djpbessems
/
ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ContainerImage.Pinniped/hack/lib/tilt/Tiltfile

198 lines
8.4 KiB
Plaintext
Raw Normal View History

Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
load('ext://restart_process', 'docker_build_with_restart')
disable_snapshots()
analytics_settings(False)
update_settings(max_parallel_updates=8)
os.putenv('CGO_ENABLED', '0')
os.putenv('GOOS', 'linux')
os.putenv('GOARCH', 'amd64')
os.putenv('CGO_ENABLED', '0')
os.putenv('KUBE_GIT_VERSION', 'v0.0.0')
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
#####################################################################################################
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
# Compile all of our ./cmd/... binaries.
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
#
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
local_resource(
'compile',
'cd ../../../ && mkdir -p ./hack/lib/tilt/build && go build -v -ldflags "$(hack/get-ldflags.sh)" -o ./hack/lib/tilt/build ./cmd/...',
deps=['../../../cmd', '../../../internal', '../../../pkg', '../../../generated'],
)
Add Dex to our integration test environment and use it to test the CLI. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-10-13 21:09:13 +00:00
#####################################################################################################
Fix some broken resource grouping/ordering in Tiltfile. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-17 18:21:15 +00:00
# Test IDP (Dex + cert generation + squid proxy)
Add Dex to our integration test environment and use it to test the CLI. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-10-13 21:09:13 +00:00
#
Fix some broken resource grouping/ordering in Tiltfile. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-17 18:21:15 +00:00
# Render the IDP installation manifest using ytt.
Parameterize the `supervisor_redirect_uri` in the test env Dex. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-03 18:45:56 +00:00
k8s_yaml(local(['ytt',
'--file', '../../../test/deploy/dex',
'--data-value', 'supervisor_redirect_uri=https://pinniped-supervisor-clusterip.supervisor.svc.cluster.local/some/path/callback',
]))
Tilefile watches for changes in ytt templates - When using `local()` in the Tiltfile it will not know to watch those files for changes, so each time we use `local()` we now also use `watch_file()` - As a result, editing a ytt template file now causes an immediate `kubectl apply` of the results
2020-10-14 23:21:40 +00:00
# Tell tilt to watch all of those files for changes.
watch_file('../../../test/deploy/dex')
Add Dex to our integration test environment and use it to test the CLI. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-10-13 21:09:13 +00:00
Fix some broken resource grouping/ordering in Tiltfile. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-17 18:21:15 +00:00
k8s_resource(objects=['dex:namespace'], new_name='dex-ns')
k8s_resource(workload='cert-issuer', resource_deps=['dex-ns'], objects=[
'cert-issuer:serviceaccount',
'cert-issuer:role',
'cert-issuer:rolebinding',
])
k8s_resource(workload='proxy', resource_deps=['dex-ns'])
k8s_resource(workload='dex', resource_deps=['dex-ns', 'cert-issuer'], objects=[
'dex-config:configmap',
])
Refactor certificate generation for integration test Dex. Before, we did this in an init container, which meant if the Dex pod restarted we would have fresh certs, but our Tilt/bash setup didn't account for this. Now, the certs are generated by a Job which runs once and saves the generated files into a Secret. This should be a bit more stable. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-17 17:24:38 +00:00
Add Dex to our integration test environment and use it to test the CLI. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-10-13 21:09:13 +00:00
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
#####################################################################################################
# Local-user-authenticator app
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
#
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
# Build a container image for local-user-authenticator, with live-update enabled.
docker_build_with_restart('image/local-user-auth', '.',
dockerfile='local-user-authenticator.Dockerfile',
entrypoint=['/usr/local/bin/local-user-authenticator'],
live_update=[sync('./build/local-user-authenticator', '/usr/local/bin/local-user-authenticator')],
only=['./build/local-user-authenticator'],
)
# Render the local-user-authenticator installation manifest using ytt.
k8s_yaml(local([
'ytt',
Move all three deployment dirs under a new top-level `deploy/` dir
2020-10-09 17:00:22 +00:00
'--file', '../../../deploy/local-user-authenticator',
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
'--data-value', 'image_repo=image/local-user-auth',
'--data-value', 'image_tag=tilt-dev',
]))
Tilefile watches for changes in ytt templates - When using `local()` in the Tiltfile it will not know to watch those files for changes, so each time we use `local()` we now also use `watch_file()` - As a result, editing a ytt template file now causes an immediate `kubectl apply` of the results
2020-10-14 23:21:40 +00:00
# Tell tilt to watch all of those files for changes.
watch_file('../../../deploy/local-user-authenticator')
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
# Collect all the deployed local-user-authenticator resources under a "local-user-auth" resource tab.
k8s_resource(
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
workload='local-user-authenticator', # this is the deployment name
new_name='local-user-auth', # this is the name that will appear in the tilt UI
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
objects=[
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
# these are the objects that would otherwise appear in the "uncategorized" tab in the tilt UI
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
'local-user-authenticator:namespace',
'local-user-authenticator:serviceaccount',
'local-user-authenticator:role',
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
'local-user-authenticator:rolebinding',
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
],
)
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
#####################################################################################################
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
# Supervisor app
#
# Build a container image for supervisor, with live-update enabled.
docker_build_with_restart('image/supervisor', '.',
dockerfile='supervisor.Dockerfile',
entrypoint=['/usr/local/bin/pinniped-supervisor'],
live_update=[sync('./build/pinniped-supervisor', '/usr/local/bin/pinniped-supervisor')],
only=['./build/pinniped-supervisor'],
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
)
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
# Render the supervisor installation manifest using ytt.
Add comments for magic 31234 port Also delete hack/lib/kind-config/multi-node.yaml since we don't think we will use it... Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-10-22 21:53:40 +00:00
#
Supervisor listens for HTTPS on port 443 with configurable TLS certs - TLS certificates can be configured on the OIDCProviderConfig using the `secretName` field. - When listening for incoming TLS connections, choose the TLS cert based on the SNI hostname of the incoming request. - Because SNI hostname information on incoming requests does not include the port number of the request, we add a validation that OIDCProviderConfigs where the issuer hostnames (not including port number) are the same must use the same `secretName`. - Note that this approach does not yet support requests made to an IP address instead of a hostname. Also note that `localhost` is considered a hostname by SNI. - Add port 443 as a container port to the pod spec. - A new controller watches for TLS secrets and caches them in memory. That same in-memory cache is used while servicing incoming connections on the TLS port. - Make it easy to configure both port 443 and/or port 80 for various Service types using our ytt templates for the supervisor. - When deploying to kind, add another nodeport and forward it to the host on another port to expose our new HTTPS supervisor port to the host.
2020-10-27 00:03:26 +00:00
# 31234 and 31243 are the same port numbers hardcoded in the port forwarding of our kind configuration.
Add comments for magic 31234 port Also delete hack/lib/kind-config/multi-node.yaml since we don't think we will use it... Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-10-22 21:53:40 +00:00
# Don't think that you can just change this!
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
k8s_yaml(local([
'ytt',
'--file', '../../../deploy/supervisor',
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
'--data-value', 'app_name=pinniped-supervisor',
'--data-value', 'namespace=supervisor',
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
'--data-value', 'image_repo=image/supervisor',
'--data-value', 'image_tag=tilt-dev',
Enable debug logging in all testing scenarios It is really helpful to have verbose logs during test debugging. Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-11 12:51:51 +00:00
'--data-value', 'log_level=debug',
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
'--data-value-yaml', 'replicas=1',
Supervisor listens for HTTPS on port 443 with configurable TLS certs - TLS certificates can be configured on the OIDCProviderConfig using the `secretName` field. - When listening for incoming TLS connections, choose the TLS cert based on the SNI hostname of the incoming request. - Because SNI hostname information on incoming requests does not include the port number of the request, we add a validation that OIDCProviderConfigs where the issuer hostnames (not including port number) are the same must use the same `secretName`. - Note that this approach does not yet support requests made to an IP address instead of a hostname. Also note that `localhost` is considered a hostname by SNI. - Add port 443 as a container port to the pod spec. - A new controller watches for TLS secrets and caches them in memory. That same in-memory cache is used while servicing incoming connections on the TLS port. - Make it easy to configure both port 443 and/or port 80 for various Service types using our ytt templates for the supervisor. - When deploying to kind, add another nodeport and forward it to the host on another port to expose our new HTTPS supervisor port to the host.
2020-10-27 00:03:26 +00:00
'--data-value-yaml', 'service_http_nodeport_port=80',
'--data-value-yaml', 'service_http_nodeport_nodeport=31234',
'--data-value-yaml', 'service_https_nodeport_port=443',
'--data-value-yaml', 'service_https_nodeport_nodeport=31243',
In integration test env, deploy a ClusterIP service and register that with Dex. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-02 16:47:01 +00:00
'--data-value-yaml', 'service_https_clusterip_port=443',
Concierge controllers add labels to all created resources
2020-10-15 17:14:23 +00:00
'--data-value-yaml', 'custom_labels={mySupervisorCustomLabelName: mySupervisorCustomLabelValue}',
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
]))
Tilefile watches for changes in ytt templates - When using `local()` in the Tiltfile it will not know to watch those files for changes, so each time we use `local()` we now also use `watch_file()` - As a result, editing a ytt template file now causes an immediate `kubectl apply` of the results
2020-10-14 23:21:40 +00:00
# Tell tilt to watch all of those files for changes.
watch_file('../../../deploy/supervisor')
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
# Collect all the deployed supervisor resources under a "supervisor" resource tab.
k8s_resource(
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
workload='pinniped-supervisor', # this is the deployment name
new_name='supervisor', # this is the name that will appear in the tilt UI
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
objects=[
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
# these are the objects that would otherwise appear in the "uncategorized" tab in the tilt UI
Rename OIDCProviderConfig to OIDCProvider. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-02 22:24:55 +00:00
'oidcproviders.config.supervisor.pinniped.dev:customresourcedefinition',
Add UpstreamOIDCProvider API type definition. This is essentially just a copy of Andrew's work from https://github.com/vmware-tanzu/pinniped/pull/135. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-10-23 02:03:46 +00:00
'upstreamoidcproviders.idp.supervisor.pinniped.dev:customresourcedefinition',
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
'pinniped-supervisor-static-config:configmap',
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
'supervisor:namespace',
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
'pinniped-supervisor:role',
'pinniped-supervisor:rolebinding',
'pinniped-supervisor:serviceaccount',
],
)
# Build a container image for the Concierge server, with live-update enabled.
docker_build_with_restart('image/concierge', '.',
dockerfile='concierge.Dockerfile',
entrypoint=['/usr/local/bin/pinniped-concierge'],
live_update=[sync('./build/pinniped-concierge', '/usr/local/bin/pinniped-concierge')],
only=['./build/pinniped-concierge'],
)
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
#####################################################################################################
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
# Concierge app
#
# Render the Concierge server installation manifest using ytt.
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
k8s_yaml(local([
'sh', '-c',
Move all three deployment dirs under a new top-level `deploy/` dir
2020-10-09 17:00:22 +00:00
'ytt --file ../../../deploy/concierge ' +
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
'--data-value app_name=pinniped-concierge ' +
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
'--data-value namespace=concierge ' +
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
'--data-value image_repo=image/concierge ' +
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
'--data-value image_tag=tilt-dev ' +
Upgrade golang patch release to 1.15.3 and debian 10.5-slim -> 10.6-slim
2020-11-03 00:17:15 +00:00
'--data-value kube_cert_agent_image=debian:10.6-slim ' +
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
'--data-value discovery_url=$(TERM=dumb kubectl cluster-info | awk \'/Kubernetes master/ {print $NF}\') ' +
Enable debug logging in all testing scenarios It is really helpful to have verbose logs during test debugging. Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-11 12:51:51 +00:00
'--data-value log_level=debug ' +
Concierge controllers add labels to all created resources
2020-10-15 17:14:23 +00:00
'--data-value-yaml replicas=1 ' +
'--data-value-yaml "custom_labels={myConciergeCustomLabelName: myConciergeCustomLabelValue}"'
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
]))
Tilefile watches for changes in ytt templates - When using `local()` in the Tiltfile it will not know to watch those files for changes, so each time we use `local()` we now also use `watch_file()` - As a result, editing a ytt template file now causes an immediate `kubectl apply` of the results
2020-10-14 23:21:40 +00:00
# Tell tilt to watch all of those files for changes.
watch_file('../../../deploy/concierge')
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
# Collect all the deployed local-user-authenticator resources under a "concierge" resource tab.
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
k8s_resource(
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
workload='pinniped-concierge', # this is the deployment name
new_name='concierge', # this is the name that will appear in the tilt UI
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
objects=[
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
# these are the objects that would otherwise appear in the "uncategorized" tab in the tilt UI
'concierge:namespace',
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
'pinniped-concierge-aggregated-api-server:clusterrole',
'pinniped-concierge-aggregated-api-server:clusterrolebinding',
'pinniped-concierge-aggregated-api-server:role',
'pinniped-concierge-aggregated-api-server:rolebinding',
'pinniped-concierge-cluster-info-lister-watcher:role',
'pinniped-concierge-cluster-info-lister-watcher:rolebinding',
'pinniped-concierge-config:configmap',
'pinniped-concierge-create-token-credential-requests:clusterrole',
'pinniped-concierge-create-token-credential-requests:clusterrolebinding',
'pinniped-concierge-extension-apiserver-authentication-reader:rolebinding',
'pinniped-concierge-kube-system-pod-read:role',
'pinniped-concierge-kube-system-pod-read:rolebinding',
'pinniped-concierge:clusterrolebinding',
'pinniped-concierge:serviceaccount',
Rename CredentialIssuerConfig to CredentialIssuer. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-02 21:39:43 +00:00
'credentialissuers.config.concierge.pinniped.dev:customresourcedefinition',
Rename WebhookIdentityProvider to WebhookAuthenticator. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-10-30 16:39:26 +00:00
'webhookauthenticators.authentication.concierge.pinniped.dev:customresourcedefinition',
Rename login API to `login.concierge.pinniped.dev`. This is the first of a few related changes that re-organize our API after the big recent changes that introduced the supervisor component. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-10-30 14:34:43 +00:00
'v1alpha1.login.concierge.pinniped.dev:apiservice',
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
],
)
Allow creation of different Service types in Supervisor ytt templates - Tiltfile and prepare-for-integration-tests.sh both specify the NodePort Service using `--data-value-yaml 'service_nodeport_port=31234'` - Also rename the namespaces used by the Concierge and Supervisor apps during integration tests running locally
2020-10-09 23:00:11 +00:00
#####################################################################################################
Make tilt work with the supervisor app and add more uninstall testing - Also continue renaming things related to the concierge app - Enhance the uninstall test to also test uninstalling the supervisor and local-user-authenticator apps
2020-10-09 21:25:34 +00:00
# Finish setting up cluster and creating integration test env file
#
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
# Collect environment variables needed to run our integration test suite.
local_resource(
'test-env',
'TILT_MODE=yes ../../prepare-for-integration-tests.sh',
Fix some broken resource grouping/ordering in Tiltfile. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-17 18:21:15 +00:00
resource_deps=['local-user-auth', 'concierge', 'supervisor', 'dex', 'proxy'],
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
deps=['../../prepare-for-integration-tests.sh'],
)