djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'main' into ldap_and_activedirectory_status_conditions_bug

Browse Source
This commit is contained in:
Ryan Richard 2022-01-18 10:09:14 -08:00 committed by GitHub
commit 1a2514f417
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ROADMAP.md
View File

@ -40,7 +40,9 @@ Last Updated: Sept 2021
|Improving Security Posture|Supervisor token refresh fails when the upstream user is in an invalid state for LDAP/AD |Jan 2022| |Improving Security Posture|Supervisor token refresh fails when the upstream user is in an invalid state for LDAP/AD |Jan 2022|
|Improving Security Posture|Set stricter default TLS versions and Ciphers |Jan 2022| |Improving Security Posture|Set stricter default TLS versions and Ciphers |Jan 2022|
|Improving Security Posture|Support FIPS compliant Boring crypto libraries |Feb 2022| |Improving Security Posture|Support FIPS compliant Boring crypto libraries |Feb 2022|
|Improving Security Posture|Support Audit logging of security events related to Authentication |March 2022| |Multiple IDP support|Support multiple IDPs configured on a single Supervisor|March/April 2022|
|Improving Security Posture|TLS hardening |March/April 2022|
|Improving Security Posture|Support Audit logging of security events related to Authentication |April/May 2022|
|Improving Security Posture|mTLS for Supervisor sessions |Exploring/Ongoing| |Improving Security Posture|mTLS for Supervisor sessions |Exploring/Ongoing|
|Improving Security Posture|Key management/rotation for Pinniped components with minimal downtime |Exploring/Ongoing| |Improving Security Posture|Key management/rotation for Pinniped components with minimal downtime |Exploring/Ongoing|
|Improving Security Posture|Support for Session Logout |Exploring/Ongoing| |Improving Security Posture|Support for Session Logout |Exploring/Ongoing|
@ -52,7 +54,6 @@ Last Updated: Sept 2021
|Improving Security Posture|Client side use of Secure Enclaves for Session data |Exploring/Ongoing| |Improving Security Posture|Client side use of Secure Enclaves for Session data |Exploring/Ongoing|
|Improving Security Posture|Enforce the use of HTTP Strict Transport (HSTS) |Exploring/Ongoing| |Improving Security Posture|Enforce the use of HTTP Strict Transport (HSTS) |Exploring/Ongoing|
|Improving Security Posture|Assert that Pinniped runs under the restricted PSP version2 levels |Exploring/Ongoing| |Improving Security Posture|Assert that Pinniped runs under the restricted PSP version2 levels |Exploring/Ongoing|
|Multiple IDP support|Support multiple IDPs configured on a single Supervisor|Exploring/Ongoing|
|Wider Concierge cluster support|Support for OpenShift cluster types in the Concierge|Exploring/Ongoing| |Wider Concierge cluster support|Support for OpenShift cluster types in the Concierge|Exploring/Ongoing|
|Identity transforms|Support prefixing, filtering, or performing coarse-grained checks on upstream users and groups|Exploring/Ongoing| |Identity transforms|Support prefixing, filtering, or performing coarse-grained checks on upstream users and groups|Exploring/Ongoing|
|CLI SSO|Support Kerberos based authentication on CLI |Exploring/Ongoing| |CLI SSO|Support Kerberos based authentication on CLI |Exploring/Ongoing|

4
hack/module.sh
View File

@ -1,6 +1,6 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. # Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
set -euo pipefail set -euo pipefail
@ -13,7 +13,7 @@ function tidy_cmd() {
} }
function lint_cmd() { function lint_cmd() {
echo "golangci-lint run --modules-download-mode=readonly --timeout=10m" echo "golangci-lint run --modules-download-mode=readonly --timeout=15m"
} }
function test_cmd() { function test_cmd() {