Merge branch 'main' of github.com:vmware-tanzu/pinniped into active-directory-identity-provider
This commit is contained in:
commit
19100d68ef
@ -501,6 +501,7 @@ func (c *agentController) newAgentDeployment(controllerManagerPod *corev1.Pod) *
|
|||||||
RunAsUser: pointer.Int64Ptr(0),
|
RunAsUser: pointer.Int64Ptr(0),
|
||||||
RunAsGroup: pointer.Int64Ptr(0),
|
RunAsGroup: pointer.Int64Ptr(0),
|
||||||
},
|
},
|
||||||
|
HostNetwork: controllerManagerPod.Spec.HostNetwork,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
||||||
|
@ -151,6 +151,16 @@ func TestAgentController(t *testing.T) {
|
|||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// The host network setting from the kube-controller-manager pod should be applied on the
|
||||||
|
// deployment.
|
||||||
|
healthyKubeControllerManagerPodWithHostNetwork := healthyKubeControllerManagerPod.DeepCopy()
|
||||||
|
healthyKubeControllerManagerPodWithHostNetwork.Spec.HostNetwork = true
|
||||||
|
|
||||||
|
// We create an agent deployment that does not use host network and expect the
|
||||||
|
// controller to add 'hostNetwork: true' to the spec.
|
||||||
|
healthyAgentDeploymentWithHostNetwork := healthyAgentDeployment.DeepCopy()
|
||||||
|
healthyAgentDeploymentWithHostNetwork.Spec.Template.Spec.HostNetwork = true
|
||||||
|
|
||||||
// Make another kube-controller-manager pod that's similar, but does not have the CLI flags we're expecting.
|
// Make another kube-controller-manager pod that's similar, but does not have the CLI flags we're expecting.
|
||||||
// We should handle this by falling back to default values for the cert and key paths.
|
// We should handle this by falling back to default values for the cert and key paths.
|
||||||
healthyKubeControllerManagerPodWithoutArgs := healthyKubeControllerManagerPod.DeepCopy()
|
healthyKubeControllerManagerPodWithoutArgs := healthyKubeControllerManagerPod.DeepCopy()
|
||||||
@ -461,6 +471,31 @@ func TestAgentController(t *testing.T) {
|
|||||||
LastUpdateTime: metav1.NewTime(now),
|
LastUpdateTime: metav1.NewTime(now),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name: "deployment exists, but missing host network from kube-controller-manager",
|
||||||
|
pinnipedObjects: []runtime.Object{
|
||||||
|
initialCredentialIssuer,
|
||||||
|
},
|
||||||
|
kubeObjects: []runtime.Object{
|
||||||
|
healthyKubeControllerManagerPodWithHostNetwork,
|
||||||
|
healthyAgentDeployment,
|
||||||
|
healthyAgentPod,
|
||||||
|
},
|
||||||
|
wantDistinctErrors: []string{
|
||||||
|
"failed to get kube-public/cluster-info configmap: configmap \"cluster-info\" not found",
|
||||||
|
},
|
||||||
|
wantAgentDeployment: healthyAgentDeploymentWithHostNetwork,
|
||||||
|
wantStrategy: &configv1alpha1.CredentialIssuerStrategy{
|
||||||
|
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
|
||||||
|
Status: configv1alpha1.ErrorStrategyStatus,
|
||||||
|
Reason: configv1alpha1.CouldNotGetClusterInfoStrategyReason,
|
||||||
|
Message: "failed to get kube-public/cluster-info configmap: configmap \"cluster-info\" not found",
|
||||||
|
LastUpdateTime: metav1.NewTime(now),
|
||||||
|
},
|
||||||
|
wantDistinctLogs: []string{
|
||||||
|
`kube-cert-agent-controller "level"=0 "msg"="updating existing deployment" "deployment"={"name":"pinniped-concierge-kube-cert-agent","namespace":"concierge"} "templatePod"={"name":"kube-controller-manager-1","namespace":"kube-system"}`,
|
||||||
|
},
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name: "deployment exists, configmap missing",
|
name: "deployment exists, configmap missing",
|
||||||
pinnipedObjects: []runtime.Object{
|
pinnipedObjects: []runtime.Object{
|
||||||
@ -562,7 +597,7 @@ func TestAgentController(t *testing.T) {
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "deployment exists, configmap is valid,, exec into agent pod fails",
|
name: "deployment exists, configmap is valid, exec into agent pod fails",
|
||||||
pinnipedObjects: []runtime.Object{
|
pinnipedObjects: []runtime.Object{
|
||||||
initialCredentialIssuer,
|
initialCredentialIssuer,
|
||||||
},
|
},
|
||||||
|
53
site/content/resources/_index.html
Normal file
53
site/content/resources/_index.html
Normal file
@ -0,0 +1,53 @@
|
|||||||
|
---
|
||||||
|
title: Pinniped Resources
|
||||||
|
layout: section
|
||||||
|
---
|
||||||
|
|
||||||
|
<div class="hero subpage">
|
||||||
|
<div class="wrapper">
|
||||||
|
<h1>Resources</h1>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="wrapper resources">
|
||||||
|
<h2>Resources about Pinniped, such as videos, podcasts, and community articles</h2>
|
||||||
|
<div class="grid three">
|
||||||
|
|
||||||
|
<div class="col">
|
||||||
|
<div class="embed-responsive">
|
||||||
|
<iframe class="embed-responsive-item"
|
||||||
|
src="https://www.youtube-nocookie.com/embed/YGeO1jKfgac?start=138"
|
||||||
|
title="YouTube video player"
|
||||||
|
frameborder="0"
|
||||||
|
allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
|
||||||
|
allowfullscreen>
|
||||||
|
</iframe>
|
||||||
|
</div>
|
||||||
|
<div class="content">
|
||||||
|
<p>
|
||||||
|
<a href="https://www.cncf.io/online-programs/cncf-live-webinar-easy-secure-kubernetes-authentication-with-pinniped/"
|
||||||
|
target="_blank">
|
||||||
|
CNCF Live Webinar: Easy, Secure Kubernetes Authentication With Pinniped - August 24, 2021
|
||||||
|
[VIDEO]
|
||||||
|
</a>
|
||||||
|
<a href="https://docs.google.com/presentation/d/1euA62C7SHQpHewPqPaxTvNEKdvyNOdU9MDWh3YN3NvY/edit?usp=sharing"
|
||||||
|
target="_blank">
|
||||||
|
[SLIDES]
|
||||||
|
</a>
|
||||||
|
</p>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="col">
|
||||||
|
<a href="https://github.com/vmware-tanzu/pinniped">
|
||||||
|
<div class="icon">
|
||||||
|
<img src="/img/logo.svg"/>
|
||||||
|
</div>
|
||||||
|
<div class="content">
|
||||||
|
<p class="strong">Pinniped Source Code:</p>
|
||||||
|
<p>https://github.com/vmware-tanzu/pinniped</p>
|
||||||
|
</div>
|
||||||
|
</a>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
</div>
|
File diff suppressed because one or more lines are too long
@ -400,6 +400,49 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.resources {
|
||||||
|
background-color: #fff;
|
||||||
|
margin-top: -90px;
|
||||||
|
padding: 30px 30px 50px 30px;
|
||||||
|
|
||||||
|
.embed-responsive {
|
||||||
|
position: relative;
|
||||||
|
&:before {
|
||||||
|
padding-top: 56.25%;
|
||||||
|
display: block;
|
||||||
|
content: "";
|
||||||
|
}
|
||||||
|
.embed-responsive-item {
|
||||||
|
position: absolute;
|
||||||
|
top: 0;
|
||||||
|
bottom: 0;
|
||||||
|
left: 0;
|
||||||
|
width: 100%;
|
||||||
|
height: 100%;
|
||||||
|
border: 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
.grid {
|
||||||
|
.col {
|
||||||
|
border: 1px solid #F2F2F2;
|
||||||
|
.icon {
|
||||||
|
display: flex;
|
||||||
|
align-items: center;
|
||||||
|
justify-content: center;
|
||||||
|
min-height: 140px;
|
||||||
|
}
|
||||||
|
.content {
|
||||||
|
padding: 0px 20px 20px 20px;
|
||||||
|
text-align: center;
|
||||||
|
h3 {
|
||||||
|
margin-top: 0px;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
.docs {
|
.docs {
|
||||||
background-color: #fff;
|
background-color: #fff;
|
||||||
margin-top: -90px;
|
margin-top: -90px;
|
||||||
|
@ -6,6 +6,7 @@
|
|||||||
<li><a href="/community/" {{ if (eq .RelPermalink "/community/") }}class="active"{{ end }}>Community</a></li>
|
<li><a href="/community/" {{ if (eq .RelPermalink "/community/") }}class="active"{{ end }}>Community</a></li>
|
||||||
<li><a href="/blog/" {{ if or (eq .Page.Section "posts") (eq .Page.Section "tags") }}class="active"{{ end }}>Blog</a></li>
|
<li><a href="/blog/" {{ if or (eq .Page.Section "posts") (eq .Page.Section "tags") }}class="active"{{ end }}>Blog</a></li>
|
||||||
<li><a href="/docs/" {{ if (eq .Page.Section "docs") }}class="active"{{ end }}>Docs</a></li>
|
<li><a href="/docs/" {{ if (eq .Page.Section "docs") }}class="active"{{ end }}>Docs</a></li>
|
||||||
|
<li><a href="/resources/" {{ if (eq .RelPermalink "resources") }}class="active"{{ end }}>Resources</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
<button type="button" class="mobile" id="mobile-menu-button">
|
<button type="button" class="mobile" id="mobile-menu-button">
|
||||||
<img class="collapsed-icon" src="/img/hamburger.svg" alt="Mobile nav icon">
|
<img class="collapsed-icon" src="/img/hamburger.svg" alt="Mobile nav icon">
|
||||||
@ -17,6 +18,7 @@
|
|||||||
<li><a href="/community/" {{ if (eq .RelPermalink "/community/") }}class="active"{{ end }}>Community</a></li>
|
<li><a href="/community/" {{ if (eq .RelPermalink "/community/") }}class="active"{{ end }}>Community</a></li>
|
||||||
<li><a href="/blog/" {{ if or (eq .Page.Section "posts") (eq .Page.Section "tags") }}class="active"{{ end }}>Blog</a></li>
|
<li><a href="/blog/" {{ if or (eq .Page.Section "posts") (eq .Page.Section "tags") }}class="active"{{ end }}>Blog</a></li>
|
||||||
<li><a href="/docs/" {{ if (eq .Page.Section "docs") }}class="active"{{ end }}>Docs</a></li>
|
<li><a href="/docs/" {{ if (eq .Page.Section "docs") }}class="active"{{ end }}>Docs</a></li>
|
||||||
|
<li><a href="/resources/" {{ if (eq .RelPermalink "resources") }}class="active"{{ end }}>Resources</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
<div class="social">
|
<div class="social">
|
||||||
<a href="https://twitter.com/projectpinniped"><img src="/img/twitter.png" />Twitter</a>
|
<a href="https://twitter.com/projectpinniped"><img src="/img/twitter.png" />Twitter</a>
|
||||||
|
Loading…
Reference in New Issue
Block a user