djpbessems
/
ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3,553 Commits 30 Branches 34 Tags 22 MiB
Commit Graph

3553 Commits

Author SHA1 Message Date
Joshua Casey 12f18cbed8 Inline and remove testutil.TempDir 2023-09-06 14:52:01 -05:00
Joshua Casey 05a1187e2e Simplify build tags associated with unsupported golang versions 2023-09-06 14:52:01 -05:00
Joshua Casey 5effb1a89b Bump to golang 1.21.0, and bump all golang deps 2023-09-06 14:52:01 -05:00
Joshua Casey b14e86bb91
Merge pull request #1654 from vmware-tanzu/docs/configure-supervisor-with-azuread 
Add docs for Supervisor with Azure AD
 2023-09-06 12:33:51 -05:00
Joshua Casey c3445a747d
Merge pull request #1650 from vmware-tanzu/ben/prepare-for-integration-tests.sh-improvements 
Improve hack/prepare-for-integration-tests.sh flexibility
 2023-09-06 12:30:12 -05:00
Benjamin A. Petersen a5c481cf61
Add docs for Supervisor with Azure AD 
- Note that Azure AD is being rebranded to Entra ID
 2023-09-06 13:14:37 -04:00
Benjamin A. Petersen fd1936c45f
Improve hack/prepare-for-integration-tests.sh flexibility 
- move pushd/popd inside if statements for alternative-deploy methods
- add specific alternative-deploy vars for individual components
  - supervisor
  - concierge
  - local-user-authenticator
  while preserving the current alternative-deploy for all three
- doc that equals for flags does not work
  --foo=bar is invalid
  --foo bar is valid
 2023-08-31 15:02:24 -04:00
Ben Petersen fbeb45a1a0
Merge pull request #1648 from vmware-tanzu/jtc/do-not-fail-hack-script-without-KUBE_GIT_VERSION 
Do not fail hack script without kube git version
 2023-08-30 10:58:15 -04:00
Joshua Casey 23bd3e7cc9 Do not fail hack/prepare-for-integration-tests.sh without KUBE_GIT_VERSION 2023-08-29 19:58:23 -05:00
Joshua Casey 7cda8f4123 Do not fail when KUBE_GIT_VERSION is not set 2023-08-29 17:31:22 -05:00
Joshua Casey a42e3edf56
Merge pull request #1646 from vmware-tanzu/jtc/support-k8s-1-21-and-up 
Remove generated code prior to K8s 1.21
 2023-08-29 16:29:32 -05:00
Joshua Casey 76933f69b9 Update comments to indicate support for newer versions of Kubernetes 2023-08-29 15:40:52 -05:00
Joshua Casey 5c9d26baeb Remove generated code for K8s 1.17, 1.18, 1.19, and 1.20 
- Kind 0.20.0 supports 1.21 through 1.28 (inclusive)
- https://github.com/kubernetes-sigs/kind/releases/tag/v0.20.0
 2023-08-28 16:56:32 -05:00
Joshua Casey 9248db971a
Merge pull request #1634 from vmware-tanzu/jtc/1633/update-pinniped-cli-version-output 
#1633 Update `pinniped version` output
 2023-08-28 14:19:17 -05:00
Joshua Casey 2dcc149fee Split off helper function 2023-08-28 12:14:14 -05:00
Joshua Casey 38230fc518 Use pversion to retrieve buildtime information 2023-08-28 11:54:27 -05:00
Joshua Casey 8edecffcc0
Merge pull request #1630 from vmware-tanzu/jtc/support-k8s-1-28 
Support k8s 1.28
 2023-08-28 11:49:18 -05:00
Joshua Casey ca05969f8d Integration tests should use 'kubectl explain --output plaintext-openapiv2' 
- OpenAPIV3 discovery of aggregate APIs seems to need a little more work in K8s 1.28
 2023-08-28 10:50:11 -05:00
Joshua Casey 1b504b6fbd Expose OpenAPIv3 explanations 2023-08-28 10:50:11 -05:00
Joshua Casey dfd3d5075d Ensure that kubegenerator scripts are executable 2023-08-28 10:50:11 -05:00
Joshua Casey c51722a121 Run K8s codegen, adding 1.28.0 2023-08-28 10:50:11 -05:00
Joshua Casey 23ec91dee0 K8s API Server audit events are no longer pointers 2023-08-28 10:50:10 -05:00
Joshua Casey ccba159639 Update all golang dependencies, especially k8s.io (for 1.28) 2023-08-28 10:50:10 -05:00
Ryan Richard 20cfa0a207
Merge pull request #1631 from vmware-tanzu/which_service_doc 
Update docs to clarify which Supervisor port to expose outside cluster
 2023-08-22 10:43:53 -07:00
Ryan Richard 835b8a5333 Update docs to clarify which Supervisor port to expose outside cluster 2023-08-22 10:00:56 -07:00
Ben Petersen decd40bc26
Merge pull request #1621 from vmware-tanzu/site/blog-post-tags 
blog: clean up tags page
 2023-08-15 15:07:31 -04:00
Benjamin A. Petersen 2891da25f5
blog: clean up tags page 2023-08-15 14:18:48 -04:00
Ben Petersen c54933bf33
Merge pull request #1606 from vmware-tanzu/jtc/add-blog-post-for-v0.25.0 
Add blog post for v0.25.0
 2023-08-15 11:43:50 -04:00
Benjamin A. Petersen 820c565d21
blog: add multiple author support for posts 2023-08-15 11:37:11 -04:00
Benjamin A. Petersen e5e8c13f23
blog: impersonation-proxy spelling, grammar 2023-08-15 11:37:11 -04:00
Benjamin A. Petersen b81206c15d
blog: impersonation-proxy post updates 2023-08-14 11:42:26 -04:00
Benjamin A. Petersen 31c144261f
add author to blog list page 2023-08-14 11:42:26 -04:00
Joshua Casey 4d0da0a5b2 Add blog post for v0.25.0 2023-08-10 09:00:16 -05:00
Pinny 8c96616b51 Updated versions in docs for v0.25.0 release 2023-08-09 21:12:41 +00:00
Ben Petersen c7b49d9b93
Merge pull request #1615 from vmware-tanzu/jtc/fix-double-decoding-of-ca-crt 
Fix #1582 by not double-decoding the ca.crt field in external TLS secrets for the impersonation proxy
 2023-08-09 14:25:13 -04:00
Joshua Casey 7f0d04dba6 Address PR feedback 2023-08-09 11:42:42 -05:00
Joshua Casey 1707995378 Fix #1582 by not double-decoding the ca.crt field in external TLS secrets for the impersonation proxy 2023-08-08 20:17:21 -05:00
Ben Petersen f24f82b25b
Merge pull request #1607 from vmware-tanzu/pinny/bump-deps 
Bump go.mod direct dependencies
 2023-08-08 09:22:40 -04:00
Pinny 391c38057d Bump go.mod direct dependencies 2023-08-08 08:03:24 +00:00
Joshua Casey e2e9819c58
Merge pull request #1582 from vmware-tanzu/jtc/1547-poc 
Add external certificate management for the Concierge Impersonation Proxy
 2023-08-03 15:52:56 -05:00
Joshua Casey dc61d132cf Address PR feedback, especially to check that the CA bundle is some kind of valid cert 2023-08-03 14:57:21 -05:00
Joshua Casey 959f18b67b Add integration test to verify that the impersonation proxy will use an external TLS serving cert 2023-08-03 14:57:21 -05:00
Joshua Casey ee75a63057 Test Refactor: use explicit names for mTLS signing cert 2023-08-03 14:57:21 -05:00
Joshua Casey bd035a180e Impersonation proxy detects when the user has configured an externally provided TLS secret to serve TLS 
- https://github.com/vmware-tanzu/pinniped/tree/main/proposals/1547_impersonation-proxy-external-certs
- https://joshuatcasey.medium.com/k8s-mtls-auth-with-tls-passthrough-1bc25e750f52
 2023-08-03 14:57:21 -05:00
Joshua Casey 8df9033bfc Add CredentialIssuer.Spec.ImpersonationProxy.TLS to configure an externally provided TLS secret 2023-08-03 14:57:21 -05:00
Joshua Casey 3e57716f0e The impersonation controller should sync when any secret of type kubernetes.io/tls changes in the namespace 2023-08-03 14:57:21 -05:00
Joshua Casey c78db66665
Merge pull request #1602 from vmware-tanzu/pinny/bump-deps 
Bump go.mod direct dependencies
 2023-08-03 14:25:54 -05:00
Joshua Casey 8dec84b3b2 Bump golang to 1.20.7 2023-08-03 13:39:51 -05:00
Pinny fcf707b1ce Bump go.mod direct dependencies 2023-08-03 08:08:39 +00:00
Ben Petersen 563ac77b2f
Merge pull request #1603 from vmware-tanzu/site/sidebar/reorganize 
Website docs page sidebar reorganization and restyle
 2023-08-02 14:50:43 -04:00