From dd151b3f5052f0d922f10460d724fcc6ae9b56c7 Mon Sep 17 00:00:00 2001 From: Matt Moyer Date: Mon, 1 Mar 2021 11:31:27 -0600 Subject: [PATCH 1/8] Fix missing titles on website docs. Also fixes our sitemap to have correct `lastmod` times when built locally (it was already correct on Netlify). Signed-off-by: Matt Moyer --- site/config.yaml | 4 +++- site/content/docs/_index.md | 3 +-- site/content/docs/background/_index.md | 3 +-- site/content/docs/reference/_index.md | 3 +-- site/content/docs/tutorials/_index.md | 3 +-- 5 files changed, 7 insertions(+), 9 deletions(-) diff --git a/site/config.yaml b/site/config.yaml index 406a5703..f3bdbe69 100644 --- a/site/config.yaml +++ b/site/config.yaml @@ -31,4 +31,6 @@ related: - name: date weight: 50 threshold: 0 - toLower: true \ No newline at end of file + toLower: true + +enableGitInfo: true diff --git a/site/content/docs/_index.md b/site/content/docs/_index.md index 704c0d52..f77233ce 100644 --- a/site/content/docs/_index.md +++ b/site/content/docs/_index.md @@ -1,4 +1,5 @@ --- +title: Getting Started with Pinniped cascade: layout: docs menu: @@ -7,8 +8,6 @@ menu: weight: 1 --- -# Getting started with Pinniped - Pinniped is an authentication service for Kubernetes clusters. As a Kubernetes cluster administrator or user, you can learn how Pinniped works, see how to use it on your clusters, and dive into internals of Pinniped's APIs and architecture. diff --git a/site/content/docs/background/_index.md b/site/content/docs/background/_index.md index 74240e8e..d16b0b58 100644 --- a/site/content/docs/background/_index.md +++ b/site/content/docs/background/_index.md @@ -1,4 +1,5 @@ --- +title: Pinniped Background cascade: layout: docs menu: @@ -8,6 +9,4 @@ menu: weight: 110 --- -# Pinniped background - {{< docsmenu "background" >}} diff --git a/site/content/docs/reference/_index.md b/site/content/docs/reference/_index.md index 052154c5..57e36afc 100644 --- a/site/content/docs/reference/_index.md +++ b/site/content/docs/reference/_index.md @@ -1,4 +1,5 @@ --- +title: Pinniped Reference cascade: layout: docs menu: @@ -8,6 +9,4 @@ menu: weight: 100 --- -# Pinniped reference - {{< docsmenu "reference" >}} diff --git a/site/content/docs/tutorials/_index.md b/site/content/docs/tutorials/_index.md index b95b06cd..651d3fdb 100644 --- a/site/content/docs/tutorials/_index.md +++ b/site/content/docs/tutorials/_index.md @@ -1,4 +1,5 @@ --- +title: Pinniped Tutorials cascade: layout: docs menu: @@ -8,8 +9,6 @@ menu: weight: 40 --- -# Pinniped tutorials - These tutorials demonstrate how to use the Pinniped command-line tool, Concierge, and Supervisor: {{< docsmenu "tutorials" >}} From 2637dc00daca64c23d84b8960cb2f239c1387791 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 17 Feb 2021 05:54:07 +0000 Subject: [PATCH 2/8] Bump golang from 1.15.8 to 1.16.0 Bumps golang from 1.15.8 to 1.16.0. Signed-off-by: dependabot[bot] --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 75f33572..7ee09d32 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ # Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. # SPDX-License-Identifier: Apache-2.0 -FROM golang:1.15.8 as build-env +FROM golang:1.16.0 as build-env WORKDIR /work COPY . . From f05c3092b511a1b500d51d79f29d0c85acf29cae Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 25 Feb 2021 15:39:25 +0000 Subject: [PATCH 3/8] Bump github.com/go-openapi/spec from 0.19.9 to 0.20.3 Bumps [github.com/go-openapi/spec](https://github.com/go-openapi/spec) from 0.19.9 to 0.20.3. - [Release notes](https://github.com/go-openapi/spec/releases) - [Commits](https://github.com/go-openapi/spec/compare/v0.19.9...v0.20.3) Signed-off-by: dependabot[bot] --- go.mod | 6 +----- go.sum | 24 ++++++++++++++++++++---- 2 files changed, 21 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index 7547f3cb..c15818ff 100644 --- a/go.mod +++ b/go.mod @@ -9,14 +9,12 @@ require ( github.com/davecgh/go-spew v1.1.1 github.com/go-logr/logr v0.4.0 github.com/go-logr/stdr v0.4.0 - github.com/go-openapi/spec v0.19.9 + github.com/go-openapi/spec v0.20.3 github.com/gofrs/flock v0.8.0 github.com/golang/mock v1.4.4 github.com/google/go-cmp v0.5.4 github.com/google/gofuzz v1.2.0 github.com/gorilla/securecookie v1.1.1 - github.com/kr/text v0.2.0 // indirect - github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect github.com/oleiade/reflections v1.0.1 // indirect github.com/onsi/ginkgo v1.13.0 // indirect github.com/ory/fosite v0.36.0 @@ -31,9 +29,7 @@ require ( golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d golang.org/x/sync v0.0.0-20201207232520-09787c993a3a golang.org/x/tools v0.0.0-20200825202427-b303f430e36d // indirect - gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f // indirect gopkg.in/square/go-jose.v2 v2.5.1 - gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 // indirect k8s.io/api v0.20.4 k8s.io/apimachinery v0.20.4 k8s.io/apiserver v0.20.4 diff --git a/go.sum b/go.sum index a8bc54aa..ad6c794b 100644 --- a/go.sum +++ b/go.sum @@ -216,16 +216,20 @@ github.com/go-logr/stdr v0.4.0/go.mod h1:NO1vneyJDqKVgJYnxhwXWWmQPOvNM391IG3H8ql github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= github.com/go-openapi/jsonpointer v0.19.3 h1:gihV7YNZK1iK6Tgwwsxo2rJbD1GTbdm72325Bq8FI3w= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY= +github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/jsonreference v0.19.4 h1:3Vw+rh13uq2JFNxgnMTGE1rnoieU9FmyE1gvnyylsYg= -github.com/go-openapi/jsonreference v0.19.4/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg= +github.com/go-openapi/jsonreference v0.19.5 h1:1WJP/wi4OjB4iV8KVbH73rQaoialJrqv8gitZLxGLtM= +github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg= github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= -github.com/go-openapi/spec v0.19.9 h1:9z9cbFuZJ7AcvOHKIY+f6Aevb4vObNDkTEyoMfO7rAc= -github.com/go-openapi/spec v0.19.9/go.mod h1:vqK/dIdLGCosfvYsQV3WfC7N3TiZSnGY2RZKoFK7X28= +github.com/go-openapi/spec v0.20.3 h1:uH9RQ6vdyPSs2pSy9fL8QPspDF2AMIMPtmK5coSSjtQ= +github.com/go-openapi/spec v0.20.3/go.mod h1:gG4F8wdEDN+YPBMVnzE85Rbhf+Th2DTvA9nFPQ5AYEg= github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.5 h1:lTz6Ys4CmqqCQmZPBlbQENR1/GucA2bzYTE12Pw4tFY= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/go-openapi/swag v0.19.14 h1:gm3vOOXfiuw5i9p5N9xJvfjvuofpyvLA9Wr6QfK5Fng= +github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= @@ -635,6 +639,8 @@ github.com/joho/godotenv v1.2.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqx github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= github.com/jonboulle/clockwork v0.1.0 h1:VKV+ZcuP6l3yW9doeqz6ziZGgcynBVQO+obU0+0hcPo= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= +github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= +github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68= @@ -688,6 +694,8 @@ github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.0 h1:aizVhC/NAAcKWb+5QsU1iNOZb4Yws5UO2I+aIprQITM= github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= +github.com/mailru/easyjson v0.7.6 h1:8yTIVnZgCoiM1TgqoeTl+LfU5Jg6/xL3QhGQnimLYnA= +github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/markbates/deplist v1.0.4/go.mod h1:gRRbPbbuA8TmMiRvaOzUlRfzfjeCCBqX2A6arxN01MM= github.com/markbates/deplist v1.0.5/go.mod h1:gRRbPbbuA8TmMiRvaOzUlRfzfjeCCBqX2A6arxN01MM= github.com/markbates/deplist v1.1.3/go.mod h1:BF7ioVzAJYEtzQN/os4rt8H8Ti3h0T7EoN+7eyALktE= @@ -1171,6 +1179,8 @@ golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/ golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20210119194325-5f4716e94777 h1:003p0dJM77cxMSyCPFphvZf/Y5/NXf5fzg6ufd1/Oew= +golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181003184128-c57b0facaced/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1257,8 +1267,12 @@ golang.org/x/sys v0.0.0-20200720211630-cb9d2d5c5666/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201112073958-5cba982894dd h1:5CtCZbICpIOFdgO940moixOPjc0178IU44m4EjOO5IY= golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 h1:nxC68pudNYkKU6jWhgrqdreuFiOQWj1Fs7T3VrH4Pjw= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221 h1:/ZHdbVpdR/jk3g30/d4yUL0JU9kksj8+F/bnQUVLGDM= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1266,6 +1280,8 @@ golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4 h1:0YWbFKbhXG/wIiuHDSKpS0Iy7FSA+u45VtBMfQcFTTc= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.5 h1:i6eZZ+zk0SOf0xgBpEpPD18qWcJda6q1sxt3S0kzyUQ= +golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= From 04ef7c5456de5a6811b72112d00034606c83c90a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 25 Feb 2021 15:39:48 +0000 Subject: [PATCH 4/8] Bump github.com/ory/fosite from 0.36.0 to 0.38.0 Bumps [github.com/ory/fosite](https://github.com/ory/fosite) from 0.36.0 to 0.38.0. - [Release notes](https://github.com/ory/fosite/releases) - [Changelog](https://github.com/ory/fosite/blob/master/CHANGELOG.md) - [Commits](https://github.com/ory/fosite/compare/v0.36.0...v0.38.0) Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index c15818ff..4d85ac34 100644 --- a/go.mod +++ b/go.mod @@ -17,7 +17,7 @@ require ( github.com/gorilla/securecookie v1.1.1 github.com/oleiade/reflections v1.0.1 // indirect github.com/onsi/ginkgo v1.13.0 // indirect - github.com/ory/fosite v0.36.0 + github.com/ory/fosite v0.38.0 github.com/pkg/browser v0.0.0-20201207095918-0426ae3fba23 github.com/pkg/errors v0.9.1 github.com/sclevine/agouti v3.0.0+incompatible diff --git a/go.sum b/go.sum index ad6c794b..aadcb260 100644 --- a/go.sum +++ b/go.sum @@ -817,8 +817,8 @@ github.com/ory/analytics-go/v4 v4.0.0/go.mod h1:FMx9cLRD9xN+XevPvZ5FDMfignpmcqPP github.com/ory/dockertest v3.3.5+incompatible/go.mod h1:1vX4m9wsvi00u5bseYwXaSnhNrne+V0E6LAcBILJdPs= github.com/ory/dockertest/v3 v3.5.4/go.mod h1:J8ZUbNB2FOhm1cFZW9xBpDsODqsSWcyYgtJYVPcnF70= github.com/ory/fosite v0.29.0/go.mod h1:0atSZmXO7CAcs6NPMI/Qtot8tmZYj04Nddoold4S2h0= -github.com/ory/fosite v0.36.0 h1:6XGd9sE0h/y6XJx3L3iRm/UFPHVEnARQch0YFxvxziQ= -github.com/ory/fosite v0.36.0/go.mod h1:NE15bS1ya8E4J8VmminFY+nsZdoBQu+5/vGF2ELvDsY= +github.com/ory/fosite v0.38.0 h1:4y+IurqBAu/Gf0NlW47gabRJZyYIqda+OFHMx5fsy6Q= +github.com/ory/fosite v0.38.0/go.mod h1:37r59qkOSPueYKmaA7EHiXrDMF1B+XPN+MgkZgTRg3Y= github.com/ory/go-acc v0.0.0-20181118080137-ddc355013f90/go.mod h1:sxnvPCxChFuSmTJGj8FdMupeq1BezCiEpDjTUXQ4hf4= github.com/ory/go-acc v0.2.5 h1:31irXHzG2vnKQSE4weJm7AdfrnpaVjVCq3nD7viXCJE= github.com/ory/go-acc v0.2.5/go.mod h1:4Kb/UnPcT8qRAk3IAxta+hvVapdxTLWtrr7bFLlEgpw= @@ -1091,8 +1091,8 @@ golang.org/x/crypto v0.0.0-20200320181102-891825fb96df/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200709230013-948cd5f35899/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20201217014255-9d1352758620 h1:3wPMTskHO3+O6jqTEXyFcsnuxMQOqYSaHsDxcbUXpqA= golang.org/x/crypto v0.0.0-20201217014255-9d1352758620/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= From da6d69d80723803f250ef17f031c602867005a90 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 25 Feb 2021 15:39:55 +0000 Subject: [PATCH 5/8] Bump github.com/golang/mock from 1.4.4 to 1.5.0 Bumps [github.com/golang/mock](https://github.com/golang/mock) from 1.4.4 to 1.5.0. - [Release notes](https://github.com/golang/mock/releases) - [Changelog](https://github.com/golang/mock/blob/master/.goreleaser.yml) - [Commits](https://github.com/golang/mock/compare/v1.4.4...v1.5.0) Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/go.mod b/go.mod index 4d85ac34..eb6c811c 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/go-logr/stdr v0.4.0 github.com/go-openapi/spec v0.20.3 github.com/gofrs/flock v0.8.0 - github.com/golang/mock v1.4.4 + github.com/golang/mock v1.5.0 github.com/google/go-cmp v0.5.4 github.com/google/gofuzz v1.2.0 github.com/gorilla/securecookie v1.1.1 diff --git a/go.sum b/go.sum index aadcb260..00df0a18 100644 --- a/go.sum +++ b/go.sum @@ -490,8 +490,9 @@ github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFU github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.4 h1:l75CXGRSwbaYNpl/Z2X1XIIAMSCquvXgpVZDhwEIJsc= github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= +github.com/golang/mock v1.5.0 h1:jlYHihg//f7RRwuPfptm04yp4s7O6Kw8EZiVYIGcH0g= +github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= From 234465789b5bf579315c56a8aceb332afb80ac04 Mon Sep 17 00:00:00 2001 From: Matt Moyer Date: Mon, 1 Mar 2021 10:08:57 -0600 Subject: [PATCH 6/8] Regenerate gomock mocks with v1.5.0. Signed-off-by: Matt Moyer --- .../credentialrequestmocks.go | 27 +++++------ internal/mocks/mockkeyset/mockkeyset.go | 19 ++++---- .../mocksecrethelper/mocksecrethelper.go | 31 ++++++------ .../mocktokenauthenticator.go | 17 +++---- .../mocktokenauthenticatorcloser.go | 21 +++++---- .../mockupstreamoidcidentityprovider.go | 47 ++++++++++--------- 6 files changed, 82 insertions(+), 80 deletions(-) diff --git a/internal/mocks/credentialrequestmocks/credentialrequestmocks.go b/internal/mocks/credentialrequestmocks/credentialrequestmocks.go index afbee707..58bd134d 100644 --- a/internal/mocks/credentialrequestmocks/credentialrequestmocks.go +++ b/internal/mocks/credentialrequestmocks/credentialrequestmocks.go @@ -15,35 +15,34 @@ import ( time "time" gomock "github.com/golang/mock/gomock" - user "k8s.io/apiserver/pkg/authentication/user" - login "go.pinniped.dev/generated/latest/apis/concierge/login" + user "k8s.io/apiserver/pkg/authentication/user" ) -// MockCertIssuer is a mock of CertIssuer interface +// MockCertIssuer is a mock of CertIssuer interface. type MockCertIssuer struct { ctrl *gomock.Controller recorder *MockCertIssuerMockRecorder } -// MockCertIssuerMockRecorder is the mock recorder for MockCertIssuer +// MockCertIssuerMockRecorder is the mock recorder for MockCertIssuer. type MockCertIssuerMockRecorder struct { mock *MockCertIssuer } -// NewMockCertIssuer creates a new mock instance +// NewMockCertIssuer creates a new mock instance. func NewMockCertIssuer(ctrl *gomock.Controller) *MockCertIssuer { mock := &MockCertIssuer{ctrl: ctrl} mock.recorder = &MockCertIssuerMockRecorder{mock} return mock } -// EXPECT returns an object that allows the caller to indicate expected use +// EXPECT returns an object that allows the caller to indicate expected use. func (m *MockCertIssuer) EXPECT() *MockCertIssuerMockRecorder { return m.recorder } -// IssuePEM mocks base method +// IssuePEM mocks base method. func (m *MockCertIssuer) IssuePEM(arg0 pkix.Name, arg1 []string, arg2 time.Duration) ([]byte, []byte, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "IssuePEM", arg0, arg1, arg2) @@ -53,36 +52,36 @@ func (m *MockCertIssuer) IssuePEM(arg0 pkix.Name, arg1 []string, arg2 time.Durat return ret0, ret1, ret2 } -// IssuePEM indicates an expected call of IssuePEM +// IssuePEM indicates an expected call of IssuePEM. func (mr *MockCertIssuerMockRecorder) IssuePEM(arg0, arg1, arg2 interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "IssuePEM", reflect.TypeOf((*MockCertIssuer)(nil).IssuePEM), arg0, arg1, arg2) } -// MockTokenCredentialRequestAuthenticator is a mock of TokenCredentialRequestAuthenticator interface +// MockTokenCredentialRequestAuthenticator is a mock of TokenCredentialRequestAuthenticator interface. type MockTokenCredentialRequestAuthenticator struct { ctrl *gomock.Controller recorder *MockTokenCredentialRequestAuthenticatorMockRecorder } -// MockTokenCredentialRequestAuthenticatorMockRecorder is the mock recorder for MockTokenCredentialRequestAuthenticator +// MockTokenCredentialRequestAuthenticatorMockRecorder is the mock recorder for MockTokenCredentialRequestAuthenticator. type MockTokenCredentialRequestAuthenticatorMockRecorder struct { mock *MockTokenCredentialRequestAuthenticator } -// NewMockTokenCredentialRequestAuthenticator creates a new mock instance +// NewMockTokenCredentialRequestAuthenticator creates a new mock instance. func NewMockTokenCredentialRequestAuthenticator(ctrl *gomock.Controller) *MockTokenCredentialRequestAuthenticator { mock := &MockTokenCredentialRequestAuthenticator{ctrl: ctrl} mock.recorder = &MockTokenCredentialRequestAuthenticatorMockRecorder{mock} return mock } -// EXPECT returns an object that allows the caller to indicate expected use +// EXPECT returns an object that allows the caller to indicate expected use. func (m *MockTokenCredentialRequestAuthenticator) EXPECT() *MockTokenCredentialRequestAuthenticatorMockRecorder { return m.recorder } -// AuthenticateTokenCredentialRequest mocks base method +// AuthenticateTokenCredentialRequest mocks base method. func (m *MockTokenCredentialRequestAuthenticator) AuthenticateTokenCredentialRequest(arg0 context.Context, arg1 *login.TokenCredentialRequest) (user.Info, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "AuthenticateTokenCredentialRequest", arg0, arg1) @@ -91,7 +90,7 @@ func (m *MockTokenCredentialRequestAuthenticator) AuthenticateTokenCredentialReq return ret0, ret1 } -// AuthenticateTokenCredentialRequest indicates an expected call of AuthenticateTokenCredentialRequest +// AuthenticateTokenCredentialRequest indicates an expected call of AuthenticateTokenCredentialRequest. func (mr *MockTokenCredentialRequestAuthenticatorMockRecorder) AuthenticateTokenCredentialRequest(arg0, arg1 interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AuthenticateTokenCredentialRequest", reflect.TypeOf((*MockTokenCredentialRequestAuthenticator)(nil).AuthenticateTokenCredentialRequest), arg0, arg1) diff --git a/internal/mocks/mockkeyset/mockkeyset.go b/internal/mocks/mockkeyset/mockkeyset.go index ff1050ff..a2cb28e6 100644 --- a/internal/mocks/mockkeyset/mockkeyset.go +++ b/internal/mocks/mockkeyset/mockkeyset.go @@ -1,43 +1,44 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // // Code generated by MockGen. DO NOT EDIT. -// Source: github.com/coreos/go-oidc (interfaces: KeySet) +// Source: github.com/coreos/go-oidc/v3/oidc (interfaces: KeySet) // Package mockkeyset is a generated GoMock package. package mockkeyset import ( context "context" - gomock "github.com/golang/mock/gomock" reflect "reflect" + + gomock "github.com/golang/mock/gomock" ) -// MockKeySet is a mock of KeySet interface +// MockKeySet is a mock of KeySet interface. type MockKeySet struct { ctrl *gomock.Controller recorder *MockKeySetMockRecorder } -// MockKeySetMockRecorder is the mock recorder for MockKeySet +// MockKeySetMockRecorder is the mock recorder for MockKeySet. type MockKeySetMockRecorder struct { mock *MockKeySet } -// NewMockKeySet creates a new mock instance +// NewMockKeySet creates a new mock instance. func NewMockKeySet(ctrl *gomock.Controller) *MockKeySet { mock := &MockKeySet{ctrl: ctrl} mock.recorder = &MockKeySetMockRecorder{mock} return mock } -// EXPECT returns an object that allows the caller to indicate expected use +// EXPECT returns an object that allows the caller to indicate expected use. func (m *MockKeySet) EXPECT() *MockKeySetMockRecorder { return m.recorder } -// VerifySignature mocks base method +// VerifySignature mocks base method. func (m *MockKeySet) VerifySignature(arg0 context.Context, arg1 string) ([]byte, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "VerifySignature", arg0, arg1) @@ -46,7 +47,7 @@ func (m *MockKeySet) VerifySignature(arg0 context.Context, arg1 string) ([]byte, return ret0, ret1 } -// VerifySignature indicates an expected call of VerifySignature +// VerifySignature indicates an expected call of VerifySignature. func (mr *MockKeySetMockRecorder) VerifySignature(arg0, arg1 interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "VerifySignature", reflect.TypeOf((*MockKeySet)(nil).VerifySignature), arg0, arg1) diff --git a/internal/mocks/mocksecrethelper/mocksecrethelper.go b/internal/mocks/mocksecrethelper/mocksecrethelper.go index 6003de78..051c7548 100644 --- a/internal/mocks/mocksecrethelper/mocksecrethelper.go +++ b/internal/mocks/mocksecrethelper/mocksecrethelper.go @@ -12,36 +12,35 @@ import ( reflect "reflect" gomock "github.com/golang/mock/gomock" + v1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" v1 "k8s.io/api/core/v1" v10 "k8s.io/apimachinery/pkg/apis/meta/v1" - - v1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" ) -// MockSecretHelper is a mock of SecretHelper interface +// MockSecretHelper is a mock of SecretHelper interface. type MockSecretHelper struct { ctrl *gomock.Controller recorder *MockSecretHelperMockRecorder } -// MockSecretHelperMockRecorder is the mock recorder for MockSecretHelper +// MockSecretHelperMockRecorder is the mock recorder for MockSecretHelper. type MockSecretHelperMockRecorder struct { mock *MockSecretHelper } -// NewMockSecretHelper creates a new mock instance +// NewMockSecretHelper creates a new mock instance. func NewMockSecretHelper(ctrl *gomock.Controller) *MockSecretHelper { mock := &MockSecretHelper{ctrl: ctrl} mock.recorder = &MockSecretHelperMockRecorder{mock} return mock } -// EXPECT returns an object that allows the caller to indicate expected use +// EXPECT returns an object that allows the caller to indicate expected use. func (m *MockSecretHelper) EXPECT() *MockSecretHelperMockRecorder { return m.recorder } -// Generate mocks base method +// Generate mocks base method. func (m *MockSecretHelper) Generate(arg0 *v1alpha1.FederationDomain) (*v1.Secret, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "Generate", arg0) @@ -50,13 +49,13 @@ func (m *MockSecretHelper) Generate(arg0 *v1alpha1.FederationDomain) (*v1.Secret return ret0, ret1 } -// Generate indicates an expected call of Generate +// Generate indicates an expected call of Generate. func (mr *MockSecretHelperMockRecorder) Generate(arg0 interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Generate", reflect.TypeOf((*MockSecretHelper)(nil).Generate), arg0) } -// Handles mocks base method +// Handles mocks base method. func (m *MockSecretHelper) Handles(arg0 v10.Object) bool { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "Handles", arg0) @@ -64,13 +63,13 @@ func (m *MockSecretHelper) Handles(arg0 v10.Object) bool { return ret0 } -// Handles indicates an expected call of Handles +// Handles indicates an expected call of Handles. func (mr *MockSecretHelperMockRecorder) Handles(arg0 interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Handles", reflect.TypeOf((*MockSecretHelper)(nil).Handles), arg0) } -// IsValid mocks base method +// IsValid mocks base method. func (m *MockSecretHelper) IsValid(arg0 *v1alpha1.FederationDomain, arg1 *v1.Secret) bool { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "IsValid", arg0, arg1) @@ -78,13 +77,13 @@ func (m *MockSecretHelper) IsValid(arg0 *v1alpha1.FederationDomain, arg1 *v1.Sec return ret0 } -// IsValid indicates an expected call of IsValid +// IsValid indicates an expected call of IsValid. func (mr *MockSecretHelperMockRecorder) IsValid(arg0, arg1 interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "IsValid", reflect.TypeOf((*MockSecretHelper)(nil).IsValid), arg0, arg1) } -// NamePrefix mocks base method +// NamePrefix mocks base method. func (m *MockSecretHelper) NamePrefix() string { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "NamePrefix") @@ -92,13 +91,13 @@ func (m *MockSecretHelper) NamePrefix() string { return ret0 } -// NamePrefix indicates an expected call of NamePrefix +// NamePrefix indicates an expected call of NamePrefix. func (mr *MockSecretHelperMockRecorder) NamePrefix() *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NamePrefix", reflect.TypeOf((*MockSecretHelper)(nil).NamePrefix)) } -// ObserveActiveSecretAndUpdateParentFederationDomain mocks base method +// ObserveActiveSecretAndUpdateParentFederationDomain mocks base method. func (m *MockSecretHelper) ObserveActiveSecretAndUpdateParentFederationDomain(arg0 *v1alpha1.FederationDomain, arg1 *v1.Secret) *v1alpha1.FederationDomain { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "ObserveActiveSecretAndUpdateParentFederationDomain", arg0, arg1) @@ -106,7 +105,7 @@ func (m *MockSecretHelper) ObserveActiveSecretAndUpdateParentFederationDomain(ar return ret0 } -// ObserveActiveSecretAndUpdateParentFederationDomain indicates an expected call of ObserveActiveSecretAndUpdateParentFederationDomain +// ObserveActiveSecretAndUpdateParentFederationDomain indicates an expected call of ObserveActiveSecretAndUpdateParentFederationDomain. func (mr *MockSecretHelperMockRecorder) ObserveActiveSecretAndUpdateParentFederationDomain(arg0, arg1 interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ObserveActiveSecretAndUpdateParentFederationDomain", reflect.TypeOf((*MockSecretHelper)(nil).ObserveActiveSecretAndUpdateParentFederationDomain), arg0, arg1) diff --git a/internal/mocks/mocktokenauthenticator/mocktokenauthenticator.go b/internal/mocks/mocktokenauthenticator/mocktokenauthenticator.go index b43334f3..31349d33 100644 --- a/internal/mocks/mocktokenauthenticator/mocktokenauthenticator.go +++ b/internal/mocks/mocktokenauthenticator/mocktokenauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // @@ -10,35 +10,36 @@ package mocktokenauthenticator import ( context "context" + reflect "reflect" + gomock "github.com/golang/mock/gomock" authenticator "k8s.io/apiserver/pkg/authentication/authenticator" - reflect "reflect" ) -// MockToken is a mock of Token interface +// MockToken is a mock of Token interface. type MockToken struct { ctrl *gomock.Controller recorder *MockTokenMockRecorder } -// MockTokenMockRecorder is the mock recorder for MockToken +// MockTokenMockRecorder is the mock recorder for MockToken. type MockTokenMockRecorder struct { mock *MockToken } -// NewMockToken creates a new mock instance +// NewMockToken creates a new mock instance. func NewMockToken(ctrl *gomock.Controller) *MockToken { mock := &MockToken{ctrl: ctrl} mock.recorder = &MockTokenMockRecorder{mock} return mock } -// EXPECT returns an object that allows the caller to indicate expected use +// EXPECT returns an object that allows the caller to indicate expected use. func (m *MockToken) EXPECT() *MockTokenMockRecorder { return m.recorder } -// AuthenticateToken mocks base method +// AuthenticateToken mocks base method. func (m *MockToken) AuthenticateToken(arg0 context.Context, arg1 string) (*authenticator.Response, bool, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "AuthenticateToken", arg0, arg1) @@ -48,7 +49,7 @@ func (m *MockToken) AuthenticateToken(arg0 context.Context, arg1 string) (*authe return ret0, ret1, ret2 } -// AuthenticateToken indicates an expected call of AuthenticateToken +// AuthenticateToken indicates an expected call of AuthenticateToken. func (mr *MockTokenMockRecorder) AuthenticateToken(arg0, arg1 interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AuthenticateToken", reflect.TypeOf((*MockToken)(nil).AuthenticateToken), arg0, arg1) diff --git a/internal/mocks/mocktokenauthenticatorcloser/mocktokenauthenticatorcloser.go b/internal/mocks/mocktokenauthenticatorcloser/mocktokenauthenticatorcloser.go index c4ddc1f4..b8c7c28c 100644 --- a/internal/mocks/mocktokenauthenticatorcloser/mocktokenauthenticatorcloser.go +++ b/internal/mocks/mocktokenauthenticatorcloser/mocktokenauthenticatorcloser.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // @@ -10,35 +10,36 @@ package mocktokenauthenticatorcloser import ( context "context" + reflect "reflect" + gomock "github.com/golang/mock/gomock" authenticator "k8s.io/apiserver/pkg/authentication/authenticator" - reflect "reflect" ) -// MockTokenAuthenticatorCloser is a mock of TokenAuthenticatorCloser interface +// MockTokenAuthenticatorCloser is a mock of TokenAuthenticatorCloser interface. type MockTokenAuthenticatorCloser struct { ctrl *gomock.Controller recorder *MockTokenAuthenticatorCloserMockRecorder } -// MockTokenAuthenticatorCloserMockRecorder is the mock recorder for MockTokenAuthenticatorCloser +// MockTokenAuthenticatorCloserMockRecorder is the mock recorder for MockTokenAuthenticatorCloser. type MockTokenAuthenticatorCloserMockRecorder struct { mock *MockTokenAuthenticatorCloser } -// NewMockTokenAuthenticatorCloser creates a new mock instance +// NewMockTokenAuthenticatorCloser creates a new mock instance. func NewMockTokenAuthenticatorCloser(ctrl *gomock.Controller) *MockTokenAuthenticatorCloser { mock := &MockTokenAuthenticatorCloser{ctrl: ctrl} mock.recorder = &MockTokenAuthenticatorCloserMockRecorder{mock} return mock } -// EXPECT returns an object that allows the caller to indicate expected use +// EXPECT returns an object that allows the caller to indicate expected use. func (m *MockTokenAuthenticatorCloser) EXPECT() *MockTokenAuthenticatorCloserMockRecorder { return m.recorder } -// AuthenticateToken mocks base method +// AuthenticateToken mocks base method. func (m *MockTokenAuthenticatorCloser) AuthenticateToken(arg0 context.Context, arg1 string) (*authenticator.Response, bool, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "AuthenticateToken", arg0, arg1) @@ -48,19 +49,19 @@ func (m *MockTokenAuthenticatorCloser) AuthenticateToken(arg0 context.Context, a return ret0, ret1, ret2 } -// AuthenticateToken indicates an expected call of AuthenticateToken +// AuthenticateToken indicates an expected call of AuthenticateToken. func (mr *MockTokenAuthenticatorCloserMockRecorder) AuthenticateToken(arg0, arg1 interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AuthenticateToken", reflect.TypeOf((*MockTokenAuthenticatorCloser)(nil).AuthenticateToken), arg0, arg1) } -// Close mocks base method +// Close mocks base method. func (m *MockTokenAuthenticatorCloser) Close() { m.ctrl.T.Helper() m.ctrl.Call(m, "Close") } -// Close indicates an expected call of Close +// Close indicates an expected call of Close. func (mr *MockTokenAuthenticatorCloserMockRecorder) Close() *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Close", reflect.TypeOf((*MockTokenAuthenticatorCloser)(nil).Close)) diff --git a/internal/mocks/mockupstreamoidcidentityprovider/mockupstreamoidcidentityprovider.go b/internal/mocks/mockupstreamoidcidentityprovider/mockupstreamoidcidentityprovider.go index 539f5727..0414fd41 100644 --- a/internal/mocks/mockupstreamoidcidentityprovider/mockupstreamoidcidentityprovider.go +++ b/internal/mocks/mockupstreamoidcidentityprovider/mockupstreamoidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // @@ -10,39 +10,40 @@ package mockupstreamoidcidentityprovider import ( context "context" + url "net/url" + reflect "reflect" + gomock "github.com/golang/mock/gomock" nonce "go.pinniped.dev/pkg/oidcclient/nonce" oidctypes "go.pinniped.dev/pkg/oidcclient/oidctypes" pkce "go.pinniped.dev/pkg/oidcclient/pkce" oauth2 "golang.org/x/oauth2" - url "net/url" - reflect "reflect" ) -// MockUpstreamOIDCIdentityProviderI is a mock of UpstreamOIDCIdentityProviderI interface +// MockUpstreamOIDCIdentityProviderI is a mock of UpstreamOIDCIdentityProviderI interface. type MockUpstreamOIDCIdentityProviderI struct { ctrl *gomock.Controller recorder *MockUpstreamOIDCIdentityProviderIMockRecorder } -// MockUpstreamOIDCIdentityProviderIMockRecorder is the mock recorder for MockUpstreamOIDCIdentityProviderI +// MockUpstreamOIDCIdentityProviderIMockRecorder is the mock recorder for MockUpstreamOIDCIdentityProviderI. type MockUpstreamOIDCIdentityProviderIMockRecorder struct { mock *MockUpstreamOIDCIdentityProviderI } -// NewMockUpstreamOIDCIdentityProviderI creates a new mock instance +// NewMockUpstreamOIDCIdentityProviderI creates a new mock instance. func NewMockUpstreamOIDCIdentityProviderI(ctrl *gomock.Controller) *MockUpstreamOIDCIdentityProviderI { mock := &MockUpstreamOIDCIdentityProviderI{ctrl: ctrl} mock.recorder = &MockUpstreamOIDCIdentityProviderIMockRecorder{mock} return mock } -// EXPECT returns an object that allows the caller to indicate expected use +// EXPECT returns an object that allows the caller to indicate expected use. func (m *MockUpstreamOIDCIdentityProviderI) EXPECT() *MockUpstreamOIDCIdentityProviderIMockRecorder { return m.recorder } -// ExchangeAuthcodeAndValidateTokens mocks base method +// ExchangeAuthcodeAndValidateTokens mocks base method. func (m *MockUpstreamOIDCIdentityProviderI) ExchangeAuthcodeAndValidateTokens(arg0 context.Context, arg1 string, arg2 pkce.Code, arg3 nonce.Nonce, arg4 string) (*oidctypes.Token, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "ExchangeAuthcodeAndValidateTokens", arg0, arg1, arg2, arg3, arg4) @@ -51,13 +52,13 @@ func (m *MockUpstreamOIDCIdentityProviderI) ExchangeAuthcodeAndValidateTokens(ar return ret0, ret1 } -// ExchangeAuthcodeAndValidateTokens indicates an expected call of ExchangeAuthcodeAndValidateTokens +// ExchangeAuthcodeAndValidateTokens indicates an expected call of ExchangeAuthcodeAndValidateTokens. func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) ExchangeAuthcodeAndValidateTokens(arg0, arg1, arg2, arg3, arg4 interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ExchangeAuthcodeAndValidateTokens", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).ExchangeAuthcodeAndValidateTokens), arg0, arg1, arg2, arg3, arg4) } -// GetAuthorizationURL mocks base method +// GetAuthorizationURL mocks base method. func (m *MockUpstreamOIDCIdentityProviderI) GetAuthorizationURL() *url.URL { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "GetAuthorizationURL") @@ -65,13 +66,13 @@ func (m *MockUpstreamOIDCIdentityProviderI) GetAuthorizationURL() *url.URL { return ret0 } -// GetAuthorizationURL indicates an expected call of GetAuthorizationURL +// GetAuthorizationURL indicates an expected call of GetAuthorizationURL. func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) GetAuthorizationURL() *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetAuthorizationURL", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).GetAuthorizationURL)) } -// GetClientID mocks base method +// GetClientID mocks base method. func (m *MockUpstreamOIDCIdentityProviderI) GetClientID() string { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "GetClientID") @@ -79,13 +80,13 @@ func (m *MockUpstreamOIDCIdentityProviderI) GetClientID() string { return ret0 } -// GetClientID indicates an expected call of GetClientID +// GetClientID indicates an expected call of GetClientID. func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) GetClientID() *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetClientID", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).GetClientID)) } -// GetGroupsClaim mocks base method +// GetGroupsClaim mocks base method. func (m *MockUpstreamOIDCIdentityProviderI) GetGroupsClaim() string { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "GetGroupsClaim") @@ -93,13 +94,13 @@ func (m *MockUpstreamOIDCIdentityProviderI) GetGroupsClaim() string { return ret0 } -// GetGroupsClaim indicates an expected call of GetGroupsClaim +// GetGroupsClaim indicates an expected call of GetGroupsClaim. func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) GetGroupsClaim() *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetGroupsClaim", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).GetGroupsClaim)) } -// GetName mocks base method +// GetName mocks base method. func (m *MockUpstreamOIDCIdentityProviderI) GetName() string { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "GetName") @@ -107,13 +108,13 @@ func (m *MockUpstreamOIDCIdentityProviderI) GetName() string { return ret0 } -// GetName indicates an expected call of GetName +// GetName indicates an expected call of GetName. func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) GetName() *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetName", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).GetName)) } -// GetScopes mocks base method +// GetScopes mocks base method. func (m *MockUpstreamOIDCIdentityProviderI) GetScopes() []string { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "GetScopes") @@ -121,13 +122,13 @@ func (m *MockUpstreamOIDCIdentityProviderI) GetScopes() []string { return ret0 } -// GetScopes indicates an expected call of GetScopes +// GetScopes indicates an expected call of GetScopes. func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) GetScopes() *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetScopes", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).GetScopes)) } -// GetUsernameClaim mocks base method +// GetUsernameClaim mocks base method. func (m *MockUpstreamOIDCIdentityProviderI) GetUsernameClaim() string { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "GetUsernameClaim") @@ -135,13 +136,13 @@ func (m *MockUpstreamOIDCIdentityProviderI) GetUsernameClaim() string { return ret0 } -// GetUsernameClaim indicates an expected call of GetUsernameClaim +// GetUsernameClaim indicates an expected call of GetUsernameClaim. func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) GetUsernameClaim() *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetUsernameClaim", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).GetUsernameClaim)) } -// ValidateToken mocks base method +// ValidateToken mocks base method. func (m *MockUpstreamOIDCIdentityProviderI) ValidateToken(arg0 context.Context, arg1 *oauth2.Token, arg2 nonce.Nonce) (*oidctypes.Token, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "ValidateToken", arg0, arg1, arg2) @@ -150,7 +151,7 @@ func (m *MockUpstreamOIDCIdentityProviderI) ValidateToken(arg0 context.Context, return ret0, ret1 } -// ValidateToken indicates an expected call of ValidateToken +// ValidateToken indicates an expected call of ValidateToken. func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) ValidateToken(arg0, arg1, arg2 interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ValidateToken", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).ValidateToken), arg0, arg1, arg2) From c832cab8d061d259ace65689efab7fea3df4ad01 Mon Sep 17 00:00:00 2001 From: Matt Moyer Date: Mon, 1 Mar 2021 13:08:41 -0600 Subject: [PATCH 7/8] Update internal/oidc/token_exchange.go for latest Fosite version. The `fosite.TokenEndpointHandler` changed and now requires some additional methods. Signed-off-by: Matt Moyer --- internal/oidc/token_exchange.go | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/internal/oidc/token_exchange.go b/internal/oidc/token_exchange.go index eed531f1..d6dc2d29 100644 --- a/internal/oidc/token_exchange.go +++ b/internal/oidc/token_exchange.go @@ -40,8 +40,10 @@ type TokenExchangeHandler struct { accessTokenStorage oauth2.AccessTokenStorage } +var _ fosite.TokenEndpointHandler = (*TokenExchangeHandler)(nil) + func (t *TokenExchangeHandler) HandleTokenEndpointRequest(ctx context.Context, requester fosite.AccessRequester) error { - if !(requester.GetGrantTypes().ExactOne("urn:ietf:params:oauth:grant-type:token-exchange")) { + if !t.CanHandleTokenEndpointRequest(requester) { return errors.WithStack(fosite.ErrUnknownRequest) } return nil @@ -139,3 +141,11 @@ func (t *TokenExchangeHandler) validateAccessToken(ctx context.Context, requeste } return originalRequester, nil } + +func (t *TokenExchangeHandler) CanSkipClientAuth(_ fosite.AccessRequester) bool { + return false +} + +func (t *TokenExchangeHandler) CanHandleTokenEndpointRequest(requester fosite.AccessRequester) bool { + return requester.GetGrantTypes().ExactOne("urn:ietf:params:oauth:grant-type:token-exchange") +} From c94ee7188cea137716c75741149181c1c8d4b769 Mon Sep 17 00:00:00 2001 From: Matt Moyer Date: Mon, 1 Mar 2021 15:41:55 -0600 Subject: [PATCH 8/8] Factor out issuerconfig.UpdateStrategy helper. Signed-off-by: Matt Moyer --- .../issuerconfig/update_strategy.go | 52 +++++++ .../issuerconfig/update_strategy_test.go | 145 ++++++++++++++++++ .../controller/kubecertagent/annotater.go | 9 +- internal/controller/kubecertagent/creater.go | 15 +- internal/controller/kubecertagent/execer.go | 25 ++- .../controller/kubecertagent/kubecertagent.go | 29 ---- 6 files changed, 234 insertions(+), 41 deletions(-) create mode 100644 internal/controller/issuerconfig/update_strategy.go create mode 100644 internal/controller/issuerconfig/update_strategy_test.go diff --git a/internal/controller/issuerconfig/update_strategy.go b/internal/controller/issuerconfig/update_strategy.go new file mode 100644 index 00000000..33a5ecd8 --- /dev/null +++ b/internal/controller/issuerconfig/update_strategy.go @@ -0,0 +1,52 @@ +// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package issuerconfig + +import ( + "context" + "sort" + + "go.pinniped.dev/generated/latest/apis/concierge/config/v1alpha1" + "go.pinniped.dev/generated/latest/client/concierge/clientset/versioned" +) + +// UpdateStrategy creates or updates the desired strategy in the CredentialIssuer status.strategies field. +// The CredentialIssuer will be created if it does not already exist. +func UpdateStrategy(ctx context.Context, + name string, + credentialIssuerLabels map[string]string, + pinnipedAPIClient versioned.Interface, + strategy v1alpha1.CredentialIssuerStrategy, +) error { + return CreateOrUpdateCredentialIssuerStatus( + ctx, + name, + credentialIssuerLabels, + pinnipedAPIClient, + func(configToUpdate *v1alpha1.CredentialIssuerStatus) { mergeStrategy(configToUpdate, strategy) }, + ) +} + +func mergeStrategy(configToUpdate *v1alpha1.CredentialIssuerStatus, strategy v1alpha1.CredentialIssuerStrategy) { + var existing *v1alpha1.CredentialIssuerStrategy + for i := range configToUpdate.Strategies { + if configToUpdate.Strategies[i].Type == strategy.Type { + existing = &configToUpdate.Strategies[i] + break + } + } + if existing != nil { + strategy.DeepCopyInto(existing) + } else { + configToUpdate.Strategies = append(configToUpdate.Strategies, strategy) + } + sort.Stable(sortableStrategies(configToUpdate.Strategies)) +} + +// TODO: sort strategies by server preference rather than alphanumerically by type. +type sortableStrategies []v1alpha1.CredentialIssuerStrategy + +func (s sortableStrategies) Len() int { return len(s) } +func (s sortableStrategies) Less(i, j int) bool { return s[i].Type < s[j].Type } +func (s sortableStrategies) Swap(i, j int) { s[i], s[j] = s[j], s[i] } diff --git a/internal/controller/issuerconfig/update_strategy_test.go b/internal/controller/issuerconfig/update_strategy_test.go new file mode 100644 index 00000000..f261c872 --- /dev/null +++ b/internal/controller/issuerconfig/update_strategy_test.go @@ -0,0 +1,145 @@ +// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package issuerconfig + +import ( + "testing" + "time" + + "github.com/stretchr/testify/require" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "go.pinniped.dev/generated/latest/apis/concierge/config/v1alpha1" +) + +func TestMergeStrategy(t *testing.T) { + t1 := metav1.Now() + t2 := metav1.NewTime(metav1.Now().Add(-1 * time.Hour)) + + tests := []struct { + name string + configToUpdate v1alpha1.CredentialIssuerStatus + strategy v1alpha1.CredentialIssuerStrategy + expected v1alpha1.CredentialIssuerStatus + }{ + { + name: "new entry", + configToUpdate: v1alpha1.CredentialIssuerStatus{ + Strategies: nil, + }, + strategy: v1alpha1.CredentialIssuerStrategy{ + Type: "Type1", + Status: v1alpha1.SuccessStrategyStatus, + Reason: "some reason", + Message: "some message", + LastUpdateTime: t1, + }, + expected: v1alpha1.CredentialIssuerStatus{ + Strategies: []v1alpha1.CredentialIssuerStrategy{ + { + Type: "Type1", + Status: v1alpha1.SuccessStrategyStatus, + Reason: "some reason", + Message: "some message", + LastUpdateTime: t1, + }, + }, + }, + }, + { + name: "existing entry to update", + configToUpdate: v1alpha1.CredentialIssuerStatus{ + Strategies: []v1alpha1.CredentialIssuerStrategy{ + { + Type: "Type1", + Status: v1alpha1.ErrorStrategyStatus, + Reason: "some starting reason", + Message: "some starting message", + LastUpdateTime: t2, + }, + }, + }, + strategy: v1alpha1.CredentialIssuerStrategy{ + Type: "Type1", + Status: v1alpha1.SuccessStrategyStatus, + Reason: "some reason", + Message: "some message", + LastUpdateTime: t1, + }, + expected: v1alpha1.CredentialIssuerStatus{ + Strategies: []v1alpha1.CredentialIssuerStrategy{ + { + Type: "Type1", + Status: v1alpha1.SuccessStrategyStatus, + Reason: "some reason", + Message: "some message", + LastUpdateTime: t1, + }, + }, + }, + }, + { + name: "new entry among others", + configToUpdate: v1alpha1.CredentialIssuerStatus{ + Strategies: []v1alpha1.CredentialIssuerStrategy{ + { + Type: "Type0", + Status: v1alpha1.ErrorStrategyStatus, + Reason: "some starting reason 0", + Message: "some starting message 0", + LastUpdateTime: t2, + }, + { + Type: "Type2", + Status: v1alpha1.ErrorStrategyStatus, + Reason: "some starting reason 0", + Message: "some starting message 0", + LastUpdateTime: t2, + }, + }, + }, + strategy: v1alpha1.CredentialIssuerStrategy{ + Type: "Type1", + Status: v1alpha1.SuccessStrategyStatus, + Reason: "some reason", + Message: "some message", + LastUpdateTime: t1, + }, + expected: v1alpha1.CredentialIssuerStatus{ + Strategies: []v1alpha1.CredentialIssuerStrategy{ + { + Type: "Type0", + Status: v1alpha1.ErrorStrategyStatus, + Reason: "some starting reason 0", + Message: "some starting message 0", + LastUpdateTime: t2, + }, + // Expect the Type1 entry to be sorted alphanumerically between the existing entries. + { + Type: "Type1", + Status: v1alpha1.SuccessStrategyStatus, + Reason: "some reason", + Message: "some message", + LastUpdateTime: t1, + }, + { + Type: "Type2", + Status: v1alpha1.ErrorStrategyStatus, + Reason: "some starting reason 0", + Message: "some starting message 0", + LastUpdateTime: t2, + }, + }, + }, + }, + } + for _, tt := range tests { + tt := tt + t.Run(tt.name, func(t *testing.T) { + updated := tt.configToUpdate.DeepCopy() + mergeStrategy(updated, tt.strategy) + require.Equal(t, &tt.expected, updated) + }) + } +} diff --git a/internal/controller/kubecertagent/annotater.go b/internal/controller/kubecertagent/annotater.go index 5ccf95ff..a18cc732 100644 --- a/internal/controller/kubecertagent/annotater.go +++ b/internal/controller/kubecertagent/annotater.go @@ -18,6 +18,7 @@ import ( pinnipedclientset "go.pinniped.dev/generated/latest/client/concierge/clientset/versioned" pinnipedcontroller "go.pinniped.dev/internal/controller" + "go.pinniped.dev/internal/controller/issuerconfig" "go.pinniped.dev/internal/controllerlib" "go.pinniped.dev/internal/plog" ) @@ -121,7 +122,13 @@ func (c *annotaterController) Sync(ctx controllerlib.Context) error { keyPath, ); err != nil { err = fmt.Errorf("cannot update agent pod: %w", err) - strategyResultUpdateErr := createOrUpdateCredentialIssuer(ctx.Context, *c.credentialIssuerLocationConfig, nil, c.clock, c.pinnipedAPIClient, err) + strategyResultUpdateErr := issuerconfig.UpdateStrategy( + ctx.Context, + c.credentialIssuerLocationConfig.Name, + nil, + c.pinnipedAPIClient, + strategyError(c.clock, err), + ) if strategyResultUpdateErr != nil { // If the CI update fails, then we probably want to try again. This controller will get // called again because of the pod create failure, so just try the CI update again then. diff --git a/internal/controller/kubecertagent/creater.go b/internal/controller/kubecertagent/creater.go index 4db1ba06..6cb37934 100644 --- a/internal/controller/kubecertagent/creater.go +++ b/internal/controller/kubecertagent/creater.go @@ -17,6 +17,7 @@ import ( pinnipedclientset "go.pinniped.dev/generated/latest/client/concierge/clientset/versioned" "go.pinniped.dev/internal/constable" pinnipedcontroller "go.pinniped.dev/internal/controller" + "go.pinniped.dev/internal/controller/issuerconfig" "go.pinniped.dev/internal/controllerlib" "go.pinniped.dev/internal/plog" ) @@ -96,13 +97,12 @@ func (c *createrController) Sync(ctx controllerlib.Context) error { if len(controllerManagerPods) == 0 { // If there are no controller manager pods, we alert the user that we can't find the keypair via // the CredentialIssuer. - return createOrUpdateCredentialIssuer( + return issuerconfig.UpdateStrategy( ctx.Context, - *c.credentialIssuerLocationConfig, + c.credentialIssuerLocationConfig.Name, c.credentialIssuerLabels, - c.clock, c.pinnipedAPIClient, - constable.Error("did not find kube-controller-manager pod(s)"), + strategyError(c.clock, constable.Error("did not find kube-controller-manager pod(s)")), ) } @@ -131,13 +131,12 @@ func (c *createrController) Sync(ctx controllerlib.Context) error { Create(ctx.Context, agentPod, metav1.CreateOptions{}) if err != nil { err = fmt.Errorf("cannot create agent pod: %w", err) - strategyResultUpdateErr := createOrUpdateCredentialIssuer( + strategyResultUpdateErr := issuerconfig.UpdateStrategy( ctx.Context, - *c.credentialIssuerLocationConfig, + c.credentialIssuerLocationConfig.Name, c.credentialIssuerLabels, - c.clock, c.pinnipedAPIClient, - err, + strategyError(c.clock, err), ) if strategyResultUpdateErr != nil { // If the CI update fails, then we probably want to try again. This controller will get diff --git a/internal/controller/kubecertagent/execer.go b/internal/controller/kubecertagent/execer.go index 457fd5c1..2322103e 100644 --- a/internal/controller/kubecertagent/execer.go +++ b/internal/controller/kubecertagent/execer.go @@ -14,6 +14,7 @@ import ( pinnipedclientset "go.pinniped.dev/generated/latest/client/concierge/clientset/versioned" pinnipedcontroller "go.pinniped.dev/internal/controller" + "go.pinniped.dev/internal/controller/issuerconfig" "go.pinniped.dev/internal/controllerlib" "go.pinniped.dev/internal/dynamiccert" ) @@ -87,21 +88,39 @@ func (c *execerController) Sync(ctx controllerlib.Context) error { certPEM, err := c.podCommandExecutor.Exec(agentPod.Namespace, agentPod.Name, "cat", certPath) if err != nil { - strategyResultUpdateErr := createOrUpdateCredentialIssuer(ctx.Context, *c.credentialIssuerLocationConfig, nil, c.clock, c.pinnipedAPIClient, err) + strategyResultUpdateErr := issuerconfig.UpdateStrategy( + ctx.Context, + c.credentialIssuerLocationConfig.Name, + nil, + c.pinnipedAPIClient, + strategyError(c.clock, err), + ) klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuer with strategy success") return err } keyPEM, err := c.podCommandExecutor.Exec(agentPod.Namespace, agentPod.Name, "cat", keyPath) if err != nil { - strategyResultUpdateErr := createOrUpdateCredentialIssuer(ctx.Context, *c.credentialIssuerLocationConfig, nil, c.clock, c.pinnipedAPIClient, err) + strategyResultUpdateErr := issuerconfig.UpdateStrategy( + ctx.Context, + c.credentialIssuerLocationConfig.Name, + nil, + c.pinnipedAPIClient, + strategyError(c.clock, err), + ) klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuer with strategy success") return err } c.dynamicCertProvider.Set([]byte(certPEM), []byte(keyPEM)) - err = createOrUpdateCredentialIssuer(ctx.Context, *c.credentialIssuerLocationConfig, nil, c.clock, c.pinnipedAPIClient, nil) + err = issuerconfig.UpdateStrategy( + ctx.Context, + c.credentialIssuerLocationConfig.Name, + nil, + c.pinnipedAPIClient, + strategySuccess(c.clock), + ) if err != nil { return err } diff --git a/internal/controller/kubecertagent/kubecertagent.go b/internal/controller/kubecertagent/kubecertagent.go index d7921a45..dff42f63 100644 --- a/internal/controller/kubecertagent/kubecertagent.go +++ b/internal/controller/kubecertagent/kubecertagent.go @@ -10,7 +10,6 @@ package kubecertagent import ( - "context" "encoding/hex" "fmt" "hash/fnv" @@ -25,8 +24,6 @@ import ( corev1informers "k8s.io/client-go/informers/core/v1" configv1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/config/v1alpha1" - pinnipedclientset "go.pinniped.dev/generated/latest/client/concierge/clientset/versioned" - "go.pinniped.dev/internal/controller/issuerconfig" "go.pinniped.dev/internal/plog" ) @@ -280,32 +277,6 @@ func findControllerManagerPodForSpecificAgentPod( return maybeControllerManagerPod, nil } -func createOrUpdateCredentialIssuer(ctx context.Context, - ciConfig CredentialIssuerLocationConfig, - credentialIssuerLabels map[string]string, - clock clock.Clock, - pinnipedAPIClient pinnipedclientset.Interface, - err error, -) error { - return issuerconfig.CreateOrUpdateCredentialIssuerStatus( - ctx, - ciConfig.Name, - credentialIssuerLabels, - pinnipedAPIClient, - func(configToUpdate *configv1alpha1.CredentialIssuerStatus) { - var strategyResult configv1alpha1.CredentialIssuerStrategy - if err == nil { - strategyResult = strategySuccess(clock) - } else { - strategyResult = strategyError(clock, err) - } - configToUpdate.Strategies = []configv1alpha1.CredentialIssuerStrategy{ - strategyResult, - } - }, - ) -} - func strategySuccess(clock clock.Clock) configv1alpha1.CredentialIssuerStrategy { return configv1alpha1.CredentialIssuerStrategy{ Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,