for in-memory caching of upstream OIDC Identity Providers Andrew Keesler 2020-11-03 12:06:07 -08:00
  • 1223cf7877 Merge pull request #154 from vmware-tanzu/change_release_static_yaml_names v0.2.0 Ryan Richard 2020-11-02 17:09:11 -08:00
  • 036845deee Merge pull request #184 from vmware-tanzu/bump_golang_and_slim Ryan Richard 2020-11-02 17:08:48 -08:00
  • c451604816 Merge pull request #182 from mattmoyer/more-renames Matt Moyer 2020-11-02 18:34:26 -06:00
  • 05cf56a0fa Merge pull request #180 from vmware-tanzu/limits Ryan Richard 2020-11-02 16:22:37 -08:00
  • 5a0e7fd358 Upgrade golang patch release to 1.15.3 and debian 10.5-slim -> 10.6-slim Ryan Richard 2020-11-02 16:17:15 -08:00
  • 2bf5c8b48b Replace the OIDCProvider field SNICertificateSecretName with a TLS.SecretName field. Matt Moyer 2020-11-02 16:55:29 -06:00
  • 05233963fb Add CPU requests and limits to the Concierge and Supervisor deployments Ryan Richard 2020-11-02 15:47:20 -08:00
  • 2b8773aa54 Rename OIDCProviderConfig to OIDCProvider. Matt Moyer 2020-11-02 16:24:55 -06:00
  • 59263ea733 Rename CredentialIssuerConfig to CredentialIssuer. Matt Moyer 2020-11-02 15:39:43 -06:00
  • b13a8075e4 Merge pull request #183 from vmware-tanzu/non-root Matt Moyer 2020-11-02 17:39:14 -06:00
  • d596f8c3e5 Empty commit to trigger CI Ryan Richard 2020-11-02 15:18:39 -08:00
  • 75c35e74cc Refactor and add unit tests for previous commit to run agent pod as root Ryan Richard 2020-11-02 15:03:37 -08:00
  • e4f4cd7ca0 Merge pull request #181 from mattmoyer/add-psp-cluster-role-permission Matt Moyer 2020-11-02 15:35:56 -06:00
  • a01921012d kubecertagent: explicitly run as root Ryan Richard 2020-11-02 16:33:46 -05:00
  • 2e50e8f01b hack/lib/tilt: run Tilt images with non-root user Ryan Richard 2020-11-02 16:32:50 -05:00
  • 935577f8e7 Give the concierge access to use any PodSecurityPolicy. Matt Moyer 2020-11-02 15:10:00 -06:00
  • 781f86d18c deploy: add memory limits Ryan Richard 2020-11-02 14:57:39 -05:00
  • fcea48c8f9 Run as non-root Andrew Keesler 2020-11-02 11:57:05 -05:00
  • 7639d5e161 Merge pull request #178 from ankeesler/test-cleanup Andrew Keesler 2020-11-02 12:22:34 -05:00
  • ab5c04b1f3 Merge pull request #176 from vmware-tanzu/agent_pod_additional_label_handling Ryan Richard 2020-11-02 09:08:42 -08:00
  • fb3c5749e8 test/integration: protect from NPE and follow doc conventions Andrew Keesler 2020-11-02 11:42:46 -05:00
  • 7597b12a51 Small unit test changes for deleter_test.go Ryan Richard 2020-11-02 08:40:39 -08:00