Commit Graph

2285 Commits

Author SHA1 Message Date
Ryan Richard
bf39f930d4 Some light docs wordsmithing and reordering of the sidebar 2021-05-25 16:15:45 -07:00
Matt Moyer
450ce6a4aa
Switch impersonatorconfig to new endpointaddr package.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-25 17:44:25 -05:00
Matt Moyer
c970dd1fb0
Merge branch 'main' of github.com:vmware-tanzu/pinniped into credentialissuer-spec-api 2021-05-25 17:32:58 -05:00
Matt Moyer
18a2a27a06
Merge pull request #640 from mattmoyer/endpointaddr
Refactor "endpoint address" parsing code into shared package.
2021-05-25 17:22:31 -05:00
Anjali Telang
47582e3290 Documentation for using Jumpcloud as LDAP provider with Pinniped Supervisor 2021-05-25 17:52:32 -04:00
Matt Moyer
89eff28549
Convert LDAP code to use endpointaddr package.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-25 16:17:27 -05:00
Matt Moyer
d9a3992b3b
Add endpointaddr pkg for parsing host+port inputs.
This type of field appears in more than one of our APIs, so this package will provide a single source of truth for validating and parsing inputs.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-25 16:17:26 -05:00
Margo Crawford
75dd98a965 Integration test for impersonation proxy cluster ip 2021-05-25 13:50:50 -07:00
Matt Moyer
61362f8187
Merge pull request #639 from vmware-tanzu/dependabot/go_modules/github.com/google/go-cmp-0.5.6
Bump github.com/google/go-cmp from 0.5.5 to 0.5.6
2021-05-25 11:04:08 -05:00
dependabot[bot]
f89f2281d8
Bump github.com/google/go-cmp from 0.5.5 to 0.5.6
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.5 to 0.5.6.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](https://github.com/google/go-cmp/compare/v0.5.5...v0.5.6)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-25 05:51:17 +00:00
Ryan Richard
f5b11a0239 New docs: 1) Concierge with Supervisor, and 2) Supervisor with OpenLDAP 2021-05-24 19:08:25 -07:00
Ryan Richard
5e8945c616
Merge pull request #632 from vmware-tanzu/ldap_additional_unit_test
Add another unit test for the LDAP client code
2021-05-24 14:26:13 -07:00
Ryan Richard
2331c2dae2 Merge branch 'main' into ldap_additional_unit_test 2021-05-24 14:24:48 -07:00
Ryan Richard
2014f4623d Move require.NoError() to t.Cleanup() 2021-05-24 14:24:09 -07:00
Matt Moyer
fabc08b01b
Merge branch 'main' of github.com:vmware-tanzu/pinniped into credentialissuer-spec-api 2021-05-24 15:49:13 -05:00
Matt Moyer
468463ce1d
Merge pull request #635 from mattmoyer/fix-docs-version-to-better-default
Replace all references to "a specific version" with v0.8.0.
2021-05-24 14:25:48 -05:00
Matt Moyer
520eb43bfd
Replace all references to "a specific version" with v0.8.0.
The documentation was a bit confusing before, and it was easy to accidentally install a very outdated version if you weren't reading carefully.

We could consider writing a post-release CI job to update these references automatically (perhaps using a Hugo macro?), but for now a manual update seems sufficient.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-24 11:50:16 -05:00
Margo Crawford
5de9bac4ac Oof... good I wrote an integration test because that's not how updating works!
Now updating the existing service in kubernetes but with the new
annotations
2021-05-24 09:41:49 -07:00
Matt Moyer
523a8d432f
Merge pull request #616 from vmware-tanzu/okta-supervisor-docs
Add doc for configuring the supervisor with okta
2021-05-24 10:34:02 -05:00
Matt Moyer
1ab1d41735
Minor cleanups on the new Supervisor+Okta docs page.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-24 10:31:06 -05:00
Margo Crawford
36168122cc
Add doc for configuring the supervisor with okta 2021-05-24 10:30:50 -05:00
Margo Crawford
150e879a68 Add tests for deleting services 2021-05-21 13:47:06 -07:00
Ryan Richard
b16e84d90a Add another unit test for the LDAP client code 2021-05-21 12:44:01 -07:00
Margo Crawford
722aa72206 Integration test tests update functionality 2021-05-21 10:19:33 -07:00
Matt Moyer
2d0cb16239
Merge pull request #631 from mattmoyer/remove-openapi-codegen
Stop generating zz_generated.openapi.go files.
2021-05-21 12:19:09 -05:00
Margo Crawford
b4bb0db6e5 Refactor some shared code between load balancer and cluster ip creation 2021-05-21 09:57:46 -07:00
Matt Moyer
fd9d9b8c73
Stop generating zz_generated.openapi.go files.
It turns out we no longer need these and can skip this bit of code generation.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 11:16:59 -05:00
Matt Moyer
44f6fd4437
Merge pull request #630 from mattmoyer/20210521-dependency-updates
Upgrade Go module dependencies
2021-05-21 11:12:03 -05:00
Matt Moyer
f0d5923091
Downgrade k8s.io/kube-openapi back to a previous version.
9b07d72531...00de3ae54c

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:42:39 -05:00
Matt Moyer
85ebaa96d5
Upgrade k8s.io/kube-openapi dependency.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:11:26 -05:00
Matt Moyer
cf5bc9f1b4
Upgrade k8s.io/utils dependency.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:07:41 -05:00
Matt Moyer
0d02ba6af3
Upgrade k8s.io/gengo dependency.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:07:00 -05:00
Matt Moyer
74a569fa82
Upgrade golang.org/x/* module dependencies.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:06:29 -05:00
Matt Moyer
01c0514057
Upgrade github.com/pkg/browser.
This some some kind of improvement on Windows.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:00:19 -05:00
Matt Moyer
0d42c1e9fe
Update to Kubernetes 1.21.1 runtime components.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 09:57:41 -05:00
Margo Crawford
4606f1d8bd More error handling for cluster ip 2021-05-20 16:21:10 -07:00
Ryan Richard
1307c49212
Merge pull request #620 from vmware-tanzu/ldap_starttls
Support `StartTLS` for `LDAPIdentityProvider`s
2021-05-20 16:16:37 -07:00
Ryan Richard
b01665386d Use latest container image of our fork of bitnami-docker-openldap 2021-05-20 15:49:34 -07:00
Margo Crawford
599d70d6dc Wire generatedClusterIPServiceName through from NamesConfig 2021-05-20 14:11:35 -07:00
Ryan Richard
901ddd1870 Merge branch 'main' into ldap_starttls 2021-05-20 13:40:56 -07:00
Ryan Richard
8b549f66d4 Add integration test for LDAP StartTLS 2021-05-20 13:39:48 -07:00
Ryan Richard
4780c39640
Merge pull request #618 from vmware-tanzu/initial_ldap_group_support
Initial support for upstream LDAP group membership
2021-05-20 13:10:23 -07:00
Ryan Richard
7e76b66639 LDAP upstream watcher controller tries using both TLS and StartTLS
- Automatically try to fall back to using StartTLS when using TLS
  doesn't work. Only complain when both don't work.
- Remember (in-memory) which one worked and keeping using that one
  in the future (unless the pod restarts).
2021-05-20 12:46:33 -07:00
Ryan Richard
fff90ed2ca
Merge branch 'main' into initial_ldap_group_support 2021-05-20 12:36:04 -07:00
Margo Crawford
62651eddb0 Took care of some impersonation cluster ip related todos 2021-05-20 11:57:07 -07:00
Matt Moyer
ec25259901
Update impersonatorconfig controller to use new CredentialIssuer update helper.
Signed-off-by: Margo Crawford <margaretc@vmware.com>
2021-05-20 12:26:07 -05:00
Matt Moyer
e4dd83887a
Merge remote-tracking branch 'origin/main' into credentialissuer-spec-api 2021-05-20 10:53:53 -05:00
Matt Moyer
562942cdbf
Merge pull request #627 from mattmoyer/use-informers-for-credentialissuer-updates
Create CredentialIssuer at install, not runtime.
2021-05-20 10:13:41 -05:00
Ryan Richard
025b37f839 upstreamldap.New() now supports a StartTLS config option
- This enhances our LDAP client code to make it possible to optionally
  dial an LDAP server without TLS and then use StartTLS to upgrade
  the connection to TLS.
- The controller for LDAPIdentityProviders is not using this option
  yet. That will come in a future commit.
2021-05-19 17:17:44 -07:00
Margo Crawford
63c39454f6 WIP on impersonation clusterip service 2021-05-19 17:00:28 -07:00