Update precommit hook config to ignore generated files and fix whitespace.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
This commit is contained in:
Matt Moyer
parent
2959b54e7b
commit
8e5912e4c2
|
|
@ -1,3 +1,4 @@
|
||||||
|
exclude: '^generated/'
|
||||||
repos:
|
repos:
|
||||||
- repo: git://github.com/pre-commit/pre-commit-hooks
|
- repo: git://github.com/pre-commit/pre-commit-hooks
|
||||||
rev: v3.2.0
|
rev: v3.2.0
|
||||||
|
|
|
||||||
|
|
@ -23,7 +23,7 @@ with IDPs, and distribution-specific integration strategies.
|
||||||
|
|
||||||
### Architecture
|
### Architecture
|
||||||
|
|
||||||
Pinniped offers credential exchange to enable a user to exchange an external IDP
|
Pinniped offers credential exchange to enable a user to exchange an external IDP
|
||||||
credential for a short-lived, cluster-specific credential. Pinniped supports various
|
credential for a short-lived, cluster-specific credential. Pinniped supports various
|
||||||
IDP types and implements different integration strategies for various Kubernetes
|
IDP types and implements different integration strategies for various Kubernetes
|
||||||
distributions to make authentication possible.
|
distributions to make authentication possible.
|
||||||
|
|
@ -32,7 +32,7 @@ distributions to make authentication possible.
|
||||||
|
|
||||||
The currently supported external IDP types are outlined here. More will be added in the future.
|
The currently supported external IDP types are outlined here. More will be added in the future.
|
||||||
|
|
||||||
1. Any webhook which implements the
|
1. Any webhook which implements the
|
||||||
[Kubernetes TokenReview API](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication)
|
[Kubernetes TokenReview API](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication)
|
||||||
|
|
||||||
#### Supported Cluster Integration Strategies
|
#### Supported Cluster Integration Strategies
|
||||||
|
|
@ -49,7 +49,7 @@ will use that instead of using the cluster's signing keypair.)
|
||||||
#### `kubectl` Integration
|
#### `kubectl` Integration
|
||||||
|
|
||||||
With any of the above IDPs and integration strategies, `kubectl` commands receive the
|
With any of the above IDPs and integration strategies, `kubectl` commands receive the
|
||||||
cluster-specific credential via a
|
cluster-specific credential via a
|
||||||
[Kubernetes client-go credential plugin](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins).
|
[Kubernetes client-go credential plugin](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins).
|
||||||
Users may use the Pinniped CLI as the credential plugin, or they may use any proprietary CLI
|
Users may use the Pinniped CLI as the credential plugin, or they may use any proprietary CLI
|
||||||
built with the [Pinniped Go client library](generated).
|
built with the [Pinniped Go client library](generated).
|
||||||
|
|
@ -69,7 +69,7 @@ To try Pinniped, see [deploy/README.md](deploy/README.md).
|
||||||
## Contributions
|
## Contributions
|
||||||
|
|
||||||
Contributions are welcome. Before contributing, please see
|
Contributions are welcome. Before contributing, please see
|
||||||
the [Code of Conduct](doc/code_of_conduct.md) and
|
the [Code of Conduct](doc/code_of_conduct.md) and
|
||||||
[the contributing guide](doc/contributing.md).
|
[the contributing guide](doc/contributing.md).
|
||||||
|
|
||||||
## Reporting Security Vulnerabilities
|
## Reporting Security Vulnerabilities
|
||||||
|
|
|
||||||
12
SECURITY.md
12
SECURITY.md
|
|
@ -1,12 +1,12 @@
|
||||||
# Reporting a Vulnerability
|
# Reporting a Vulnerability
|
||||||
|
|
||||||
Pinniped development is sponsored by VMware, and the Pinniped team encourages users
|
Pinniped development is sponsored by VMware, and the Pinniped team encourages users
|
||||||
who become aware of a security vulnerability in Pinniped to report any potential
|
who become aware of a security vulnerability in Pinniped to report any potential
|
||||||
vulnerabilities found to security@vmware.com. If possible, please include a description
|
vulnerabilities found to security@vmware.com. If possible, please include a description
|
||||||
of the effects of the vulnerability, reproduction steps, and a description of in which
|
of the effects of the vulnerability, reproduction steps, and a description of in which
|
||||||
version of Pinniped or its dependencies the vulnerability was discovered.
|
version of Pinniped or its dependencies the vulnerability was discovered.
|
||||||
The use of encrypted email is encouraged. The public PGP key can be found at https://kb.vmware.com/kb/1055.
|
The use of encrypted email is encouraged. The public PGP key can be found at https://kb.vmware.com/kb/1055.
|
||||||
|
|
||||||
The Pinniped team hopes that users encountering a new vulnerability will contact
|
The Pinniped team hopes that users encountering a new vulnerability will contact
|
||||||
us privately as it is in the best interests of our users that the Pinniped team has
|
us privately as it is in the best interests of our users that the Pinniped team has
|
||||||
an opportunity to investigate and confirm a suspected vulnerability before it becomes public knowledge.
|
an opportunity to investigate and confirm a suspected vulnerability before it becomes public knowledge.
|
||||||
|
|
|
||||||
|
|
@ -16,7 +16,7 @@ To file a bug report, please first open an
|
||||||
[issue](https://github.com/suzerain-io/pinniped/issues/new?template=bug_report.md). The project team
|
[issue](https://github.com/suzerain-io/pinniped/issues/new?template=bug_report.md). The project team
|
||||||
will work with you on your bug report.
|
will work with you on your bug report.
|
||||||
|
|
||||||
Once the bug has been validated, a [pull request](https://github.com/suzerain-io/pinniped/compare)
|
Once the bug has been validated, a [pull request](https://github.com/suzerain-io/pinniped/compare)
|
||||||
can be opened to fix the bug.
|
can be opened to fix the bug.
|
||||||
|
|
||||||
For specifics on what to include in your bug report, please follow the
|
For specifics on what to include in your bug report, please follow the
|
||||||
|
|
@ -28,7 +28,7 @@ To suggest a feature, please first open an
|
||||||
[issue](https://github.com/suzerain-io/pinniped/issues/new?template=feature-proposal.md)
|
[issue](https://github.com/suzerain-io/pinniped/issues/new?template=feature-proposal.md)
|
||||||
and tag it with `proposal`. The project team will work with you on your feature request.
|
and tag it with `proposal`. The project team will work with you on your feature request.
|
||||||
|
|
||||||
Once the feature request has been validated, a [pull request](https://github.com/suzerain-io/pinniped/compare)
|
Once the feature request has been validated, a [pull request](https://github.com/suzerain-io/pinniped/compare)
|
||||||
can be opened to implement the feature.
|
can be opened to implement the feature.
|
||||||
|
|
||||||
For specifics on what to include in your feature request, please follow the
|
For specifics on what to include in your feature request, please follow the
|
||||||
|
|
|
||||||
|
|
@ -156,4 +156,4 @@ crd-ref-docs \
|
||||||
# Generate CRD YAML
|
# Generate CRD YAML
|
||||||
(cd apis &&
|
(cd apis &&
|
||||||
controller-gen paths=./crdpinniped/v1alpha1 crd:trivialVersions=true output:crd:artifacts:config=../crds
|
controller-gen paths=./crdpinniped/v1alpha1 crd:trivialVersions=true output:crd:artifacts:config=../crds
|
||||||
)
|
)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue