Merge pull request #1647 from vmware-tanzu/jtc/bump-to-golang-1-21
Bump to golang 1.21
This commit is contained in:
commit
46c773aba6
@ -3,7 +3,7 @@
|
|||||||
# Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
# Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
FROM golang:1.20.7 as build-env
|
FROM golang:1.21.0 as build-env
|
||||||
|
|
||||||
WORKDIR /work
|
WORKDIR /work
|
||||||
COPY . .
|
COPY . .
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2021-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package cmd
|
package cmd
|
||||||
@ -15,7 +15,6 @@ import (
|
|||||||
|
|
||||||
configv1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/config/v1alpha1"
|
configv1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/config/v1alpha1"
|
||||||
"go.pinniped.dev/internal/certauthority"
|
"go.pinniped.dev/internal/certauthority"
|
||||||
"go.pinniped.dev/internal/testutil"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestConciergeModeFlag(t *testing.T) {
|
func TestConciergeModeFlag(t *testing.T) {
|
||||||
@ -52,7 +51,7 @@ func TestConciergeModeFlag(t *testing.T) {
|
|||||||
func TestCABundleFlag(t *testing.T) {
|
func TestCABundleFlag(t *testing.T) {
|
||||||
testCA, err := certauthority.New("Test CA", 1*time.Hour)
|
testCA, err := certauthority.New("Test CA", 1*time.Hour)
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
tmpdir := testutil.TempDir(t)
|
tmpdir := t.TempDir()
|
||||||
emptyFilePath := filepath.Join(tmpdir, "empty")
|
emptyFilePath := filepath.Join(tmpdir, "empty")
|
||||||
require.NoError(t, os.WriteFile(emptyFilePath, []byte{}, 0600))
|
require.NoError(t, os.WriteFile(emptyFilePath, []byte{}, 0600))
|
||||||
|
|
||||||
|
@ -32,7 +32,7 @@ import (
|
|||||||
func TestGetKubeconfig(t *testing.T) {
|
func TestGetKubeconfig(t *testing.T) {
|
||||||
testOIDCCA, err := certauthority.New("Test CA", 1*time.Hour)
|
testOIDCCA, err := certauthority.New("Test CA", 1*time.Hour)
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
tmpdir := testutil.TempDir(t)
|
tmpdir := t.TempDir()
|
||||||
testOIDCCABundlePath := filepath.Join(tmpdir, "testca.pem")
|
testOIDCCABundlePath := filepath.Join(tmpdir, "testca.pem")
|
||||||
require.NoError(t, os.WriteFile(testOIDCCABundlePath, testOIDCCA.Bundle(), 0600))
|
require.NoError(t, os.WriteFile(testOIDCCABundlePath, testOIDCCA.Bundle(), 0600))
|
||||||
|
|
||||||
|
@ -23,7 +23,6 @@ import (
|
|||||||
"go.pinniped.dev/internal/certauthority"
|
"go.pinniped.dev/internal/certauthority"
|
||||||
"go.pinniped.dev/internal/here"
|
"go.pinniped.dev/internal/here"
|
||||||
"go.pinniped.dev/internal/plog"
|
"go.pinniped.dev/internal/plog"
|
||||||
"go.pinniped.dev/internal/testutil"
|
|
||||||
"go.pinniped.dev/pkg/conciergeclient"
|
"go.pinniped.dev/pkg/conciergeclient"
|
||||||
"go.pinniped.dev/pkg/oidcclient"
|
"go.pinniped.dev/pkg/oidcclient"
|
||||||
"go.pinniped.dev/pkg/oidcclient/oidctypes"
|
"go.pinniped.dev/pkg/oidcclient/oidctypes"
|
||||||
@ -34,7 +33,7 @@ func TestLoginOIDCCommand(t *testing.T) {
|
|||||||
|
|
||||||
testCA, err := certauthority.New("Test CA", 1*time.Hour)
|
testCA, err := certauthority.New("Test CA", 1*time.Hour)
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
tmpdir := testutil.TempDir(t)
|
tmpdir := t.TempDir()
|
||||||
testCABundlePath := filepath.Join(tmpdir, "testca.pem")
|
testCABundlePath := filepath.Join(tmpdir, "testca.pem")
|
||||||
require.NoError(t, os.WriteFile(testCABundlePath, testCA.Bundle(), 0600))
|
require.NoError(t, os.WriteFile(testCABundlePath, testCA.Bundle(), 0600))
|
||||||
|
|
||||||
@ -513,7 +512,7 @@ func TestLoginOIDCCommand(t *testing.T) {
|
|||||||
"--concierge-endpoint", "https://127.0.0.1:1234/",
|
"--concierge-endpoint", "https://127.0.0.1:1234/",
|
||||||
"--concierge-ca-bundle-data", base64.StdEncoding.EncodeToString(testCA.Bundle()),
|
"--concierge-ca-bundle-data", base64.StdEncoding.EncodeToString(testCA.Bundle()),
|
||||||
"--concierge-api-group-suffix", "some.suffix.com",
|
"--concierge-api-group-suffix", "some.suffix.com",
|
||||||
"--credential-cache", testutil.TempDir(t) + "/credentials.yaml", // must specify --credential-cache or else the cache file on disk causes test pollution
|
"--credential-cache", t.TempDir() + "/credentials.yaml", // must specify --credential-cache or else the cache file on disk causes test pollution
|
||||||
"--upstream-identity-provider-name", "some-upstream-name",
|
"--upstream-identity-provider-name", "some-upstream-name",
|
||||||
"--upstream-identity-provider-type", "ldap",
|
"--upstream-identity-provider-type", "ldap",
|
||||||
},
|
},
|
||||||
|
@ -21,7 +21,6 @@ import (
|
|||||||
"go.pinniped.dev/internal/certauthority"
|
"go.pinniped.dev/internal/certauthority"
|
||||||
"go.pinniped.dev/internal/here"
|
"go.pinniped.dev/internal/here"
|
||||||
"go.pinniped.dev/internal/plog"
|
"go.pinniped.dev/internal/plog"
|
||||||
"go.pinniped.dev/internal/testutil"
|
|
||||||
"go.pinniped.dev/pkg/conciergeclient"
|
"go.pinniped.dev/pkg/conciergeclient"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -30,7 +29,7 @@ func TestLoginStaticCommand(t *testing.T) {
|
|||||||
|
|
||||||
testCA, err := certauthority.New("Test CA", 1*time.Hour)
|
testCA, err := certauthority.New("Test CA", 1*time.Hour)
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
tmpdir := testutil.TempDir(t)
|
tmpdir := t.TempDir()
|
||||||
testCABundlePath := filepath.Join(tmpdir, "testca.pem")
|
testCABundlePath := filepath.Join(tmpdir, "testca.pem")
|
||||||
require.NoError(t, os.WriteFile(testCABundlePath, testCA.Bundle(), 0600))
|
require.NoError(t, os.WriteFile(testCABundlePath, testCA.Bundle(), 0600))
|
||||||
|
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
@ -29,7 +28,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
|
|||||||
"go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref),
|
"go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref),
|
||||||
"go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref),
|
"go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref),
|
||||||
"go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref),
|
"go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref),
|
||||||
"k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource": schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref),
|
"k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource": schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref),
|
||||||
"k8s.io/api/core/v1.Affinity": schema_k8sio_api_core_v1_Affinity(ref),
|
"k8s.io/api/core/v1.Affinity": schema_k8sio_api_core_v1_Affinity(ref),
|
||||||
"k8s.io/api/core/v1.AttachedVolume": schema_k8sio_api_core_v1_AttachedVolume(ref),
|
"k8s.io/api/core/v1.AttachedVolume": schema_k8sio_api_core_v1_AttachedVolume(ref),
|
||||||
"k8s.io/api/core/v1.AvoidPods": schema_k8sio_api_core_v1_AvoidPods(ref),
|
"k8s.io/api/core/v1.AvoidPods": schema_k8sio_api_core_v1_AvoidPods(ref),
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
@ -22,58 +21,58 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
|
|||||||
"go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestList": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref),
|
"go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestList": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestList(ref),
|
||||||
"go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref),
|
"go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestSpec": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestSpec(ref),
|
||||||
"go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref),
|
"go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1.OIDCClientSecretRequestStatus": schema_apis_supervisor_clientsecret_v1alpha1_OIDCClientSecretRequestStatus(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.ApplyOptions": schema_pkg_apis_meta_v1_ApplyOptions(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.ApplyOptions": schema_pkg_apis_meta_v1_ApplyOptions(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref),
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref),
|
"k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref),
|
||||||
"k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref),
|
"k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref),
|
||||||
"k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref),
|
"k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref),
|
||||||
"k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref),
|
"k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref),
|
||||||
"k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref),
|
"k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
24
go.mod
24
go.mod
@ -1,13 +1,13 @@
|
|||||||
module go.pinniped.dev
|
module go.pinniped.dev
|
||||||
|
|
||||||
go 1.19
|
go 1.20
|
||||||
|
|
||||||
// This version taken from https://github.com/kubernetes/apiserver/blob/v0.28.0/go.mod#L50
|
// This version taken from https://github.com/kubernetes/apiserver/blob/v0.28.0/go.mod#L50
|
||||||
replace k8s.io/kube-openapi => k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9
|
replace k8s.io/kube-openapi => k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9
|
||||||
|
|
||||||
require (
|
require (
|
||||||
github.com/MakeNowJust/heredoc/v2 v2.0.1
|
github.com/MakeNowJust/heredoc/v2 v2.0.1
|
||||||
github.com/chromedp/cdproto v0.0.0-20230828023241-f357fd93b5d6
|
github.com/chromedp/cdproto v0.0.0-20230901104747-bfe71bcbd1c0
|
||||||
github.com/chromedp/chromedp v0.9.2
|
github.com/chromedp/chromedp v0.9.2
|
||||||
github.com/coreos/go-oidc/v3 v3.6.0
|
github.com/coreos/go-oidc/v3 v3.6.0
|
||||||
github.com/coreos/go-semver v0.3.1
|
github.com/coreos/go-semver v0.3.1
|
||||||
@ -34,14 +34,14 @@ require (
|
|||||||
github.com/spf13/cobra v1.7.0
|
github.com/spf13/cobra v1.7.0
|
||||||
github.com/spf13/pflag v1.0.5
|
github.com/spf13/pflag v1.0.5
|
||||||
github.com/stretchr/testify v1.8.4
|
github.com/stretchr/testify v1.8.4
|
||||||
github.com/tdewolff/minify/v2 v2.12.8
|
github.com/tdewolff/minify/v2 v2.12.9
|
||||||
go.uber.org/zap v1.25.0
|
go.uber.org/zap v1.25.0
|
||||||
golang.org/x/crypto v0.12.0
|
golang.org/x/crypto v0.13.0
|
||||||
golang.org/x/net v0.14.0
|
golang.org/x/net v0.15.0
|
||||||
golang.org/x/oauth2 v0.11.0
|
golang.org/x/oauth2 v0.12.0
|
||||||
golang.org/x/sync v0.3.0
|
golang.org/x/sync v0.3.0
|
||||||
golang.org/x/term v0.11.0
|
golang.org/x/term v0.12.0
|
||||||
golang.org/x/text v0.12.0
|
golang.org/x/text v0.13.0
|
||||||
gopkg.in/square/go-jose.v2 v2.6.0
|
gopkg.in/square/go-jose.v2 v2.6.0
|
||||||
k8s.io/api v0.28.1
|
k8s.io/api v0.28.1
|
||||||
k8s.io/apiextensions-apiserver v0.28.1
|
k8s.io/apiextensions-apiserver v0.28.1
|
||||||
@ -49,10 +49,10 @@ require (
|
|||||||
k8s.io/apiserver v0.28.1
|
k8s.io/apiserver v0.28.1
|
||||||
k8s.io/client-go v0.28.1
|
k8s.io/client-go v0.28.1
|
||||||
k8s.io/component-base v0.28.1
|
k8s.io/component-base v0.28.1
|
||||||
k8s.io/gengo v0.0.0-20230825065918-3239622df7ae
|
k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01
|
||||||
k8s.io/klog/v2 v2.100.1
|
k8s.io/klog/v2 v2.100.1
|
||||||
k8s.io/kube-aggregator v0.28.1
|
k8s.io/kube-aggregator v0.28.1
|
||||||
k8s.io/kube-openapi v0.0.0-20230816210353-14e408962443
|
k8s.io/kube-openapi v0.0.0-20230905202853-d090da108d2f
|
||||||
k8s.io/utils v0.0.0-20230726121419-3b25d923346b
|
k8s.io/utils v0.0.0-20230726121419-3b25d923346b
|
||||||
sigs.k8s.io/yaml v1.3.0
|
sigs.k8s.io/yaml v1.3.0
|
||||||
)
|
)
|
||||||
@ -129,7 +129,7 @@ require (
|
|||||||
github.com/spf13/jwalterweatherman v1.1.0 // indirect
|
github.com/spf13/jwalterweatherman v1.1.0 // indirect
|
||||||
github.com/stoewer/go-strcase v1.2.0 // indirect
|
github.com/stoewer/go-strcase v1.2.0 // indirect
|
||||||
github.com/subosito/gotenv v1.4.0 // indirect
|
github.com/subosito/gotenv v1.4.0 // indirect
|
||||||
github.com/tdewolff/parse/v2 v2.6.7 // indirect
|
github.com/tdewolff/parse/v2 v2.6.8 // indirect
|
||||||
go.etcd.io/etcd/api/v3 v3.5.9 // indirect
|
go.etcd.io/etcd/api/v3 v3.5.9 // indirect
|
||||||
go.etcd.io/etcd/client/pkg/v3 v3.5.9 // indirect
|
go.etcd.io/etcd/client/pkg/v3 v3.5.9 // indirect
|
||||||
go.etcd.io/etcd/client/v3 v3.5.9 // indirect
|
go.etcd.io/etcd/client/v3 v3.5.9 // indirect
|
||||||
@ -146,7 +146,7 @@ require (
|
|||||||
go.uber.org/multierr v1.11.0 // indirect
|
go.uber.org/multierr v1.11.0 // indirect
|
||||||
golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect
|
golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect
|
||||||
golang.org/x/mod v0.10.0 // indirect
|
golang.org/x/mod v0.10.0 // indirect
|
||||||
golang.org/x/sys v0.11.0 // indirect
|
golang.org/x/sys v0.12.0 // indirect
|
||||||
golang.org/x/time v0.3.0 // indirect
|
golang.org/x/time v0.3.0 // indirect
|
||||||
golang.org/x/tools v0.8.0 // indirect
|
golang.org/x/tools v0.8.0 // indirect
|
||||||
google.golang.org/appengine v1.6.7 // indirect
|
google.golang.org/appengine v1.6.7 // indirect
|
||||||
|
40
go.sum
40
go.sum
@ -75,8 +75,8 @@ github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL
|
|||||||
github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
|
github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
|
||||||
github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
|
github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
|
||||||
github.com/chromedp/cdproto v0.0.0-20230802225258-3cf4e6d46a89/go.mod h1:GKljq0VrfU4D5yc+2qA6OVr8pmO/MBbPEWqWQ/oqGEs=
|
github.com/chromedp/cdproto v0.0.0-20230802225258-3cf4e6d46a89/go.mod h1:GKljq0VrfU4D5yc+2qA6OVr8pmO/MBbPEWqWQ/oqGEs=
|
||||||
github.com/chromedp/cdproto v0.0.0-20230828023241-f357fd93b5d6 h1:lyUj4I0kT1UjLOHtAY1Pbx5rH9LfGFXhvY8oWmuIZ1w=
|
github.com/chromedp/cdproto v0.0.0-20230901104747-bfe71bcbd1c0 h1:hK7r7hm+LpvnJ2486YnQYFTBeh/knxvCfNfWrlTNcxY=
|
||||||
github.com/chromedp/cdproto v0.0.0-20230828023241-f357fd93b5d6/go.mod h1:GKljq0VrfU4D5yc+2qA6OVr8pmO/MBbPEWqWQ/oqGEs=
|
github.com/chromedp/cdproto v0.0.0-20230901104747-bfe71bcbd1c0/go.mod h1:GKljq0VrfU4D5yc+2qA6OVr8pmO/MBbPEWqWQ/oqGEs=
|
||||||
github.com/chromedp/chromedp v0.9.2 h1:dKtNz4kApb06KuSXoTQIyUC2TrA0fhGDwNZf3bcgfKw=
|
github.com/chromedp/chromedp v0.9.2 h1:dKtNz4kApb06KuSXoTQIyUC2TrA0fhGDwNZf3bcgfKw=
|
||||||
github.com/chromedp/chromedp v0.9.2/go.mod h1:LkSXJKONWTCHAfQasKFUZI+mxqS4tZqhmtGzzhLsnLs=
|
github.com/chromedp/chromedp v0.9.2/go.mod h1:LkSXJKONWTCHAfQasKFUZI+mxqS4tZqhmtGzzhLsnLs=
|
||||||
github.com/chromedp/sysutil v1.0.0 h1:+ZxhTpfpZlmchB58ih/LBHX52ky7w2VhQVKQMucy3Ic=
|
github.com/chromedp/sysutil v1.0.0 h1:+ZxhTpfpZlmchB58ih/LBHX52ky7w2VhQVKQMucy3Ic=
|
||||||
@ -478,10 +478,10 @@ github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXl
|
|||||||
github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw=
|
github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw=
|
||||||
github.com/subosito/gotenv v1.4.0 h1:yAzM1+SmVcz5R4tXGsNMu1jUl2aOJXoiWUCEwwnGrvs=
|
github.com/subosito/gotenv v1.4.0 h1:yAzM1+SmVcz5R4tXGsNMu1jUl2aOJXoiWUCEwwnGrvs=
|
||||||
github.com/subosito/gotenv v1.4.0/go.mod h1:mZd6rFysKEcUhUHXJk0C/08wAgyDBFuwEYL7vWWGaGo=
|
github.com/subosito/gotenv v1.4.0/go.mod h1:mZd6rFysKEcUhUHXJk0C/08wAgyDBFuwEYL7vWWGaGo=
|
||||||
github.com/tdewolff/minify/v2 v2.12.8 h1:Q2BqOTmlMjoutkuD/OPCnJUpIqrzT3nRPkw+q+KpXS0=
|
github.com/tdewolff/minify/v2 v2.12.9 h1:dvn5MtmuQ/DFMwqf5j8QhEVpPX6fi3WGImhv8RUB4zA=
|
||||||
github.com/tdewolff/minify/v2 v2.12.8/go.mod h1:YRgk7CC21LZnbuke2fmYnCTq+zhCgpb0yJACOTUNJ1E=
|
github.com/tdewolff/minify/v2 v2.12.9/go.mod h1:qOqdlDfL+7v0/fyymB+OP497nIxJYSvX4MQWA8OoiXU=
|
||||||
github.com/tdewolff/parse/v2 v2.6.7 h1:WrFllrqmzAcrKHzoYgMupqgUBIfBVOb0yscFzDf8bBg=
|
github.com/tdewolff/parse/v2 v2.6.8 h1:mhNZXYCx//xG7Yq2e/kVLNZw4YfYmeHbhx+Zc0OvFMA=
|
||||||
github.com/tdewolff/parse/v2 v2.6.7/go.mod h1:XHDhaU6IBgsryfdnpzUXBlT6leW/l25yrFBTEb4eIyM=
|
github.com/tdewolff/parse/v2 v2.6.8/go.mod h1:XHDhaU6IBgsryfdnpzUXBlT6leW/l25yrFBTEb4eIyM=
|
||||||
github.com/tdewolff/test v1.0.9 h1:SswqJCmeN4B+9gEAi/5uqT0qpi1y2/2O47V/1hhGZT0=
|
github.com/tdewolff/test v1.0.9 h1:SswqJCmeN4B+9gEAi/5uqT0qpi1y2/2O47V/1hhGZT0=
|
||||||
github.com/tdewolff/test v1.0.9/go.mod h1:6DAvZliBAAnD7rhVgwaM7DE5/d9NMOAJ09SqYqeK4QE=
|
github.com/tdewolff/test v1.0.9/go.mod h1:6DAvZliBAAnD7rhVgwaM7DE5/d9NMOAJ09SqYqeK4QE=
|
||||||
github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
|
github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
|
||||||
@ -559,8 +559,8 @@ golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm
|
|||||||
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||||
golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||||
golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
|
golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
|
||||||
golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk=
|
golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck=
|
||||||
golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
|
golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
|
||||||
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||||
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||||
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
|
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
|
||||||
@ -639,8 +639,8 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b
|
|||||||
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
||||||
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
|
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
|
||||||
golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
|
golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
|
||||||
golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14=
|
golang.org/x/net v0.15.0 h1:ugBLEUaxABaB5AJqW9enI0ACdci2RUd4eP51NTBvuJ8=
|
||||||
golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
|
golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
|
||||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||||
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||||
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||||
@ -651,8 +651,8 @@ golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ
|
|||||||
golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
|
golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
|
||||||
golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
|
golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
|
||||||
golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
|
golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
|
||||||
golang.org/x/oauth2 v0.11.0 h1:vPL4xzxBM4niKCW6g9whtaWVXTJf1U5e4aZxxFx/gbU=
|
golang.org/x/oauth2 v0.12.0 h1:smVPGxink+n1ZI5pkQa8y6fZT0RW0MgCO5bFpepy4B4=
|
||||||
golang.org/x/oauth2 v0.11.0/go.mod h1:LdF7O/8bLR/qWK9DrpXmbHLTouvRHK0SgJl0GmDBchk=
|
golang.org/x/oauth2 v0.12.0/go.mod h1:A74bZ3aGXgCY0qaIC9Ahg6Lglin4AMAco8cIv9baba4=
|
||||||
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
@ -716,14 +716,14 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc
|
|||||||
golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM=
|
golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
|
||||||
golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||||
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
|
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
|
||||||
golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
|
golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
|
||||||
golang.org/x/term v0.11.0 h1:F9tnn/DA/Im8nCwm+fX+1/eBwi4qFjRT++MhtVC4ZX0=
|
golang.org/x/term v0.12.0 h1:/ZfYdc3zq+q02Rv9vGqTeSItdzZTSNDmfTi0mBAuidU=
|
||||||
golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU=
|
golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
|
||||||
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
@ -734,8 +734,8 @@ golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
|||||||
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
||||||
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||||
golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
|
golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
|
||||||
golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc=
|
golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
|
||||||
golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
|
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
|
||||||
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
@ -962,8 +962,8 @@ k8s.io/client-go v0.28.1 h1:pRhMzB8HyLfVwpngWKE8hDcXRqifh1ga2Z/PU9SXVK8=
|
|||||||
k8s.io/client-go v0.28.1/go.mod h1:pEZA3FqOsVkCc07pFVzK076R+P/eXqsgx5zuuRWukNE=
|
k8s.io/client-go v0.28.1/go.mod h1:pEZA3FqOsVkCc07pFVzK076R+P/eXqsgx5zuuRWukNE=
|
||||||
k8s.io/component-base v0.28.1 h1:LA4AujMlK2mr0tZbQDZkjWbdhTV5bRyEyAFe0TJxlWg=
|
k8s.io/component-base v0.28.1 h1:LA4AujMlK2mr0tZbQDZkjWbdhTV5bRyEyAFe0TJxlWg=
|
||||||
k8s.io/component-base v0.28.1/go.mod h1:jI11OyhbX21Qtbav7JkhehyBsIRfnO8oEgoAR12ArIU=
|
k8s.io/component-base v0.28.1/go.mod h1:jI11OyhbX21Qtbav7JkhehyBsIRfnO8oEgoAR12ArIU=
|
||||||
k8s.io/gengo v0.0.0-20230825065918-3239622df7ae h1:hNgjZGMeTuB+RGxdIVdX3sLtqtv16SDFGWlPKy7R9Kg=
|
k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01 h1:pWEwq4Asjm4vjW7vcsmijwBhOr1/shsbSYiWXmNGlks=
|
||||||
k8s.io/gengo v0.0.0-20230825065918-3239622df7ae/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
|
k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
|
||||||
k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
|
k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
|
||||||
k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg=
|
k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg=
|
||||||
k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
|
k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
|
||||||
|
@ -15,7 +15,7 @@
|
|||||||
# hidden behind a `GOEXPERIMENT=boringcrypto` env var.
|
# hidden behind a `GOEXPERIMENT=boringcrypto` env var.
|
||||||
# See https://go.googlesource.com/go/+/dev.boringcrypto/README.boringcrypto.md
|
# See https://go.googlesource.com/go/+/dev.boringcrypto/README.boringcrypto.md
|
||||||
# and https://kupczynski.info/posts/fips-golang/ for details.
|
# and https://kupczynski.info/posts/fips-golang/ for details.
|
||||||
FROM golang:1.20.7 as build-env
|
FROM golang:1.21.0 as build-env
|
||||||
|
|
||||||
WORKDIR /work
|
WORKDIR /work
|
||||||
COPY . .
|
COPY . .
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
module go.pinniped.dev/update-go-mod
|
module go.pinniped.dev/update-go-mod
|
||||||
|
|
||||||
go 1.19
|
go 1.20
|
||||||
|
|
||||||
require golang.org/x/mod v0.12.0
|
require golang.org/x/mod v0.12.0
|
||||||
|
@ -6,6 +6,7 @@ package activedirectoryupstreamwatcher
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
"encoding/base64"
|
||||||
"fmt"
|
"fmt"
|
||||||
"regexp"
|
"regexp"
|
||||||
"strconv"
|
"strconv"
|
||||||
@ -344,7 +345,7 @@ func (c *activeDirectoryWatcherController) validateUpstream(ctx context.Context,
|
|||||||
"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID"),
|
"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID"),
|
||||||
},
|
},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
pwdLastSetAttribute: upstreamldap.AttributeUnchangedSinceLogin(pwdLastSetAttribute),
|
pwdLastSetAttribute: attributeUnchangedSinceLogin(pwdLastSetAttribute),
|
||||||
userAccountControlAttribute: validUserAccountControl,
|
userAccountControlAttribute: validUserAccountControl,
|
||||||
userAccountControlComputedAttribute: validComputedUserAccountControl,
|
userAccountControlComputedAttribute: validComputedUserAccountControl,
|
||||||
},
|
},
|
||||||
@ -387,7 +388,8 @@ func (c *activeDirectoryWatcherController) updateStatus(ctx context.Context, ups
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func microsoftUUIDFromBinaryAttr(attributeName string) func(entry *ldap.Entry) (string, error) {
|
//nolint:gochecknoglobals // this needs to be a global variable so that tests can check pointer equality
|
||||||
|
var microsoftUUIDFromBinaryAttr = func(attributeName string) func(*ldap.Entry) (string, error) {
|
||||||
// validation has already been done so we can just get the attribute...
|
// validation has already been done so we can just get the attribute...
|
||||||
return func(entry *ldap.Entry) (string, error) {
|
return func(entry *ldap.Entry) (string, error) {
|
||||||
binaryUUID := entry.GetRawAttributeValue(attributeName)
|
binaryUUID := entry.GetRawAttributeValue(attributeName)
|
||||||
@ -442,7 +444,8 @@ func getDomainFromDistinguishedName(distinguishedName string) (string, error) {
|
|||||||
return strings.Join(domainComponents[1:], "."), nil
|
return strings.Join(domainComponents[1:], "."), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func validUserAccountControl(entry *ldap.Entry, _ provider.RefreshAttributes) error {
|
//nolint:gochecknoglobals // this needs to be a global variable so that tests can check pointer equality
|
||||||
|
var validUserAccountControl = func(entry *ldap.Entry, _ provider.RefreshAttributes) error {
|
||||||
userAccountControl, err := strconv.Atoi(entry.GetAttributeValue(userAccountControlAttribute))
|
userAccountControl, err := strconv.Atoi(entry.GetAttributeValue(userAccountControlAttribute))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
@ -455,7 +458,8 @@ func validUserAccountControl(entry *ldap.Entry, _ provider.RefreshAttributes) er
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func validComputedUserAccountControl(entry *ldap.Entry, _ provider.RefreshAttributes) error {
|
//nolint:gochecknoglobals // this needs to be a global variable so that tests can check pointer equality
|
||||||
|
var validComputedUserAccountControl = func(entry *ldap.Entry, _ provider.RefreshAttributes) error {
|
||||||
userAccountControl, err := strconv.Atoi(entry.GetAttributeValue(userAccountControlComputedAttribute))
|
userAccountControl, err := strconv.Atoi(entry.GetAttributeValue(userAccountControlComputedAttribute))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
@ -467,3 +471,20 @@ func validComputedUserAccountControl(entry *ldap.Entry, _ provider.RefreshAttrib
|
|||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//nolint:gochecknoglobals // this needs to be a global variable so that tests can check pointer equality
|
||||||
|
var attributeUnchangedSinceLogin = func(attribute string) func(*ldap.Entry, provider.RefreshAttributes) error {
|
||||||
|
return func(entry *ldap.Entry, storedAttributes provider.RefreshAttributes) error {
|
||||||
|
prevAttributeValue := storedAttributes.AdditionalAttributes[attribute]
|
||||||
|
newValues := entry.GetRawAttributeValues(attribute)
|
||||||
|
|
||||||
|
if len(newValues) != 1 {
|
||||||
|
return fmt.Errorf(`expected to find 1 value for %q attribute, but found %d`, attribute, len(newValues))
|
||||||
|
}
|
||||||
|
encodedNewValue := base64.RawURLEncoding.EncodeToString(newValues[0])
|
||||||
|
if prevAttributeValue != encodedNewValue {
|
||||||
|
return fmt.Errorf(`value for attribute %q has changed since initial value at login`, attribute)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@ -230,7 +230,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) {
|
|||||||
},
|
},
|
||||||
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
"pwdLastSet": upstreamldap.AttributeUnchangedSinceLogin("pwdLastSet"),
|
"pwdLastSet": attributeUnchangedSinceLogin("pwdLastSet"),
|
||||||
"userAccountControl": validUserAccountControl,
|
"userAccountControl": validUserAccountControl,
|
||||||
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
||||||
},
|
},
|
||||||
@ -573,7 +573,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) {
|
|||||||
},
|
},
|
||||||
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
"pwdLastSet": upstreamldap.AttributeUnchangedSinceLogin("pwdLastSet"),
|
"pwdLastSet": attributeUnchangedSinceLogin("pwdLastSet"),
|
||||||
"userAccountControl": validUserAccountControl,
|
"userAccountControl": validUserAccountControl,
|
||||||
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
||||||
},
|
},
|
||||||
@ -643,7 +643,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) {
|
|||||||
},
|
},
|
||||||
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
"pwdLastSet": upstreamldap.AttributeUnchangedSinceLogin("pwdLastSet"),
|
"pwdLastSet": attributeUnchangedSinceLogin("pwdLastSet"),
|
||||||
"userAccountControl": validUserAccountControl,
|
"userAccountControl": validUserAccountControl,
|
||||||
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
||||||
},
|
},
|
||||||
@ -716,7 +716,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) {
|
|||||||
},
|
},
|
||||||
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
"pwdLastSet": upstreamldap.AttributeUnchangedSinceLogin("pwdLastSet"),
|
"pwdLastSet": attributeUnchangedSinceLogin("pwdLastSet"),
|
||||||
"userAccountControl": validUserAccountControl,
|
"userAccountControl": validUserAccountControl,
|
||||||
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
||||||
},
|
},
|
||||||
@ -796,7 +796,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) {
|
|||||||
},
|
},
|
||||||
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
"pwdLastSet": upstreamldap.AttributeUnchangedSinceLogin("pwdLastSet"),
|
"pwdLastSet": attributeUnchangedSinceLogin("pwdLastSet"),
|
||||||
"userAccountControl": validUserAccountControl,
|
"userAccountControl": validUserAccountControl,
|
||||||
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
||||||
},
|
},
|
||||||
@ -860,7 +860,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) {
|
|||||||
},
|
},
|
||||||
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
"pwdLastSet": upstreamldap.AttributeUnchangedSinceLogin("pwdLastSet"),
|
"pwdLastSet": attributeUnchangedSinceLogin("pwdLastSet"),
|
||||||
"userAccountControl": validUserAccountControl,
|
"userAccountControl": validUserAccountControl,
|
||||||
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
||||||
},
|
},
|
||||||
@ -1011,7 +1011,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) {
|
|||||||
},
|
},
|
||||||
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
"pwdLastSet": upstreamldap.AttributeUnchangedSinceLogin("pwdLastSet"),
|
"pwdLastSet": attributeUnchangedSinceLogin("pwdLastSet"),
|
||||||
"userAccountControl": validUserAccountControl,
|
"userAccountControl": validUserAccountControl,
|
||||||
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
||||||
},
|
},
|
||||||
@ -1161,7 +1161,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) {
|
|||||||
},
|
},
|
||||||
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
"pwdLastSet": upstreamldap.AttributeUnchangedSinceLogin("pwdLastSet"),
|
"pwdLastSet": attributeUnchangedSinceLogin("pwdLastSet"),
|
||||||
"userAccountControl": validUserAccountControl,
|
"userAccountControl": validUserAccountControl,
|
||||||
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
||||||
}},
|
}},
|
||||||
@ -1233,7 +1233,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) {
|
|||||||
},
|
},
|
||||||
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
"pwdLastSet": upstreamldap.AttributeUnchangedSinceLogin("pwdLastSet"),
|
"pwdLastSet": attributeUnchangedSinceLogin("pwdLastSet"),
|
||||||
"userAccountControl": validUserAccountControl,
|
"userAccountControl": validUserAccountControl,
|
||||||
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
||||||
},
|
},
|
||||||
@ -1500,7 +1500,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) {
|
|||||||
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
||||||
GroupAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"sAMAccountName": groupSAMAccountNameWithDomainSuffix},
|
GroupAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"sAMAccountName": groupSAMAccountNameWithDomainSuffix},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
"pwdLastSet": upstreamldap.AttributeUnchangedSinceLogin("pwdLastSet"),
|
"pwdLastSet": attributeUnchangedSinceLogin("pwdLastSet"),
|
||||||
"userAccountControl": validUserAccountControl,
|
"userAccountControl": validUserAccountControl,
|
||||||
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
||||||
},
|
},
|
||||||
@ -1560,7 +1560,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) {
|
|||||||
},
|
},
|
||||||
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
"pwdLastSet": upstreamldap.AttributeUnchangedSinceLogin("pwdLastSet"),
|
"pwdLastSet": attributeUnchangedSinceLogin("pwdLastSet"),
|
||||||
"userAccountControl": validUserAccountControl,
|
"userAccountControl": validUserAccountControl,
|
||||||
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
||||||
},
|
},
|
||||||
@ -1624,7 +1624,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) {
|
|||||||
},
|
},
|
||||||
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
"pwdLastSet": upstreamldap.AttributeUnchangedSinceLogin("pwdLastSet"),
|
"pwdLastSet": attributeUnchangedSinceLogin("pwdLastSet"),
|
||||||
"userAccountControl": validUserAccountControl,
|
"userAccountControl": validUserAccountControl,
|
||||||
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
||||||
},
|
},
|
||||||
@ -1688,7 +1688,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) {
|
|||||||
},
|
},
|
||||||
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
"pwdLastSet": upstreamldap.AttributeUnchangedSinceLogin("pwdLastSet"),
|
"pwdLastSet": attributeUnchangedSinceLogin("pwdLastSet"),
|
||||||
"userAccountControl": validUserAccountControl,
|
"userAccountControl": validUserAccountControl,
|
||||||
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
||||||
},
|
},
|
||||||
@ -1900,7 +1900,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) {
|
|||||||
},
|
},
|
||||||
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
"pwdLastSet": upstreamldap.AttributeUnchangedSinceLogin("pwdLastSet"),
|
"pwdLastSet": attributeUnchangedSinceLogin("pwdLastSet"),
|
||||||
"userAccountControl": validUserAccountControl,
|
"userAccountControl": validUserAccountControl,
|
||||||
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
||||||
},
|
},
|
||||||
@ -1963,7 +1963,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) {
|
|||||||
},
|
},
|
||||||
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
UIDAttributeParsingOverrides: map[string]func(*ldap.Entry) (string, error){"objectGUID": microsoftUUIDFromBinaryAttr("objectGUID")},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
"pwdLastSet": upstreamldap.AttributeUnchangedSinceLogin("pwdLastSet"),
|
"pwdLastSet": attributeUnchangedSinceLogin("pwdLastSet"),
|
||||||
"userAccountControl": validUserAccountControl,
|
"userAccountControl": validUserAccountControl,
|
||||||
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
"msDS-User-Account-Control-Computed": validComputedUserAccountControl,
|
||||||
},
|
},
|
||||||
@ -2426,3 +2426,77 @@ func TestValidComputedUserAccountControl(t *testing.T) {
|
|||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestAttributeUnchangedSinceLogin(t *testing.T) {
|
||||||
|
initialVal := "some-attribute-value"
|
||||||
|
changedVal := "some-different-attribute-value"
|
||||||
|
attributeName := "some-attribute-name"
|
||||||
|
tests := []struct {
|
||||||
|
name string
|
||||||
|
entry *ldap.Entry
|
||||||
|
wantResult bool
|
||||||
|
wantErr string
|
||||||
|
}{
|
||||||
|
{
|
||||||
|
name: "happy path where value has not changed since login",
|
||||||
|
entry: &ldap.Entry{
|
||||||
|
DN: "some-dn",
|
||||||
|
Attributes: []*ldap.EntryAttribute{
|
||||||
|
{
|
||||||
|
Name: attributeName,
|
||||||
|
Values: []string{initialVal},
|
||||||
|
ByteValues: [][]byte{[]byte(initialVal)},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "password has been reset since login",
|
||||||
|
entry: &ldap.Entry{
|
||||||
|
DN: "some-dn",
|
||||||
|
Attributes: []*ldap.EntryAttribute{
|
||||||
|
{
|
||||||
|
Name: attributeName,
|
||||||
|
Values: []string{changedVal},
|
||||||
|
ByteValues: [][]byte{[]byte(changedVal)},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
wantErr: "value for attribute \"some-attribute-name\" has changed since initial value at login",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "no value for attribute attribute",
|
||||||
|
entry: &ldap.Entry{
|
||||||
|
DN: "some-dn",
|
||||||
|
Attributes: []*ldap.EntryAttribute{},
|
||||||
|
},
|
||||||
|
wantErr: "expected to find 1 value for \"some-attribute-name\" attribute, but found 0",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "too many values for attribute",
|
||||||
|
entry: &ldap.Entry{
|
||||||
|
DN: "some-dn",
|
||||||
|
Attributes: []*ldap.EntryAttribute{
|
||||||
|
{
|
||||||
|
Name: attributeName,
|
||||||
|
ByteValues: [][]byte{[]byte("val1"), []byte("val2")},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
wantErr: "expected to find 1 value for \"some-attribute-name\" attribute, but found 2",
|
||||||
|
},
|
||||||
|
}
|
||||||
|
for _, test := range tests {
|
||||||
|
tt := test
|
||||||
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
|
initialValRawEncoded := base64.RawURLEncoding.EncodeToString([]byte(initialVal))
|
||||||
|
err := attributeUnchangedSinceLogin(attributeName)(tt.entry, provider.RefreshAttributes{AdditionalAttributes: map[string]string{attributeName: initialValRawEncoded}})
|
||||||
|
if tt.wantErr != "" {
|
||||||
|
require.Error(t, err)
|
||||||
|
require.Equal(t, tt.wantErr, err.Error())
|
||||||
|
} else {
|
||||||
|
require.NoError(t, err)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@ -2,7 +2,6 @@
|
|||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
//go:build fips_strict
|
//go:build fips_strict
|
||||||
// +build fips_strict
|
|
||||||
|
|
||||||
package fips
|
package fips
|
||||||
|
|
||||||
|
@ -1,8 +1,7 @@
|
|||||||
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2021-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
//go:build !fips_strict
|
//go:build !fips_strict
|
||||||
// +build !fips_strict
|
|
||||||
|
|
||||||
package ptls
|
package ptls
|
||||||
|
|
||||||
|
@ -5,7 +5,6 @@
|
|||||||
// configs when Pinniped is built in fips-only mode.
|
// configs when Pinniped is built in fips-only mode.
|
||||||
// All of these are the same because FIPs is already so limited.
|
// All of these are the same because FIPs is already so limited.
|
||||||
//go:build fips_strict
|
//go:build fips_strict
|
||||||
// +build fips_strict
|
|
||||||
|
|
||||||
package ptls
|
package ptls
|
||||||
|
|
||||||
|
@ -1,8 +1,7 @@
|
|||||||
// Copyright 2021 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2021-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
//go:build !go1.17
|
//go:build !go1.19
|
||||||
// +build !go1.17
|
|
||||||
|
|
||||||
package ptls
|
package ptls
|
||||||
|
|
||||||
@ -10,6 +9,6 @@ func init() {
|
|||||||
// cause compile time failure if an older version of Go is used
|
// cause compile time failure if an older version of Go is used
|
||||||
`Pinniped's TLS configuration makes assumptions about how the Go standard library implementation of TLS works.
|
`Pinniped's TLS configuration makes assumptions about how the Go standard library implementation of TLS works.
|
||||||
It particular, we rely on the server controlling cipher suite selection. For these assumptions to hold, Pinniped
|
It particular, we rely on the server controlling cipher suite selection. For these assumptions to hold, Pinniped
|
||||||
must be compiled with Go 1.17+. If you are seeing this error message, your attempt to compile Pinniped with an
|
must be compiled with Go 1.19+. If you are seeing this error message, your attempt to compile Pinniped with an
|
||||||
older Go compiler was explicitly failed to prevent an unsafe configuration.`
|
older Go compiler was explicitly failed to prevent an unsafe configuration.`
|
||||||
}
|
}
|
||||||
|
@ -1,8 +1,7 @@
|
|||||||
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2021-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
//go:build !fips_strict
|
//go:build !fips_strict
|
||||||
// +build !fips_strict
|
|
||||||
|
|
||||||
package ptls
|
package ptls
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2021 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2021-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package execcredcache
|
package execcredcache
|
||||||
@ -11,8 +11,6 @@ import (
|
|||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
clientauthenticationv1beta1 "k8s.io/client-go/pkg/apis/clientauthentication/v1beta1"
|
clientauthenticationv1beta1 "k8s.io/client-go/pkg/apis/clientauthentication/v1beta1"
|
||||||
|
|
||||||
"go.pinniped.dev/internal/testutil"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
@ -100,7 +98,7 @@ func TestWriteTo(t *testing.T) {
|
|||||||
t.Parallel()
|
t.Parallel()
|
||||||
t.Run("io error", func(t *testing.T) {
|
t.Run("io error", func(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
tmp := testutil.TempDir(t) + "/credentials.yaml"
|
tmp := t.TempDir() + "/credentials.yaml"
|
||||||
require.NoError(t, os.Mkdir(tmp, 0700))
|
require.NoError(t, os.Mkdir(tmp, 0700))
|
||||||
err := validCache.writeTo(tmp)
|
err := validCache.writeTo(tmp)
|
||||||
require.EqualError(t, err, "open "+tmp+": is a directory")
|
require.EqualError(t, err, "open "+tmp+": is a directory")
|
||||||
@ -108,7 +106,7 @@ func TestWriteTo(t *testing.T) {
|
|||||||
|
|
||||||
t.Run("success", func(t *testing.T) {
|
t.Run("success", func(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
require.NoError(t, validCache.writeTo(testutil.TempDir(t)+"/credentials.yaml"))
|
require.NoError(t, validCache.writeTo(t.TempDir()+"/credentials.yaml"))
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2021-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package execcredcache
|
package execcredcache
|
||||||
@ -14,13 +14,11 @@ import (
|
|||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
clientauthenticationv1beta1 "k8s.io/client-go/pkg/apis/clientauthentication/v1beta1"
|
clientauthenticationv1beta1 "k8s.io/client-go/pkg/apis/clientauthentication/v1beta1"
|
||||||
|
|
||||||
"go.pinniped.dev/internal/testutil"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestNew(t *testing.T) {
|
func TestNew(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
tmp := testutil.TempDir(t) + "/credentials.yaml"
|
tmp := t.TempDir() + "/credentials.yaml"
|
||||||
c := New(tmp)
|
c := New(tmp)
|
||||||
require.NotNil(t, c)
|
require.NotNil(t, c)
|
||||||
require.Equal(t, tmp, c.path)
|
require.Equal(t, tmp, c.path)
|
||||||
@ -167,7 +165,7 @@ func TestGet(t *testing.T) {
|
|||||||
tt := tt
|
tt := tt
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
tmp := testutil.TempDir(t) + "/sessions.yaml"
|
tmp := t.TempDir() + "/sessions.yaml"
|
||||||
if tt.makeTestFile != nil {
|
if tt.makeTestFile != nil {
|
||||||
tt.makeTestFile(t, tmp)
|
tt.makeTestFile(t, tmp)
|
||||||
}
|
}
|
||||||
@ -333,7 +331,7 @@ func TestPutToken(t *testing.T) {
|
|||||||
tt := tt
|
tt := tt
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
tmp := testutil.TempDir(t) + "/cachedir/credentials.yaml"
|
tmp := t.TempDir() + "/cachedir/credentials.yaml"
|
||||||
if tt.makeTestFile != nil {
|
if tt.makeTestFile != nil {
|
||||||
tt.makeTestFile(t, tmp)
|
tt.makeTestFile(t, tmp)
|
||||||
}
|
}
|
||||||
|
@ -11,7 +11,6 @@ import (
|
|||||||
"os"
|
"os"
|
||||||
"runtime"
|
"runtime"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
@ -44,8 +43,6 @@ func TestFormat(t *testing.T) {
|
|||||||
wd, err := os.Getwd()
|
wd, err := os.Getwd()
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
||||||
const startLogLine = 47 // make this match the current line number
|
|
||||||
|
|
||||||
Info("hello", "happy", "day", "duration", time.Hour+time.Minute)
|
Info("hello", "happy", "day", "duration", time.Hour+time.Minute)
|
||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
require.NoError(t, scanner.Err())
|
require.NoError(t, scanner.Err())
|
||||||
@ -57,7 +54,7 @@ func TestFormat(t *testing.T) {
|
|||||||
"message": "hello",
|
"message": "hello",
|
||||||
"happy": "day",
|
"happy": "day",
|
||||||
"duration": "1h1m0s"
|
"duration": "1h1m0s"
|
||||||
}`, wd, startLogLine+2), scanner.Text())
|
}`, wd, getLineNumberOfCaller()-11), scanner.Text())
|
||||||
|
|
||||||
Logr().WithName("burrito").Error(errInvalidLogLevel, "wee", "a", "b")
|
Logr().WithName("burrito").Error(errInvalidLogLevel, "wee", "a", "b")
|
||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
@ -71,7 +68,7 @@ func TestFormat(t *testing.T) {
|
|||||||
"a": "b",
|
"a": "b",
|
||||||
"error": "invalid log level, valid choices are the empty string, info, debug, trace and all",
|
"error": "invalid log level, valid choices are the empty string, info, debug, trace and all",
|
||||||
"logger": "burrito"
|
"logger": "burrito"
|
||||||
}`, wd, startLogLine+2+13), scanner.Text())
|
}`, wd, getLineNumberOfCaller()-12), scanner.Text())
|
||||||
|
|
||||||
Logr().V(klogLevelWarning).Info("hey") // note that this fails to set the custom warning key because it is not via plog
|
Logr().V(klogLevelWarning).Info("hey") // note that this fails to set the custom warning key because it is not via plog
|
||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
@ -82,7 +79,7 @@ func TestFormat(t *testing.T) {
|
|||||||
"timestamp": "2022-11-21T23:37:26.953313Z",
|
"timestamp": "2022-11-21T23:37:26.953313Z",
|
||||||
"caller": "%s/config_test.go:%d$plog.TestFormat",
|
"caller": "%s/config_test.go:%d$plog.TestFormat",
|
||||||
"message": "hey"
|
"message": "hey"
|
||||||
}`, wd, startLogLine+2+13+14), scanner.Text())
|
}`, wd, getLineNumberOfCaller()-9), scanner.Text())
|
||||||
|
|
||||||
Warning("bad stuff") // note that this sets the custom warning key because it is via plog
|
Warning("bad stuff") // note that this sets the custom warning key because it is via plog
|
||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
@ -94,7 +91,7 @@ func TestFormat(t *testing.T) {
|
|||||||
"caller": "%s/config_test.go:%d$plog.TestFormat",
|
"caller": "%s/config_test.go:%d$plog.TestFormat",
|
||||||
"message": "bad stuff",
|
"message": "bad stuff",
|
||||||
"warning": true
|
"warning": true
|
||||||
}`, wd, startLogLine+2+13+14+11), scanner.Text())
|
}`, wd, getLineNumberOfCaller()-10), scanner.Text())
|
||||||
|
|
||||||
func() { DebugErr("something happened", errInvalidLogFormat, "an", "item") }()
|
func() { DebugErr("something happened", errInvalidLogFormat, "an", "item") }()
|
||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
@ -107,7 +104,7 @@ func TestFormat(t *testing.T) {
|
|||||||
"message": "something happened",
|
"message": "something happened",
|
||||||
"error": "invalid log format, valid choices are the empty string, json and text",
|
"error": "invalid log format, valid choices are the empty string, json and text",
|
||||||
"an": "item"
|
"an": "item"
|
||||||
}`, wd, startLogLine+2+13+14+11+12), scanner.Text())
|
}`, wd, getLineNumberOfCaller()-11), scanner.Text())
|
||||||
|
|
||||||
Trace("should not be logged", "for", "sure")
|
Trace("should not be logged", "for", "sure")
|
||||||
require.Empty(t, buf.String())
|
require.Empty(t, buf.String())
|
||||||
@ -124,11 +121,6 @@ func TestFormat(t *testing.T) {
|
|||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
require.NoError(t, scanner.Err())
|
require.NoError(t, scanner.Err())
|
||||||
|
|
||||||
line := "1576"
|
|
||||||
if strings.Contains(runtime.Version(), "1.19") {
|
|
||||||
line = "1446"
|
|
||||||
}
|
|
||||||
|
|
||||||
require.JSONEq(t, fmt.Sprintf(`
|
require.JSONEq(t, fmt.Sprintf(`
|
||||||
{
|
{
|
||||||
"level": "info",
|
"level": "info",
|
||||||
@ -137,14 +129,14 @@ func TestFormat(t *testing.T) {
|
|||||||
"message": "has a stack trace!",
|
"message": "has a stack trace!",
|
||||||
"logger": "stacky.does",
|
"logger": "stacky.does",
|
||||||
"stacktrace": %s
|
"stacktrace": %s
|
||||||
}`, wd, startLogLine+2+13+14+11+12+24,
|
}`, wd, getLineNumberOfCaller()-12,
|
||||||
strconv.Quote(
|
strconv.Quote(
|
||||||
fmt.Sprintf(
|
fmt.Sprintf(
|
||||||
`go.pinniped.dev/internal/plog.TestFormat
|
`go.pinniped.dev/internal/plog.TestFormat
|
||||||
%s/config_test.go:%d
|
%s/config_test.go:%d
|
||||||
testing.tRunner
|
testing.tRunner
|
||||||
%s/src/testing/testing.go:%s`,
|
%s/src/testing/testing.go:%d`,
|
||||||
wd, startLogLine+2+13+14+11+12+24, runtime.GOROOT(), line,
|
wd, getLineNumberOfCaller()-19, runtime.GOROOT(), getLineNumberOfCaller(2),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
), scanner.Text())
|
), scanner.Text())
|
||||||
@ -158,13 +150,13 @@ testing.tRunner
|
|||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
require.NoError(t, scanner.Err())
|
require.NoError(t, scanner.Err())
|
||||||
require.Equal(t, fmt.Sprintf(nowStr+` plog/config_test.go:%d something happened {"error": "invalid log format, valid choices are the empty string, json and text", "an": "item"}`,
|
require.Equal(t, fmt.Sprintf(nowStr+` plog/config_test.go:%d something happened {"error": "invalid log format, valid choices are the empty string, json and text", "an": "item"}`,
|
||||||
startLogLine+2+13+14+11+12+24+28+6), scanner.Text())
|
getLineNumberOfCaller()-4), scanner.Text())
|
||||||
|
|
||||||
Logr().WithName("burrito").Error(errInvalidLogLevel, "wee", "a", "b", "slightly less than a year", 363*24*time.Hour, "slightly more than 2 years", 2*367*24*time.Hour)
|
Logr().WithName("burrito").Error(errInvalidLogLevel, "wee", "a", "b", "slightly less than a year", 363*24*time.Hour, "slightly more than 2 years", 2*367*24*time.Hour)
|
||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
require.NoError(t, scanner.Err())
|
require.NoError(t, scanner.Err())
|
||||||
require.Equal(t, fmt.Sprintf(nowStr+` burrito plog/config_test.go:%d wee {"a": "b", "slightly less than a year": "363d", "slightly more than 2 years": "2y4d", "error": "invalid log level, valid choices are the empty string, info, debug, trace and all"}`,
|
require.Equal(t, fmt.Sprintf(nowStr+` burrito plog/config_test.go:%d wee {"a": "b", "slightly less than a year": "363d", "slightly more than 2 years": "2y4d", "error": "invalid log level, valid choices are the empty string, info, debug, trace and all"}`,
|
||||||
startLogLine+2+13+14+11+12+24+28+6+6), scanner.Text())
|
getLineNumberOfCaller()-4), scanner.Text())
|
||||||
|
|
||||||
origTimeNow := textlogger.TimeNow
|
origTimeNow := textlogger.TimeNow
|
||||||
t.Cleanup(func() {
|
t.Cleanup(func() {
|
||||||
@ -190,19 +182,19 @@ testing.tRunner
|
|||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
require.NoError(t, scanner.Err())
|
require.NoError(t, scanner.Err())
|
||||||
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "what is happening" does klog="work?"`,
|
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "what is happening" does klog="work?"`,
|
||||||
pid, startLogLine+2+13+14+11+12+24+28+6+26+6), scanner.Text())
|
pid, getLineNumberOfCaller()-4), scanner.Text())
|
||||||
|
|
||||||
Logr().WithName("panda").V(KlogLevelDebug).Info("are the best", "yes?", "yes.")
|
Logr().WithName("panda").V(KlogLevelDebug).Info("are the best", "yes?", "yes.")
|
||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
require.NoError(t, scanner.Err())
|
require.NoError(t, scanner.Err())
|
||||||
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "panda: are the best" yes?="yes."`,
|
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "panda: are the best" yes?="yes."`,
|
||||||
pid, startLogLine+2+13+14+11+12+24+28+6+26+6+6), scanner.Text())
|
pid, getLineNumberOfCaller()-4), scanner.Text())
|
||||||
|
|
||||||
New().WithName("hi").WithName("there").WithValues("a", 1, "b", 2).Always("do it")
|
New().WithName("hi").WithName("there").WithValues("a", 1, "b", 2).Always("do it")
|
||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
require.NoError(t, scanner.Err())
|
require.NoError(t, scanner.Err())
|
||||||
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "hi/there: do it" a=1 b=2`,
|
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "hi/there: do it" a=1 b=2`,
|
||||||
pid, startLogLine+2+13+14+11+12+24+28+6+26+6+6+6), scanner.Text())
|
pid, getLineNumberOfCaller()-4), scanner.Text())
|
||||||
|
|
||||||
l := WithValues("x", 33, "z", 22)
|
l := WithValues("x", 33, "z", 22)
|
||||||
l.Debug("what to do")
|
l.Debug("what to do")
|
||||||
@ -210,17 +202,17 @@ testing.tRunner
|
|||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
require.NoError(t, scanner.Err())
|
require.NoError(t, scanner.Err())
|
||||||
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "what to do" x=33 z=22`,
|
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "what to do" x=33 z=22`,
|
||||||
pid, startLogLine+2+13+14+11+12+24+28+6+26+6+6+7+6), scanner.Text())
|
pid, getLineNumberOfCaller()-5), scanner.Text())
|
||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
require.NoError(t, scanner.Err())
|
require.NoError(t, scanner.Err())
|
||||||
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "and why" x=33 z=22`,
|
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "and why" x=33 z=22`,
|
||||||
pid, startLogLine+2+13+14+11+12+24+28+6+26+6+6+7+1+6), scanner.Text())
|
pid, getLineNumberOfCaller()-8), scanner.Text())
|
||||||
|
|
||||||
old.Always("should be klog text format", "for", "sure")
|
old.Always("should be klog text format", "for", "sure")
|
||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
require.NoError(t, scanner.Err())
|
require.NoError(t, scanner.Err())
|
||||||
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "created before mode change: should be klog text format" is="old" for="sure"`,
|
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "created before mode change: should be klog text format" is="old" for="sure"`,
|
||||||
pid, startLogLine+2+13+14+11+12+24+28+6+26+6+6+7+1+10+6), scanner.Text())
|
pid, getLineNumberOfCaller()-4), scanner.Text())
|
||||||
|
|
||||||
// make sure child loggers do not share state
|
// make sure child loggers do not share state
|
||||||
old1 := old.WithValues("i am", "old1")
|
old1 := old.WithValues("i am", "old1")
|
||||||
@ -230,11 +222,11 @@ testing.tRunner
|
|||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
require.NoError(t, scanner.Err())
|
require.NoError(t, scanner.Err())
|
||||||
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "created before mode change: warn" is="old" i am="old1" warning=true`,
|
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "created before mode change: warn" is="old" i am="old1" warning=true`,
|
||||||
pid, startLogLine+2+13+14+11+12+24+28+6+26+6+6+7+1+10+9+6), scanner.Text())
|
pid, getLineNumberOfCaller()-5), scanner.Text())
|
||||||
require.True(t, scanner.Scan())
|
require.True(t, scanner.Scan())
|
||||||
require.NoError(t, scanner.Err())
|
require.NoError(t, scanner.Err())
|
||||||
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "created before mode change/old2: info" is="old"`,
|
require.Equal(t, fmt.Sprintf(`I1121 23:37:26.953313%8d config_test.go:%d] "created before mode change/old2: info" is="old"`,
|
||||||
pid, startLogLine+2+13+14+11+12+24+28+6+26+6+6+7+1+10+9+1+6), scanner.Text())
|
pid, getLineNumberOfCaller()-8), scanner.Text())
|
||||||
|
|
||||||
Trace("should not be logged", "for", "sure")
|
Trace("should not be logged", "for", "sure")
|
||||||
require.Empty(t, buf.String())
|
require.Empty(t, buf.String())
|
||||||
@ -364,3 +356,18 @@ func getKlogLevel() klog.Level {
|
|||||||
|
|
||||||
return -1
|
return -1
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// getLineNumberOfCaller returns the line number of the source code that invoked this function.
|
||||||
|
// If maybeSkip is provided, returns the line number from a different point in the call stack.
|
||||||
|
// This is useful to test log output that prints a call stack with line numbers.
|
||||||
|
func getLineNumberOfCaller(maybeSkip ...int) int {
|
||||||
|
skip := 1
|
||||||
|
if len(maybeSkip) > 0 {
|
||||||
|
skip = maybeSkip[0]
|
||||||
|
}
|
||||||
|
|
||||||
|
if _, _, line, ok := runtime.Caller(skip); ok {
|
||||||
|
return line
|
||||||
|
}
|
||||||
|
return -1
|
||||||
|
}
|
||||||
|
@ -6,6 +6,7 @@ package plog
|
|||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"runtime"
|
||||||
"strings"
|
"strings"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
"time"
|
||||||
@ -156,17 +157,17 @@ func TestPlog(t *testing.T) {
|
|||||||
testAllPlogMethods(l.withDepth(2))
|
testAllPlogMethods(l.withDepth(2))
|
||||||
},
|
},
|
||||||
want: `
|
want: `
|
||||||
{"level":"error","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func15","message":"e","panda":2,"error":"some err"}
|
{"level":"error","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func16","message":"e","panda":2,"error":"some err"}
|
||||||
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func15","message":"w","warning":true,"panda":2}
|
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func16","message":"w","warning":true,"panda":2}
|
||||||
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func15","message":"we","warning":true,"error":"some err","panda":2}
|
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func16","message":"we","warning":true,"error":"some err","panda":2}
|
||||||
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func15","message":"i","panda":2}
|
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func16","message":"i","panda":2}
|
||||||
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func15","message":"ie","error":"some err","panda":2}
|
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func16","message":"ie","error":"some err","panda":2}
|
||||||
{"level":"debug","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func15","message":"d","panda":2}
|
{"level":"debug","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func16","message":"d","panda":2}
|
||||||
{"level":"debug","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func15","message":"de","error":"some err","panda":2}
|
{"level":"debug","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func16","message":"de","error":"some err","panda":2}
|
||||||
{"level":"trace","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func15","message":"t","panda":2}
|
{"level":"trace","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func16","message":"t","panda":2}
|
||||||
{"level":"trace","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func15","message":"te","error":"some err","panda":2}
|
{"level":"trace","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func16","message":"te","error":"some err","panda":2}
|
||||||
{"level":"all","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func15","message":"all","panda":2}
|
{"level":"all","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func16","message":"all","panda":2}
|
||||||
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func15","message":"always","panda":2}
|
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func16","message":"always","panda":2}
|
||||||
`,
|
`,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@ -284,19 +285,24 @@ func TestPlog(t *testing.T) {
|
|||||||
}()
|
}()
|
||||||
}()
|
}()
|
||||||
},
|
},
|
||||||
want: `
|
want: fmt.Sprintf(`
|
||||||
{"level":"error","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func13.1.1","message":"e","panda":2,"error":"some err"}
|
{"level":"error","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.%[1]s","message":"e","panda":2,"error":"some err"}
|
||||||
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func13.1.1","message":"w","warning":true,"panda":2}
|
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.%[1]s","message":"w","warning":true,"panda":2}
|
||||||
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func13.1.1","message":"we","warning":true,"error":"some err","panda":2}
|
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.%[1]s","message":"we","warning":true,"error":"some err","panda":2}
|
||||||
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func13.1.1","message":"i","panda":2}
|
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.%[1]s","message":"i","panda":2}
|
||||||
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func13.1.1","message":"ie","error":"some err","panda":2}
|
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.%[1]s","message":"ie","error":"some err","panda":2}
|
||||||
{"level":"debug","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func13.1.1","message":"d","panda":2}
|
{"level":"debug","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.%[1]s","message":"d","panda":2}
|
||||||
{"level":"debug","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func13.1.1","message":"de","error":"some err","panda":2}
|
{"level":"debug","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.%[1]s","message":"de","error":"some err","panda":2}
|
||||||
{"level":"trace","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func13.1.1","message":"t","panda":2}
|
{"level":"trace","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.%[1]s","message":"t","panda":2}
|
||||||
{"level":"trace","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func13.1.1","message":"te","error":"some err","panda":2}
|
{"level":"trace","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.%[1]s","message":"te","error":"some err","panda":2}
|
||||||
{"level":"all","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func13.1.1","message":"all","panda":2}
|
{"level":"all","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.%[1]s","message":"all","panda":2}
|
||||||
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.func13.1.1","message":"always","panda":2}
|
{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"plog/plog_test.go:<line>$plog.TestPlog.%[1]s","message":"always","panda":2}
|
||||||
`,
|
`, func() string {
|
||||||
|
if strings.Contains(runtime.Version(), "1.21") {
|
||||||
|
return "func13.TestPlog.func13.1.func2"
|
||||||
|
}
|
||||||
|
return "func13.1.1"
|
||||||
|
}()),
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "closure depth -1",
|
name: "closure depth -1",
|
||||||
|
@ -1,15 +0,0 @@
|
|||||||
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
|
||||||
|
|
||||||
//go:build !go1.14
|
|
||||||
// +build !go1.14
|
|
||||||
|
|
||||||
package testutil
|
|
||||||
|
|
||||||
import (
|
|
||||||
"testing"
|
|
||||||
)
|
|
||||||
|
|
||||||
func TempDir(t *testing.T) string {
|
|
||||||
return t.TempDir()
|
|
||||||
}
|
|
@ -1,25 +0,0 @@
|
|||||||
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
|
||||||
|
|
||||||
//go:build go1.14
|
|
||||||
// +build go1.14
|
|
||||||
|
|
||||||
package testutil
|
|
||||||
|
|
||||||
import (
|
|
||||||
"io/ioutil" //nolint:staticcheck // ioutil is deprecated, but this file is for go1.14
|
|
||||||
"os"
|
|
||||||
"testing"
|
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
|
||||||
)
|
|
||||||
|
|
||||||
func TempDir(t *testing.T) string {
|
|
||||||
t.Helper()
|
|
||||||
dir, err := ioutil.TempDir("", "test-*")
|
|
||||||
require.NoError(t, err)
|
|
||||||
t.Cleanup(func() {
|
|
||||||
require.NoError(t, os.RemoveAll(dir))
|
|
||||||
})
|
|
||||||
return dir
|
|
||||||
}
|
|
@ -870,19 +870,3 @@ func (p *Provider) traceRefreshFailure(t *trace.Trace, err error) {
|
|||||||
trace.Field{Key: "reason", Value: err.Error()},
|
trace.Field{Key: "reason", Value: err.Error()},
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
func AttributeUnchangedSinceLogin(attribute string) func(*ldap.Entry, provider.RefreshAttributes) error {
|
|
||||||
return func(entry *ldap.Entry, storedAttributes provider.RefreshAttributes) error {
|
|
||||||
prevAttributeValue := storedAttributes.AdditionalAttributes[attribute]
|
|
||||||
newValues := entry.GetRawAttributeValues(attribute)
|
|
||||||
|
|
||||||
if len(newValues) != 1 {
|
|
||||||
return fmt.Errorf(`expected to find 1 value for %q attribute, but found %d`, attribute, len(newValues))
|
|
||||||
}
|
|
||||||
encodedNewValue := base64.RawURLEncoding.EncodeToString(newValues[0])
|
|
||||||
if prevAttributeValue != encodedNewValue {
|
|
||||||
return fmt.Errorf(`value for attribute %q has changed since initial value at login`, attribute)
|
|
||||||
}
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
@ -1576,7 +1576,7 @@ func TestUpstreamRefresh(t *testing.T) {
|
|||||||
GroupNameAttribute: testGroupSearchGroupNameAttribute,
|
GroupNameAttribute: testGroupSearchGroupNameAttribute,
|
||||||
},
|
},
|
||||||
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
RefreshAttributeChecks: map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
pwdLastSetAttribute: AttributeUnchangedSinceLogin(pwdLastSetAttribute),
|
pwdLastSetAttribute: func(*ldap.Entry, provider.RefreshAttributes) error { return nil },
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
if editFunc != nil {
|
if editFunc != nil {
|
||||||
@ -2200,8 +2200,14 @@ func TestUpstreamRefresh(t *testing.T) {
|
|||||||
wantErr: "found 2 values for attribute \"some-upstream-uid-attribute\" while searching for user \"some-upstream-user-dn\", but expected 1 result",
|
wantErr: "found 2 values for attribute \"some-upstream-uid-attribute\" while searching for user \"some-upstream-user-dn\", but expected 1 result",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "search result has a changed pwdLastSet value",
|
name: "search result has a changed pwdLastSet value",
|
||||||
providerConfig: providerConfig(nil),
|
providerConfig: providerConfig(func(p *ProviderConfig) {
|
||||||
|
p.RefreshAttributeChecks = map[string]func(*ldap.Entry, provider.RefreshAttributes) error{
|
||||||
|
pwdLastSetAttribute: func(*ldap.Entry, provider.RefreshAttributes) error {
|
||||||
|
return errors.New(`value for attribute "pwdLastSet" has changed since initial value at login`)
|
||||||
|
},
|
||||||
|
}
|
||||||
|
}),
|
||||||
setupMocks: func(conn *mockldapconn.MockConn) {
|
setupMocks: func(conn *mockldapconn.MockConn) {
|
||||||
conn.EXPECT().Bind(testBindUsername, testBindPassword).Times(1)
|
conn.EXPECT().Bind(testBindUsername, testBindPassword).Times(1)
|
||||||
conn.EXPECT().Search(expectedUserSearch(nil)).Return(&ldap.SearchResult{
|
conn.EXPECT().Search(expectedUserSearch(nil)).Return(&ldap.SearchResult{
|
||||||
@ -2588,77 +2594,3 @@ func TestRealTLSDialing(t *testing.T) {
|
|||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestAttributeUnchangedSinceLogin(t *testing.T) {
|
|
||||||
initialVal := "some-attribute-value"
|
|
||||||
changedVal := "some-different-attribute-value"
|
|
||||||
attributeName := "some-attribute-name"
|
|
||||||
tests := []struct {
|
|
||||||
name string
|
|
||||||
entry *ldap.Entry
|
|
||||||
wantResult bool
|
|
||||||
wantErr string
|
|
||||||
}{
|
|
||||||
{
|
|
||||||
name: "happy path where value has not changed since login",
|
|
||||||
entry: &ldap.Entry{
|
|
||||||
DN: "some-dn",
|
|
||||||
Attributes: []*ldap.EntryAttribute{
|
|
||||||
{
|
|
||||||
Name: attributeName,
|
|
||||||
Values: []string{initialVal},
|
|
||||||
ByteValues: [][]byte{[]byte(initialVal)},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "password has been reset since login",
|
|
||||||
entry: &ldap.Entry{
|
|
||||||
DN: "some-dn",
|
|
||||||
Attributes: []*ldap.EntryAttribute{
|
|
||||||
{
|
|
||||||
Name: attributeName,
|
|
||||||
Values: []string{changedVal},
|
|
||||||
ByteValues: [][]byte{[]byte(changedVal)},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
wantErr: "value for attribute \"some-attribute-name\" has changed since initial value at login",
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "no value for attribute attribute",
|
|
||||||
entry: &ldap.Entry{
|
|
||||||
DN: "some-dn",
|
|
||||||
Attributes: []*ldap.EntryAttribute{},
|
|
||||||
},
|
|
||||||
wantErr: "expected to find 1 value for \"some-attribute-name\" attribute, but found 0",
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "too many values for attribute",
|
|
||||||
entry: &ldap.Entry{
|
|
||||||
DN: "some-dn",
|
|
||||||
Attributes: []*ldap.EntryAttribute{
|
|
||||||
{
|
|
||||||
Name: attributeName,
|
|
||||||
ByteValues: [][]byte{[]byte("val1"), []byte("val2")},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
wantErr: "expected to find 1 value for \"some-attribute-name\" attribute, but found 2",
|
|
||||||
},
|
|
||||||
}
|
|
||||||
for _, test := range tests {
|
|
||||||
tt := test
|
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
|
||||||
initialValRawEncoded := base64.RawURLEncoding.EncodeToString([]byte(initialVal))
|
|
||||||
err := AttributeUnchangedSinceLogin(attributeName)(tt.entry, provider.RefreshAttributes{AdditionalAttributes: map[string]string{attributeName: initialValRawEncoded}})
|
|
||||||
if tt.wantErr != "" {
|
|
||||||
require.Error(t, err)
|
|
||||||
require.Equal(t, tt.wantErr, err.Error())
|
|
||||||
} else {
|
|
||||||
require.NoError(t, err)
|
|
||||||
}
|
|
||||||
})
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package filesession
|
package filesession
|
||||||
@ -11,7 +11,6 @@ import (
|
|||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
|
||||||
"go.pinniped.dev/internal/testutil"
|
|
||||||
"go.pinniped.dev/pkg/oidcclient"
|
"go.pinniped.dev/pkg/oidcclient"
|
||||||
"go.pinniped.dev/pkg/oidcclient/oidctypes"
|
"go.pinniped.dev/pkg/oidcclient/oidctypes"
|
||||||
)
|
)
|
||||||
@ -120,7 +119,7 @@ func TestWriteTo(t *testing.T) {
|
|||||||
t.Parallel()
|
t.Parallel()
|
||||||
t.Run("io error", func(t *testing.T) {
|
t.Run("io error", func(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
tmp := testutil.TempDir(t) + "/sessions.yaml"
|
tmp := t.TempDir() + "/sessions.yaml"
|
||||||
require.NoError(t, os.Mkdir(tmp, 0700))
|
require.NoError(t, os.Mkdir(tmp, 0700))
|
||||||
err := validSession.writeTo(tmp)
|
err := validSession.writeTo(tmp)
|
||||||
require.EqualError(t, err, "open "+tmp+": is a directory")
|
require.EqualError(t, err, "open "+tmp+": is a directory")
|
||||||
@ -128,7 +127,7 @@ func TestWriteTo(t *testing.T) {
|
|||||||
|
|
||||||
t.Run("success", func(t *testing.T) {
|
t.Run("success", func(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
require.NoError(t, validSession.writeTo(testutil.TempDir(t)+"/sessions.yaml"))
|
require.NoError(t, validSession.writeTo(t.TempDir()+"/sessions.yaml"))
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package filesession
|
package filesession
|
||||||
@ -14,14 +14,13 @@ import (
|
|||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
|
||||||
"go.pinniped.dev/internal/testutil"
|
|
||||||
"go.pinniped.dev/pkg/oidcclient"
|
"go.pinniped.dev/pkg/oidcclient"
|
||||||
"go.pinniped.dev/pkg/oidcclient/oidctypes"
|
"go.pinniped.dev/pkg/oidcclient/oidctypes"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestNew(t *testing.T) {
|
func TestNew(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
tmp := testutil.TempDir(t) + "/sessions.yaml"
|
tmp := t.TempDir() + "/sessions.yaml"
|
||||||
c := New(tmp)
|
c := New(tmp)
|
||||||
require.NotNil(t, c)
|
require.NotNil(t, c)
|
||||||
require.Equal(t, tmp, c.path)
|
require.Equal(t, tmp, c.path)
|
||||||
@ -222,7 +221,7 @@ func TestGetToken(t *testing.T) {
|
|||||||
tt := tt
|
tt := tt
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
tmp := testutil.TempDir(t) + "/sessions.yaml"
|
tmp := t.TempDir() + "/sessions.yaml"
|
||||||
if tt.makeTestFile != nil {
|
if tt.makeTestFile != nil {
|
||||||
tt.makeTestFile(t, tmp)
|
tt.makeTestFile(t, tmp)
|
||||||
}
|
}
|
||||||
@ -480,7 +479,7 @@ func TestPutToken(t *testing.T) {
|
|||||||
tt := tt
|
tt := tt
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
tmp := testutil.TempDir(t) + "/sessiondir/sessions.yaml"
|
tmp := t.TempDir() + "/sessiondir/sessions.yaml"
|
||||||
if tt.makeTestFile != nil {
|
if tt.makeTestFile != nil {
|
||||||
tt.makeTestFile(t, tmp)
|
tt.makeTestFile(t, tmp)
|
||||||
}
|
}
|
||||||
|
@ -28,7 +28,6 @@ import (
|
|||||||
|
|
||||||
identityv1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1"
|
identityv1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1"
|
||||||
conciergescheme "go.pinniped.dev/internal/concierge/scheme"
|
conciergescheme "go.pinniped.dev/internal/concierge/scheme"
|
||||||
"go.pinniped.dev/internal/testutil"
|
|
||||||
"go.pinniped.dev/pkg/oidcclient"
|
"go.pinniped.dev/pkg/oidcclient"
|
||||||
"go.pinniped.dev/pkg/oidcclient/filesession"
|
"go.pinniped.dev/pkg/oidcclient/filesession"
|
||||||
"go.pinniped.dev/test/testlib"
|
"go.pinniped.dev/test/testlib"
|
||||||
@ -48,7 +47,7 @@ func TestCLIGetKubeconfigStaticToken_Parallel(t *testing.T) {
|
|||||||
// Build pinniped CLI.
|
// Build pinniped CLI.
|
||||||
pinnipedExe := testlib.PinnipedCLIPath(t)
|
pinnipedExe := testlib.PinnipedCLIPath(t)
|
||||||
|
|
||||||
credCacheDir := testutil.TempDir(t)
|
credCacheDir := t.TempDir()
|
||||||
stdout, stderr := runPinnipedCLI(t, nil, pinnipedExe, "get", "kubeconfig",
|
stdout, stderr := runPinnipedCLI(t, nil, pinnipedExe, "get", "kubeconfig",
|
||||||
"--static-token", env.TestUser.Token,
|
"--static-token", env.TestUser.Token,
|
||||||
"--concierge-api-group-suffix", env.APIGroupSuffix,
|
"--concierge-api-group-suffix", env.APIGroupSuffix,
|
||||||
@ -92,7 +91,7 @@ func TestCLIGetKubeconfigStaticToken_Parallel(t *testing.T) {
|
|||||||
|
|
||||||
t.Run("whoami", func(t *testing.T) {
|
t.Run("whoami", func(t *testing.T) {
|
||||||
// Validate that `pinniped whoami` returns the correct identity.
|
// Validate that `pinniped whoami` returns the correct identity.
|
||||||
kubeconfigPath := filepath.Join(testutil.TempDir(t), "whoami-kubeconfig")
|
kubeconfigPath := filepath.Join(t.TempDir(), "whoami-kubeconfig")
|
||||||
require.NoError(t, os.WriteFile(kubeconfigPath, []byte(stdout), 0600))
|
require.NoError(t, os.WriteFile(kubeconfigPath, []byte(stdout), 0600))
|
||||||
assertWhoami(
|
assertWhoami(
|
||||||
ctx,
|
ctx,
|
||||||
@ -277,7 +276,7 @@ func runPinnipedLoginOIDC(
|
|||||||
env := testlib.IntegrationEnv(t)
|
env := testlib.IntegrationEnv(t)
|
||||||
|
|
||||||
// Make a temp directory to hold the session cache for this test.
|
// Make a temp directory to hold the session cache for this test.
|
||||||
sessionCachePath := testutil.TempDir(t) + "/sessions.yaml"
|
sessionCachePath := t.TempDir() + "/sessions.yaml"
|
||||||
|
|
||||||
// Start the browser driver.
|
// Start the browser driver.
|
||||||
browser := browsertest.OpenBrowser(t)
|
browser := browsertest.OpenBrowser(t)
|
||||||
@ -417,13 +416,13 @@ func oidcLoginCommand(ctx context.Context, t *testing.T, pinnipedExe string, ses
|
|||||||
"--scopes", "offline_access,openid,email,profile",
|
"--scopes", "offline_access,openid,email,profile",
|
||||||
"--listen-port", callbackURL.Port(),
|
"--listen-port", callbackURL.Port(),
|
||||||
"--session-cache", sessionCachePath,
|
"--session-cache", sessionCachePath,
|
||||||
"--credential-cache", testutil.TempDir(t)+"/credentials.yaml",
|
"--credential-cache", t.TempDir()+"/credentials.yaml",
|
||||||
"--skip-browser",
|
"--skip-browser",
|
||||||
)
|
)
|
||||||
|
|
||||||
// If there is a custom CA bundle, pass it via --ca-bundle and a temporary file.
|
// If there is a custom CA bundle, pass it via --ca-bundle and a temporary file.
|
||||||
if env.CLIUpstreamOIDC.CABundle != "" {
|
if env.CLIUpstreamOIDC.CABundle != "" {
|
||||||
path := filepath.Join(testutil.TempDir(t), "test-ca.pem")
|
path := filepath.Join(t.TempDir(), "test-ca.pem")
|
||||||
require.NoError(t, os.WriteFile(path, []byte(env.CLIUpstreamOIDC.CABundle), 0600))
|
require.NoError(t, os.WriteFile(path, []byte(env.CLIUpstreamOIDC.CABundle), 0600))
|
||||||
cmd.Args = append(cmd.Args, "--ca-bundle", path)
|
cmd.Args = append(cmd.Args, "--ca-bundle", path)
|
||||||
}
|
}
|
||||||
|
@ -2325,7 +2325,7 @@ func getImpersonationKubeconfig(t *testing.T, env *testlib.TestEnv, impersonatio
|
|||||||
t.Helper()
|
t.Helper()
|
||||||
|
|
||||||
pinnipedExe := testlib.PinnipedCLIPath(t)
|
pinnipedExe := testlib.PinnipedCLIPath(t)
|
||||||
tempDir := testutil.TempDir(t)
|
tempDir := t.TempDir()
|
||||||
|
|
||||||
var envVarsWithProxy []string
|
var envVarsWithProxy []string
|
||||||
if !env.HasCapability(testlib.HasExternalLoadBalancerProvider) {
|
if !env.HasCapability(testlib.HasExternalLoadBalancerProvider) {
|
||||||
|
@ -79,7 +79,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) {
|
|||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
||||||
// Save that bundle plus the one that signs the upstream issuer, for test purposes.
|
// Save that bundle plus the one that signs the upstream issuer, for test purposes.
|
||||||
testCABundlePath := filepath.Join(testutil.TempDir(t), "test-ca.pem")
|
testCABundlePath := filepath.Join(t.TempDir(), "test-ca.pem")
|
||||||
testCABundlePEM := []byte(string(ca.Bundle()) + "\n" + env.SupervisorUpstreamOIDC.CABundle)
|
testCABundlePEM := []byte(string(ca.Bundle()) + "\n" + env.SupervisorUpstreamOIDC.CABundle)
|
||||||
testCABundleBase64 := base64.StdEncoding.EncodeToString(testCABundlePEM)
|
testCABundleBase64 := base64.StdEncoding.EncodeToString(testCABundlePEM)
|
||||||
require.NoError(t, os.WriteFile(testCABundlePath, testCABundlePEM, 0600))
|
require.NoError(t, os.WriteFile(testCABundlePath, testCABundlePEM, 0600))
|
||||||
@ -119,7 +119,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) {
|
|||||||
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
t.Cleanup(cancel)
|
t.Cleanup(cancel)
|
||||||
|
|
||||||
tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests
|
tempDir := t.TempDir() // per-test tmp dir to avoid sharing files between tests
|
||||||
|
|
||||||
// Start a fresh browser driver because we don't want to share cookies between the various tests in this file.
|
// Start a fresh browser driver because we don't want to share cookies between the various tests in this file.
|
||||||
browser := browsertest.OpenBrowser(t)
|
browser := browsertest.OpenBrowser(t)
|
||||||
@ -200,7 +200,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) {
|
|||||||
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
t.Cleanup(cancel)
|
t.Cleanup(cancel)
|
||||||
|
|
||||||
tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests
|
tempDir := t.TempDir() // per-test tmp dir to avoid sharing files between tests
|
||||||
|
|
||||||
// Start a fresh browser driver because we don't want to share cookies between the various tests in this file.
|
// Start a fresh browser driver because we don't want to share cookies between the various tests in this file.
|
||||||
browser := browsertest.OpenBrowser(t)
|
browser := browsertest.OpenBrowser(t)
|
||||||
@ -284,7 +284,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) {
|
|||||||
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
t.Cleanup(cancel)
|
t.Cleanup(cancel)
|
||||||
|
|
||||||
tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests
|
tempDir := t.TempDir() // per-test tmp dir to avoid sharing files between tests
|
||||||
|
|
||||||
// Start a fresh browser driver because we don't want to share cookies between the various tests in this file.
|
// Start a fresh browser driver because we don't want to share cookies between the various tests in this file.
|
||||||
browser := browsertest.OpenBrowser(t)
|
browser := browsertest.OpenBrowser(t)
|
||||||
@ -395,7 +395,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) {
|
|||||||
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
t.Cleanup(cancel)
|
t.Cleanup(cancel)
|
||||||
|
|
||||||
tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests
|
tempDir := t.TempDir() // per-test tmp dir to avoid sharing files between tests
|
||||||
|
|
||||||
// Start a fresh browser driver because we don't want to share cookies between the various tests in this file.
|
// Start a fresh browser driver because we don't want to share cookies between the various tests in this file.
|
||||||
browser := browsertest.OpenBrowser(t)
|
browser := browsertest.OpenBrowser(t)
|
||||||
@ -531,7 +531,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) {
|
|||||||
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
t.Cleanup(cancel)
|
t.Cleanup(cancel)
|
||||||
|
|
||||||
tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests
|
tempDir := t.TempDir() // per-test tmp dir to avoid sharing files between tests
|
||||||
|
|
||||||
expectedUsername := env.SupervisorUpstreamOIDC.Username
|
expectedUsername := env.SupervisorUpstreamOIDC.Username
|
||||||
expectedGroups := env.SupervisorUpstreamOIDC.ExpectedGroups
|
expectedGroups := env.SupervisorUpstreamOIDC.ExpectedGroups
|
||||||
@ -614,7 +614,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) {
|
|||||||
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
t.Cleanup(cancel)
|
t.Cleanup(cancel)
|
||||||
|
|
||||||
tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests
|
tempDir := t.TempDir() // per-test tmp dir to avoid sharing files between tests
|
||||||
|
|
||||||
// Create upstream OIDC provider and wait for it to become ready.
|
// Create upstream OIDC provider and wait for it to become ready.
|
||||||
oidcIdentityProvider := testlib.CreateTestOIDCIdentityProvider(t, idpv1alpha1.OIDCIdentityProviderSpec{
|
oidcIdentityProvider := testlib.CreateTestOIDCIdentityProvider(t, idpv1alpha1.OIDCIdentityProviderSpec{
|
||||||
@ -700,7 +700,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) {
|
|||||||
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
t.Cleanup(cancel)
|
t.Cleanup(cancel)
|
||||||
|
|
||||||
tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests
|
tempDir := t.TempDir() // per-test tmp dir to avoid sharing files between tests
|
||||||
|
|
||||||
expectedUsername := env.SupervisorUpstreamLDAP.TestUserMailAttributeValue
|
expectedUsername := env.SupervisorUpstreamLDAP.TestUserMailAttributeValue
|
||||||
expectedGroups := env.SupervisorUpstreamLDAP.TestUserDirectGroupsDNs
|
expectedGroups := env.SupervisorUpstreamLDAP.TestUserDirectGroupsDNs
|
||||||
@ -754,7 +754,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) {
|
|||||||
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
t.Cleanup(cancel)
|
t.Cleanup(cancel)
|
||||||
|
|
||||||
tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests
|
tempDir := t.TempDir() // per-test tmp dir to avoid sharing files between tests
|
||||||
|
|
||||||
expectedUsername := env.SupervisorUpstreamLDAP.TestUserMailAttributeValue
|
expectedUsername := env.SupervisorUpstreamLDAP.TestUserMailAttributeValue
|
||||||
expectedGroups := env.SupervisorUpstreamLDAP.TestUserDirectGroupsDNs
|
expectedGroups := env.SupervisorUpstreamLDAP.TestUserDirectGroupsDNs
|
||||||
@ -813,7 +813,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) {
|
|||||||
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
t.Cleanup(cancel)
|
t.Cleanup(cancel)
|
||||||
|
|
||||||
tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests
|
tempDir := t.TempDir() // per-test tmp dir to avoid sharing files between tests
|
||||||
|
|
||||||
expectedUsername := env.SupervisorUpstreamLDAP.TestUserMailAttributeValue
|
expectedUsername := env.SupervisorUpstreamLDAP.TestUserMailAttributeValue
|
||||||
expectedGroups := env.SupervisorUpstreamLDAP.TestUserDirectGroupsDNs
|
expectedGroups := env.SupervisorUpstreamLDAP.TestUserDirectGroupsDNs
|
||||||
@ -879,7 +879,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) {
|
|||||||
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
t.Cleanup(cancel)
|
t.Cleanup(cancel)
|
||||||
|
|
||||||
tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests
|
tempDir := t.TempDir() // per-test tmp dir to avoid sharing files between tests
|
||||||
|
|
||||||
expectedUsername := env.SupervisorUpstreamActiveDirectory.TestUserPrincipalNameValue
|
expectedUsername := env.SupervisorUpstreamActiveDirectory.TestUserPrincipalNameValue
|
||||||
expectedGroups := env.SupervisorUpstreamActiveDirectory.TestUserIndirectGroupsSAMAccountPlusDomainNames
|
expectedGroups := env.SupervisorUpstreamActiveDirectory.TestUserIndirectGroupsSAMAccountPlusDomainNames
|
||||||
@ -933,7 +933,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) {
|
|||||||
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
t.Cleanup(cancel)
|
t.Cleanup(cancel)
|
||||||
|
|
||||||
tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests
|
tempDir := t.TempDir() // per-test tmp dir to avoid sharing files between tests
|
||||||
|
|
||||||
expectedUsername := env.SupervisorUpstreamActiveDirectory.TestUserPrincipalNameValue
|
expectedUsername := env.SupervisorUpstreamActiveDirectory.TestUserPrincipalNameValue
|
||||||
expectedGroups := env.SupervisorUpstreamActiveDirectory.TestUserIndirectGroupsSAMAccountPlusDomainNames
|
expectedGroups := env.SupervisorUpstreamActiveDirectory.TestUserIndirectGroupsSAMAccountPlusDomainNames
|
||||||
@ -998,7 +998,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) {
|
|||||||
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
t.Cleanup(cancel)
|
t.Cleanup(cancel)
|
||||||
|
|
||||||
tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests
|
tempDir := t.TempDir() // per-test tmp dir to avoid sharing files between tests
|
||||||
|
|
||||||
// Start a fresh browser driver because we don't want to share cookies between the various tests in this file.
|
// Start a fresh browser driver because we don't want to share cookies between the various tests in this file.
|
||||||
browser := browsertest.OpenBrowser(t)
|
browser := browsertest.OpenBrowser(t)
|
||||||
@ -1048,7 +1048,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) {
|
|||||||
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
t.Cleanup(cancel)
|
t.Cleanup(cancel)
|
||||||
|
|
||||||
tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests
|
tempDir := t.TempDir() // per-test tmp dir to avoid sharing files between tests
|
||||||
|
|
||||||
// Start a fresh browser driver because we don't want to share cookies between the various tests in this file.
|
// Start a fresh browser driver because we don't want to share cookies between the various tests in this file.
|
||||||
browser := browsertest.OpenBrowser(t)
|
browser := browsertest.OpenBrowser(t)
|
||||||
@ -1098,7 +1098,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) {
|
|||||||
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
t.Cleanup(cancel)
|
t.Cleanup(cancel)
|
||||||
|
|
||||||
tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests
|
tempDir := t.TempDir() // per-test tmp dir to avoid sharing files between tests
|
||||||
|
|
||||||
// Start a fresh browser driver because we don't want to share cookies between the various tests in this file.
|
// Start a fresh browser driver because we don't want to share cookies between the various tests in this file.
|
||||||
browser := browsertest.OpenBrowser(t)
|
browser := browsertest.OpenBrowser(t)
|
||||||
|
@ -1,8 +1,7 @@
|
|||||||
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2021-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
//go:build fips_strict
|
//go:build fips_strict
|
||||||
// +build fips_strict
|
|
||||||
|
|
||||||
package integration
|
package integration
|
||||||
|
|
||||||
|
@ -31,7 +31,6 @@ import (
|
|||||||
"go.pinniped.dev/internal/oidc"
|
"go.pinniped.dev/internal/oidc"
|
||||||
"go.pinniped.dev/internal/oidc/oidcclientvalidator"
|
"go.pinniped.dev/internal/oidc/oidcclientvalidator"
|
||||||
"go.pinniped.dev/internal/psession"
|
"go.pinniped.dev/internal/psession"
|
||||||
"go.pinniped.dev/internal/testutil"
|
|
||||||
"go.pinniped.dev/pkg/oidcclient"
|
"go.pinniped.dev/pkg/oidcclient"
|
||||||
"go.pinniped.dev/pkg/oidcclient/filesession"
|
"go.pinniped.dev/pkg/oidcclient/filesession"
|
||||||
"go.pinniped.dev/test/testlib"
|
"go.pinniped.dev/test/testlib"
|
||||||
@ -46,7 +45,7 @@ func TestSupervisorWarnings_Browser(t *testing.T) {
|
|||||||
|
|
||||||
// Build pinniped CLI.
|
// Build pinniped CLI.
|
||||||
pinnipedExe := testlib.PinnipedCLIPath(t)
|
pinnipedExe := testlib.PinnipedCLIPath(t)
|
||||||
tempDir := testutil.TempDir(t)
|
tempDir := t.TempDir()
|
||||||
|
|
||||||
// Infer the downstream issuer URL from the callback associated with the upstream test client registration.
|
// Infer the downstream issuer URL from the callback associated with the upstream test client registration.
|
||||||
issuerURL, err := url.Parse(env.SupervisorUpstreamOIDC.CallbackURL)
|
issuerURL, err := url.Parse(env.SupervisorUpstreamOIDC.CallbackURL)
|
||||||
|
@ -12,8 +12,6 @@ import (
|
|||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"go.pinniped.dev/internal/testutil"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
//nolint:gochecknoglobals
|
//nolint:gochecknoglobals
|
||||||
@ -34,7 +32,7 @@ func PinnipedCLIPath(t *testing.T) string {
|
|||||||
|
|
||||||
pinnipedCLIBinaryCache.mutex.Lock()
|
pinnipedCLIBinaryCache.mutex.Lock()
|
||||||
defer pinnipedCLIBinaryCache.mutex.Unlock()
|
defer pinnipedCLIBinaryCache.mutex.Unlock()
|
||||||
path := filepath.Join(testutil.TempDir(t), "pinniped")
|
path := filepath.Join(t.TempDir(), "pinniped")
|
||||||
if pinnipedCLIBinaryCache.buf != nil {
|
if pinnipedCLIBinaryCache.buf != nil {
|
||||||
t.Log("using previously built pinniped CLI binary")
|
t.Log("using previously built pinniped CLI binary")
|
||||||
//nolint:gosec // this is test code.
|
//nolint:gosec // this is test code.
|
||||||
|
@ -1,9 +1,6 @@
|
|||||||
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
//go:build !go1.14
|
|
||||||
// +build !go1.14
|
|
||||||
|
|
||||||
package testlib
|
package testlib
|
||||||
|
|
||||||
import (
|
import (
|
||||||
@ -13,5 +10,17 @@ import (
|
|||||||
|
|
||||||
// LookupIP looks up the IP address of the provided hostname, preferring IPv4.
|
// LookupIP looks up the IP address of the provided hostname, preferring IPv4.
|
||||||
func LookupIP(ctx context.Context, hostname string) ([]net.IP, error) {
|
func LookupIP(ctx context.Context, hostname string) ([]net.IP, error) {
|
||||||
return net.DefaultResolver.LookupIP(ctx, "ip4", hostname)
|
ips, err := net.DefaultResolver.LookupIPAddr(ctx, hostname)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Filter out to only IPv4 addresses
|
||||||
|
var results []net.IP
|
||||||
|
for _, ip := range ips {
|
||||||
|
if ip.IP.To4() != nil {
|
||||||
|
results = append(results, ip.IP)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return results, nil
|
||||||
}
|
}
|
||||||
|
@ -1,29 +0,0 @@
|
|||||||
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
|
||||||
|
|
||||||
//go:build go1.14
|
|
||||||
// +build go1.14
|
|
||||||
|
|
||||||
package testlib
|
|
||||||
|
|
||||||
import (
|
|
||||||
"context"
|
|
||||||
"net"
|
|
||||||
)
|
|
||||||
|
|
||||||
// LookupIP looks up the IP address of the provided hostname, preferring IPv4.
|
|
||||||
func LookupIP(ctx context.Context, hostname string) ([]net.IP, error) {
|
|
||||||
ips, err := net.DefaultResolver.LookupIPAddr(ctx, hostname)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
// Filter out to only IPv4 addresses
|
|
||||||
var results []net.IP
|
|
||||||
for _, ip := range ips {
|
|
||||||
if ip.IP.To4() != nil {
|
|
||||||
results = append(results, ip.IP)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return results, nil
|
|
||||||
}
|
|
@ -1,8 +1,7 @@
|
|||||||
// Copyright 2022 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
//go:build fips_strict
|
//go:build fips_strict
|
||||||
// +build fips_strict
|
|
||||||
|
|
||||||
package testlib
|
package testlib
|
||||||
|
|
||||||
|
@ -1,8 +1,7 @@
|
|||||||
// Copyright 2022 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
//go:build !fips_strict
|
//go:build !fips_strict
|
||||||
// +build !fips_strict
|
|
||||||
|
|
||||||
package testlib
|
package testlib
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user