djpbessems
/
ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,414 Commits 30 Branches 34 Tags 22 MiB
Commit Graph

2414 Commits

Author SHA1 Message Date
Mo Khan 2789af79f6
Merge pull request #742 from enj/enj/i/bump_1.21.3 
Bump to Go 1.16.6 and Kube v0.21.3
 2021-07-27 15:34:37 -04:00
Ryan Richard 71cae75758
Merge branch 'main' into merge_impersonator_service_annotations 2021-07-27 11:57:16 -07:00
Ryan Richard 90db3ad51b
Merge pull request #730 from vmware-tanzu/cli_username_password_env_vars 
LDAP logins via CLI read from `PINNIPED_USERNAME` and `PINNIPED_PASSWORD` env vars
 2021-07-27 11:56:40 -07:00
Monis Khan 32c9aa5087
Bump to Go 1.16.6 and Kube v0.21.3 
Signed-off-by: Monis Khan <mok@vmware.com>
 2021-07-27 14:18:08 -04:00
Margo Crawford bbaa820278 parsing objectGUID as human-readable string version 2021-07-27 11:08:23 -07:00
Margo Crawford 287a5d225a Change SearchBaseFound condition success reason to be a string constant 2021-07-27 10:23:05 -07:00
Ryan Richard f17f7c0c6a Small refactors in impersonator_config.go suggested by @mattmoyer 2021-07-26 17:46:06 -07:00
Ryan Richard 54c5bcc9a1 Merge branch 'main' into merge_impersonator_service_annotations 2021-07-26 17:25:52 -07:00
Ryan Richard 58ab57201f Suppress lint errors 2021-07-26 17:20:49 -07:00
Ryan Richard f4829178b3 Use sentence case for headers in docs 
Following some common developer style guides such as
Google
https://developers.google.com/style/capitalization#capitalization-in-titles-and-headings
and Microsoft
https://docs.microsoft.com/en-us/style-guide/scannable-content/headings#formatting-headings
 2021-07-26 17:18:44 -07:00
Ryan Richard 295f013580 Merge branch 'main' into cli_username_password_env_vars 2021-07-26 17:04:46 -07:00
Margo Crawford 53b58f65b2 Add integration test for wrong password with ldap 2021-07-26 16:32:46 -07:00
Margo Crawford cc3875f048 PR feedback 2021-07-26 16:03:12 -07:00
Ryan Richard d8e1521457
Merge pull request #741 from vmware-tanzu/dockerignore 
dockerignore gets same contents as gitignore
 2021-07-26 12:47:26 -07:00
Ryan Richard e150111b27 dockerignore gets same contents as gitignore 2021-07-26 11:28:25 -07:00
Ryan Richard 9e27c28b39 Fix TestImpersonationProxy integration test changes from previous commit 
Forgot to account for our new booking annotation on the impersonator's
Service.
 2021-07-23 14:23:24 -07:00
Margo Crawford 5d23068690 Removed a todo that was resolved 2021-07-23 13:01:41 -07:00
Margo Crawford 1050f39789 Integration test deactivated ad account 2021-07-23 13:01:41 -07:00
Margo Crawford 00978c15f7 Update wording for ActiveDirectoryIdentityProvider crd 2021-07-23 13:01:41 -07:00
Margo Crawford 8ea1bd3dfb Make prepare-for-integration-tests active directory setup accessible for anyone 2021-07-23 13:01:41 -07:00
Margo Crawford 91085e68f9 Refactoring defaulting logic 2021-07-23 13:01:41 -07:00
Margo Crawford f99f7be836 Default values for ad usersearch and groupsearch 2021-07-23 13:01:41 -07:00
Margo Crawford 890d9c3216 resolve some todos about error handling search base discovery results 2021-07-23 13:01:41 -07:00
Margo Crawford cb0ee07b51 Fetch AD search base from defaultNamingContext when not specified 2021-07-23 13:01:41 -07:00
Margo Crawford 8e1d70562d Remove shared variables from ldap upstream observer 2021-07-23 13:01:41 -07:00
Margo Crawford 5d8d7246c2 Refactor active directory and ldap controllers to share almost everything 
Signed-off-by: Ryan Richard <richardry@vmware.com>
 2021-07-23 13:01:41 -07:00
Ryan Richard 3b4f521596 Changed TestLDAPUpstream.TestUsernameAttributeName back to TestUserMailAttributeName 
Also added TestUserSAMAccountNameValue

Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2021-07-23 13:01:40 -07:00
Margo Crawford e5c8cbb3a4 One line fix for lint error. Forgot a period in a comment. 
Signed-off-by: Ryan Richard <richardry@vmware.com>
 2021-07-23 13:01:40 -07:00
Margo Crawford 7696f4256d Move defaulting of ad username and uid attributes to controller 
Now the controller uses upstreamldap so there is less duplication,
since they are very similar.

Signed-off-by: Ryan Richard <richardry@vmware.com>
 2021-07-23 13:01:40 -07:00
Ryan Richard aaa4861373 Custom API Group overlay for AD 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2021-07-23 13:01:40 -07:00
Margo Crawford b3d0b28bd0 Integration test fixes, fixing objectGUID handling 2021-07-23 13:01:40 -07:00
Margo Crawford 5c283d941c Helper script for running active directory tests 2021-07-23 13:01:40 -07:00
Margo Crawford 94e90a5d26 groups related env variables for AD 2021-07-23 13:01:40 -07:00
Margo Crawford be6f9f83ce RBAC rules for activedirectoryidentityprovider 2021-07-23 13:01:40 -07:00
Margo Crawford 3b8edb84a5 WIP on active directory integration test 2021-07-23 13:01:40 -07:00
Margo Crawford 8fb35c6569 Active Directory cli options 2021-07-23 13:01:40 -07:00
Margo Crawford 3899292e89 Advertise Active Directory idps 2021-07-23 13:01:40 -07:00
Margo Crawford b06de69f6a ActiveDirectoryIdentityProvider 
- Create CRD
- Create implementation of AD-specific user search defaults
 2021-07-23 13:01:40 -07:00
Ryan Richard ac4bc02817 Enhance integration test for CredentialIssuer spec annotations 2021-07-23 09:46:40 -07:00
Ryan Richard 708164b878 Carefully merge desired annotations into impersonation proxy Service 
Don't overwrite annotations that might have come from a human user or
from some other non-Pinniped controller.
 2021-07-22 17:09:50 -07:00
Ryan Richard e30cf6e51a
Merge branch 'main' into cli_username_password_env_vars 2021-07-22 09:29:03 -07:00
Matt Moyer ee30b78117
Update ROADMAP.md 
Bump "Wider Concierge cluster support" to August.
 2021-07-22 10:30:45 -05:00
Ryan Richard 64aba7e703 Add new howto guide login.md 2021-07-21 12:10:47 -07:00
Matt Moyer c6c3a80a86
Merge pull request #733 from mattmoyer/switch-tools-images 
Switch to GHCR tools images for local tests, with `imagePullPolicy: IfNotPresent`.
 2021-07-21 11:47:37 -06:00
Margo Crawford a7af63ca3a
Merge pull request #729 from rdimitrov/dimitrovr/add-dex-docs 
Add documentation for configuring Supervisor with Dex and Github
 2021-07-21 08:48:49 -07:00
Matt Moyer ae72d30cec
Switch to GHCR tools images for local tests, with `imagePullPolicy: IfNotPresent`. 
This is more consistent with our CI environment.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
 2021-07-21 09:21:05 -05:00
Nanci Lancaster fec59eb1bf
Merge pull request #731 from microwavables/main 
Removed Andrew Keesler, Pablo Schumaker from site, moved them to emeritus status on maintainers file,
 2021-07-20 15:37:04 -07:00
Radoslav Dimitrov f6273b0604 Update the Prerequisites section and add a note about the groups scope 
Add Dex to the prerequisites and add a note that to query for the groups
scope the user must set the organizations Dex should search against.
Otherwise the groups claim would be empty. This is because of the format
group claims are represented, i.e. "org:team".

Signed-off-by: Radoslav Dimitrov <dimitrovr@vmware.com>
 2021-07-20 13:49:45 +03:00
Ryan Richard deb699a84a e2e test: PINNIPED_USERNAME/PINNIPED_PASSWORD env vars during LDAP login 2021-07-19 17:08:52 -07:00
Ryan Richard cac45fd999 LDAP logins read from PINNIPED_USERNAME and PINNIPED_PASSWORD env vars 
For CLI-based auth, such as with LDAP upstream identity providers, the
user may use these environment variables to avoid getting interactively
prompted for username and password.
 2021-07-19 16:20:59 -07:00