Commit Graph

208 Commits

Author SHA1 Message Date
Matt Moyer
fd9d9b8c73
Stop generating zz_generated.openapi.go files.
It turns out we no longer need these and can skip this bit of code generation.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 11:16:59 -05:00
Matt Moyer
f0d5923091
Downgrade k8s.io/kube-openapi back to a previous version.
9b07d72531...00de3ae54c

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:42:39 -05:00
Matt Moyer
85ebaa96d5
Upgrade k8s.io/kube-openapi dependency.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:11:26 -05:00
Matt Moyer
cf5bc9f1b4
Upgrade k8s.io/utils dependency.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:07:41 -05:00
Matt Moyer
0d02ba6af3
Upgrade k8s.io/gengo dependency.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:07:00 -05:00
Matt Moyer
74a569fa82
Upgrade golang.org/x/* module dependencies.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:06:29 -05:00
Matt Moyer
01c0514057
Upgrade github.com/pkg/browser.
This some some kind of improvement on Windows.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:00:19 -05:00
Matt Moyer
0d42c1e9fe
Update to Kubernetes 1.21.1 runtime components.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 09:57:41 -05:00
dependabot[bot]
f595e81dbb
Bump github.com/creack/pty from 1.1.11 to 1.1.12
Bumps [github.com/creack/pty](https://github.com/creack/pty) from 1.1.11 to 1.1.12.
- [Release notes](https://github.com/creack/pty/releases)
- [Commits](https://github.com/creack/pty/compare/v1.1.11...v1.1.12)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-18 05:56:45 +00:00
Ryan Richard
6723ed9fd8 Add end-to-end integration test for CLI-based LDAP login 2021-05-11 13:55:46 -07:00
Ryan Richard
c176d15aa7 Add Supervisor upstream LDAP login to the Pinniped CLI
- Also enhance prepare-supervisor-on-kind.sh to allow setup of
  a working LDAP upstream IDP.
2021-04-19 17:59:46 -07:00
Ryan Richard
8d75825635 Merge branch 'main' into initial_ldap 2021-04-14 17:47:26 -07:00
Matt Moyer
38f3ea3f2f
Upgrade to client-go and apimachinery from Kubernetes 1.21.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-04-09 13:00:49 -05:00
Andrew Keesler
4ab704b7de
ldap: add initial stub upstream LDAP connection package
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2021-04-09 11:38:53 -04:00
Matt Moyer
bea75bb7ac
Upgrade to prereleased Kubernetes v1.20.5++ dependencies.
These commits include security fixes (CVE-2021-3121) for code generated by github.com/gogo/protobuf.
We expect this fix to also land in v1.20.6, but we don't want to wait for it.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-03-31 12:53:41 -05:00
Ryan Richard
c9b1982767 Merge branch 'main' into impersonation-proxy 2021-03-22 09:27:18 -07:00
Matt Moyer
1e7f2c7735
Upgrade Kubernetes runtime libraries to v0.20.5.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-03-22 09:33:29 -05:00
Andrew Keesler
28d00ce67b
Merge remote-tracking branch 'upstream/main' into impersonation-proxy 2021-03-18 20:13:49 -04:00
Monis Khan
d162cb9adf
Move to github.com/form3tech-oss/jwt-go
Signed-off-by: Monis Khan <mok@vmware.com>
2021-03-18 16:56:04 -04:00
Ryan Richard
a5384a6e38 Merge branch 'main' into impersonation-proxy 2021-03-15 13:06:36 -07:00
dependabot[bot]
c2b0acf241
Bump k8s.io/klog/v2 from 2.6.0 to 2.8.0
Bumps [k8s.io/klog/v2](https://github.com/kubernetes/klog) from 2.6.0 to 2.8.0.
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes/klog/compare/v2.6.0...v2.8.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-15 17:36:36 +00:00
Ryan Richard
c12a23725d Fix lint errors from a previous commit 2021-03-11 16:21:40 -08:00
Matt Moyer
78fdc59d2d
Merge branch 'main' of github.com:vmware-tanzu/pinniped into impersonation-proxy 2021-03-11 14:56:11 -06:00
Ryan Richard
d13bb07b3e Add integration test for using WhoAmIRequest through impersonator 2021-03-10 16:57:15 -08:00
Margo Crawford
24396b6af1 Use gorilla websocket library so squid proxy works 2021-03-10 16:03:52 -08:00
Ryan Richard
0b300cbe42 Use TokenCredentialRequest instead of base64 token with impersonator
To make an impersonation request, first make a TokenCredentialRequest
to get a certificate. That cert will either be issued by the Kube
API server's CA or by a new CA specific to the impersonator. Either
way, you can then make a request to the impersonator and present
that client cert for auth and the impersonator will accept it and
make the impesonation call on your behalf.

The impersonator http handler now borrows some Kube library code
to handle request processing. This will allow us to more closely
mimic the behavior of a real API server, e.g. the client cert
auth will work exactly like the real API server.

Signed-off-by: Monis Khan <mok@vmware.com>
2021-03-10 10:30:06 -08:00
Margo Crawford
c853707889 Added integration test for using websockets via the impersonation proxy
Tested that this test passed when using the kube api server directly,
so it's just the impersonation proxy that must be improved.
2021-03-09 17:00:30 -08:00
dependabot[bot]
b2be83ee45
Bump github.com/ory/fosite from 0.38.0 to 0.39.0
Bumps [github.com/ory/fosite](https://github.com/ory/fosite) from 0.38.0 to 0.39.0.
- [Release notes](https://github.com/ory/fosite/releases)
- [Changelog](https://github.com/ory/fosite/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ory/fosite/compare/v0.38.0...v0.39.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-09 05:50:01 +00:00
dependabot[bot]
3833ba0430
Bump github.com/google/go-cmp from 0.5.4 to 0.5.5
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.4 to 0.5.5.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](https://github.com/google/go-cmp/compare/v0.5.4...v0.5.5)

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-05 05:59:54 +00:00
dependabot[bot]
14b8def320
Bump k8s.io/klog/v2 from 2.5.0 to 2.6.0
Bumps [k8s.io/klog/v2](https://github.com/kubernetes/klog) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes/klog/compare/v2.5.0...v2.6.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-04 06:10:36 +00:00
dependabot[bot]
da6d69d807
Bump github.com/golang/mock from 1.4.4 to 1.5.0
Bumps [github.com/golang/mock](https://github.com/golang/mock) from 1.4.4 to 1.5.0.
- [Release notes](https://github.com/golang/mock/releases)
- [Changelog](https://github.com/golang/mock/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang/mock/compare/v1.4.4...v1.5.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-01 11:44:26 -06:00
dependabot[bot]
04ef7c5456
Bump github.com/ory/fosite from 0.36.0 to 0.38.0
Bumps [github.com/ory/fosite](https://github.com/ory/fosite) from 0.36.0 to 0.38.0.
- [Release notes](https://github.com/ory/fosite/releases)
- [Changelog](https://github.com/ory/fosite/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ory/fosite/compare/v0.36.0...v0.38.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-01 11:44:26 -06:00
dependabot[bot]
f05c3092b5
Bump github.com/go-openapi/spec from 0.19.9 to 0.20.3
Bumps [github.com/go-openapi/spec](https://github.com/go-openapi/spec) from 0.19.9 to 0.20.3.
- [Release notes](https://github.com/go-openapi/spec/releases)
- [Commits](https://github.com/go-openapi/spec/compare/v0.19.9...v0.20.3)

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-01 11:44:26 -06:00
Matt Moyer
a31c24e5a0
Bump a bunch of minor dependencies.
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.6.1 to 1.7.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.6.1...v1.7.0)

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Commits](https://github.com/go-logr/logr/compare/v0.3.0...v0.4.0)

Bumps [k8s.io/klog/v2](https://github.com/kubernetes/klog) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes/klog/compare/v2.4.0...v2.5.0)

Bumps [github.com/go-logr/stdr](https://github.com/go-logr/stdr) from 0.2.0 to 0.4.0.
- [Release notes](https://github.com/go-logr/stdr/releases)
- [Commits](https://github.com/go-logr/stdr/compare/v0.2.0...v0.4.0)

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.1.1 to 1.1.3.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md)
- [Commits](https://github.com/spf13/cobra/compare/v1.1.1...v1.1.3)

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-24 17:37:29 -06:00
Monis Khan
7786c83b0d
Bump kube deps to v0.20.4
Signed-off-by: Monis Khan <mok@vmware.com>
2021-02-19 10:26:53 -05:00
Matt Moyer
93d4581721
Workaround a bad module version to fix Dependabot.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-16 17:05:33 -06:00
Matt Moyer
6565265bee
Use new 'go.pinniped.dev/generated/latest' package.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-16 13:00:08 -06:00
Matt Moyer
b42a34d822
Add generated client code for 'latest'.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-16 12:34:33 -06:00
Monis Khan
efe1fa89fe Allow multiple Pinnipeds to work on same cluster
Yes, this is a huge commit.

The middleware allows you to customize the API groups of all of the
*.pinniped.dev API groups.

Some notes about other small things in this commit:
- We removed the internal/client package in favor of pkg/conciergeclient. The
  two packages do basically the same thing. I don't think we use the former
  anymore.
- We re-enabled cluster-scoped owner assertions in the integration tests.
  This code was added in internal/ownerref. See a0546942 for when this
  assertion was removed.
- Note: the middlware code is in charge of restoring the GV of a request object,
  so we should never need to write mutations that do that.
- We updated the supervisor secret generation to no longer manually set an owner
  reference to the deployment since the middleware code now does this. I think we
  still need some way to make an initial event for the secret generator
  controller, which involves knowing the namespace and the name of the generated
  secret, so I still wired the deployment through. We could use a namespace/name
  tuple here, but I was lazy.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
Co-authored-by: Ryan Richard <richardry@vmware.com>
2021-02-02 15:18:41 -08:00
Matt Moyer
8358c26107
Upgrade github.com/oleiade/reflections to v1.0.1.
This project overwrote the v1.0.0 tag with a different commit ID, which has caused issues with the Go module sum DB (which accurately detected the issue).

This has been one of the reasons why Dependabot is not updating our Go dependencies.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-01-27 13:49:30 -06:00
Matt Moyer
04c4cd9534
Upgrade to github.com/coreos/go-oidc v3.0.0.
See https://github.com/coreos/go-oidc/releases/tag/v3.0.0 for release notes.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-01-21 12:08:14 -06:00
Margo Crawford
326f10bbbf Resolving code review suggestions:
- set provideClusterInfo to true
- kubernetes library versions to 0.20.1
- version timestamps back to v0.0.0-00010101000000-000000000000
2021-01-08 10:21:59 -08:00
Margo Crawford
5611212ea9 Changing references from 1.19 to 1.20 2021-01-07 15:25:47 -08:00
Matt Moyer
c7931bc6d5
Remove our main module dependency on golangci-lint.
We will still pin this in CI via an image dependency.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-17 17:01:32 -06:00
Matt Moyer
421c17c421
Update all modules.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-17 16:31:08 -06:00
Matt Moyer
dfbb5b60de
Remove pinniped get-kubeconfig CLI subcommand.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-15 12:28:03 -06:00
Ryan Richard
f38c150f6a Finished tests for pkce storage and added it to kubestorage
- Also fixed some lint errors with v1.33.0 of the linter

Signed-off-by: Margo Crawford <margaretc@vmware.com>
2020-12-01 14:53:22 -08:00
Monis Khan
3575be7742
Add authorization code storage
Signed-off-by: Monis Khan <mok@vmware.com>
2020-11-19 13:18:27 -05:00
Monis Khan
dd190dede6 WIP for saving authorize endpoint state into upstream state param
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-11-10 17:58:00 -08:00
Andrew Keesler
259ffb5267
Checkpoint: write a single negative test using fosite
Bringing in fosite to our go.mod introduced those other go.mod changes.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-04 10:15:19 -05:00
Andrew Keesler
0bbf55e46f
gopkg.in/square/go-jose.v2: v2.2.2 -> v2.5.1
We were behind for some reason. Probably makes sense to bump to
latest version to get bug fixes and such.
2020-11-04 09:55:18 -05:00
Matt Moyer
e919ef6582
Add a file-based session cache.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-10-21 14:28:05 -05:00
Matt Moyer
19a1d569c9
Restructure this test to avoid data races.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-10-14 12:28:08 -05:00
Matt Moyer
50d80489be
Add initial CLI integration test for OIDC login.
This is our first test using a real browser to interact with an upstream provider.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-10-13 10:41:53 -05:00
Matt Moyer
67b692b11f
Implement the rest of an OIDC client CLI library.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-10-12 16:41:46 -05:00
Matt Moyer
38501ff763
Add initial "pinniped alpha login oidc" partial implementation.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-10-06 12:42:29 -05:00
Matt Moyer
ec3e4cae68
Upgrade client-go, et al from 1.19.0 to 1.19.2.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-24 09:21:10 -05:00
Matt Moyer
2d4d7e588a
Add Go vanity import paths.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-18 14:56:24 -05:00
Matt Moyer
8c9c1e206d
Update module/package names to match GitHub org switch.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-17 12:56:54 -05:00
Ryan Richard
db98f2810f
Merge pull request #98 from suzerain-io/get_kubeconfig_cli
Organize Pinniped CLI into subcommands; Add get-kubeconfig subcommand
2020-09-15 13:34:14 -07:00
Matt Moyer
92372d20a9
Tidy go.mod/go.sum.
I accidentally missed this in bbef017989 and it's not currently part of our CI linting.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 14:14:44 -05:00
Matt Moyer
bbef017989
Add a testlogger util package for testing go-logr.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-14 13:23:06 -05:00
Ryan Richard
da7c981f14 Organize Pinniped CLI into subcommands; Add get-kubeconfig subcommand
- Add flag parsing and help messages for root command,
  `exchange-credential` subcommand, and new `get-kubeconfig` subcommand
- The new `get-kubeconfig` subcommand is a work in progress in this
  commit
- Also add here.Doc() and here.Docf() to enable nice heredocs in
  our code
2020-09-11 17:56:05 -07:00
Ryan Richard
3ee7a0d881
cmd/test-webhook: first draft of webhook
The webhook still needs to be updated to auto generate its
certificates.

We decided not to give this webhook its own go module for now since
this webhook only pulled in one more dependency, and it is a
dependency that we will most likely need in the future.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-09-09 15:27:30 -04:00
Matt Moyer
ab82b2ea64
Merge pull request #86 from suzerain-io/dependabot/go_modules/github.com/golangci/golangci-lint-1.31.0
Bump github.com/golangci/golangci-lint from 1.30.0 to 1.31.0
2020-09-08 08:40:52 -05:00
dependabot[bot]
9c8d30fa86
Bump github.com/golangci/golangci-lint from 1.30.0 to 1.31.0
Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint) from 1.30.0 to 1.31.0.
- [Release notes](https://github.com/golangci/golangci-lint/releases)
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/golangci/golangci-lint/compare/v1.30.0...v1.31.0)

Signed-off-by: dependabot[bot] <support@github.com>
2020-09-08 06:07:24 +00:00
dependabot[bot]
1d004a7326
Bump github.com/go-logr/logr from 0.2.0 to 0.2.1
Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 0.2.0 to 0.2.1.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Commits](https://github.com/go-logr/logr/compare/v0.2.0...v0.2.1)

Signed-off-by: dependabot[bot] <support@github.com>
2020-09-07 05:49:14 +00:00
dependabot[bot]
0c5d38090e
Bump github.com/golang/mock from 1.4.3 to 1.4.4
Bumps [github.com/golang/mock](https://github.com/golang/mock) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/golang/mock/releases)
- [Changelog](https://github.com/golang/mock/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang/mock/compare/v1.4.3...v1.4.4)

Signed-off-by: dependabot[bot] <support@github.com>
2020-08-28 22:21:11 +00:00
Matt Moyer
cd00aad610
Merge pull request #78 from suzerain-io/dependabot/go_modules/github.com/google/go-cmp-0.5.2
Bump github.com/google/go-cmp from 0.5.0 to 0.5.2
2020-08-28 17:18:03 -05:00
dependabot[bot]
b5f7ff2e33
Bump k8s.io/klog/v2 from 2.2.0 to 2.3.0
Bumps [k8s.io/klog/v2](https://github.com/kubernetes/klog) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes/klog/compare/v2.2.0...v2.3.0)

Signed-off-by: dependabot[bot] <support@github.com>
2020-08-28 22:03:22 +00:00
dependabot[bot]
21fd807037
Bump github.com/google/go-cmp from 0.5.0 to 0.5.2
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.0 to 0.5.2.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](https://github.com/google/go-cmp/compare/v0.5.0...v0.5.2)

Signed-off-by: dependabot[bot] <support@github.com>
2020-08-28 22:03:10 +00:00
Matt Moyer
a503fa8673 Pull controller-go back into this repository as internal/controllerlib.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-08-28 13:07:47 -05:00
Matt Moyer
9d9b56073c Update Kubernetes versions.
- Upgrade from `1.19.0-rc.0` to the newly-release `1.19.0`.

- Downgrade from `1.18.6` to `1.18.2` to match some downstream consumers.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-08-27 13:06:05 -05:00
Matt Moyer
8f93fbb87b Make ./pkg/client into an internal package using the native k8s client.
This should simplify our build/test setup quite a bit, since it means we have only a single module (at the top level) with all hand-written code. I'll leave `module.sh` alone for now but we may be able to simplify that a bit more.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-08-27 11:48:18 -05:00
Matt Moyer
68893a1e15 Merge the ./test packages back into the main module.
We were using this at one point to control which tests ran with `go test ./...`, but now we're also using the `-short` flag to differentiate unit vs. integration tests.

Hopefully this will simplify things a bit.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-08-27 11:38:52 -05:00
Matt Moyer
8b36f2e8ae Convert code to use the new generated packages.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-08-24 14:42:27 -05:00
Ryan Richard
3929fa672e Rename project 2020-08-20 10:54:15 -07:00
Matt Moyer
1b9a70d089
Switch back to an exec-based approach to grab the controller-manager CA. (#65)
This switches us back to an approach where we use the Pod "exec" API to grab the keys we need, rather than forcing our code to run on the control plane node. It will help us fail gracefully (or dynamically switch to alternate implementations) when the cluster is not self-hosted.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
Co-authored-by: Ryan Richard <richardry@vmware.com>
2020-08-19 13:21:07 -05:00
Andrew Keesler
6e46ff345a
Run ./hack/module.sh tidy
I'm assuming if any of this is wrong, someone will yell at me...

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-08-14 09:16:48 -04:00
Matt Moyer
c5d5914866 Split up into multiple modules.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-08-06 20:09:15 -05:00
Matt Moyer
cbe4c1b370 Pull placeholder-name-api back into this repo as a library.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-08-06 20:09:15 -05:00
Matt Moyer
ad55f9e310 Pull placeholder-name-client-go back into this repo as a library.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-08-06 19:38:13 -05:00
Ryan Richard
f10c61f591 Add request logging to the create LoginRequest endpoint
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-08-06 15:14:30 -07:00
Andrew Keesler
31e6d8fbb1
Drop main module dependency on test module
I suppose we could solve this other ways, but this utility was
only used in one place right now, so it is easiest to copy it over.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-08-06 10:29:04 -04:00
Ryan Richard
cf56c67329 Move LoginDiscoveryConfig to the crds.placeholder.suzerain-io.github.io group
- Also includes bumping the api and client-go dependencies to the newer
  version which also moved LoginDiscoveryConfig to the
  crds.placeholder.suzerain-io.github.io group in the generated code
2020-07-31 17:22:12 -07:00
Ryan Richard
9fe82ec5f1 Merge remote-tracking branch 'upstream/main' into discovery_doc 2020-07-31 16:38:40 -07:00
aram price
bd594e19ff Update -api and -client-go dependencies
- pulls in chage to make ExpirationTimestamp mandatory on
  LoginRequestCredential
2020-07-30 20:05:32 -07:00
Ryan Richard
2e05e032ee Merge remote-tracking branch 'upstream/main' into discovery_doc 2020-07-30 17:28:35 -07:00
Ryan Richard
5aebb76146 Make the PublisherController use informers
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-07-30 14:34:13 -07:00
Matt Moyer
04cacabc16 Convert pkg/client to depend only on stdlib.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-07-30 13:49:45 -05:00
Andrew Keesler
9a859875a7
logindiscovery: add tests for conditional update and error cases
- Also add some log lines for better observability of behavior.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-07-30 10:39:15 -04:00
Andrew Keesler
a5f7de429d First commit of PublisherController
- Also upgrade go-client and api dependencies, and add controller-go as a dependency

Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-07-29 17:22:25 -07:00
Ryan Richard
27cd82065b Add placeholder-name CLI
- main and unit tests for main
- client package to be done in a future commit

Signed-off-by: Aram Price <pricear@vmware.com>
2020-07-28 15:15:59 -05:00
Matt Moyer
6dfae48b65 Add generated mock for loginrequest.CertIssuer interface.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-07-27 12:33:33 -07:00
Ryan Richard
9af3637403 Bump version of -api dependency
Signed-off-by: Aram Price <pricear@vmware.com>
2020-07-23 17:12:25 -07:00
Ryan Richard
6a93de3931 More validations and error handling for create LoginRequest endpoint 2020-07-23 16:01:55 -07:00
Mo Khan
5fdc20886d
Initial aggregated API server (#15)
Add initial aggregated API server (squashed from a bunch of commits).

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
Signed-off-by: Aram Price <pricear@vmware.com>
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-07-23 10:05:21 -05:00
Monis Khan
549da37805
Encode git version info into binary and user agent
Signed-off-by: Monis Khan <mok@vmware.com>
2020-07-20 00:32:11 -04:00
Matt Moyer
092cc26789 Refactor app.go and wire in autoregistration.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-07-17 12:10:33 -05:00
Matt Moyer
a3bce5f42e Add autoregistration package to manage APIService.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-07-17 10:53:13 -05:00
Monis Khan
ffa417f745
Bump kube deps to v0.19.0-rc.0
Signed-off-by: Monis Khan <mok@vmware.com>
2020-07-15 16:47:02 -04:00
Andrew Keesler
63f5416b21
Define initial config file format
- Users may want to consume pkg/config to generate configuration files.
- This also involved putting config-related utilities in the config
  package for ease of consumption.
- We did not add in versioning into the Config type for now...this is
  something we will likely do in the future, but it is not deemed
  necessary this early in the project.
- The config file format tries to follow the patterns of Kube. One such
  example of this is requiring the use of base64-encoded CA bundle PEM
  bytes instead of a file path. This also slightly simplifies the config
  file handling because we don't have to 1) read in a file or 2) deal
  with the error case of the file not being there.

- The webhook code from k8s.io/apiserver is really exactly what we want
  here. If this dependency gets too burdensome, we can always drop it,
  but the pros outweigh the cons at the moment.
- Writing out a kubeconfig to disk to configure the webhook is a little
  janky, but hopefully this won't hurt performance too much in the year
  2020.

- Also bonus: call the right *Serve*() function when starting our
  servers.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-07-14 11:50:28 -04:00
Matt Moyer
2596ddfa25 Add initial CA code.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-07-13 16:23:54 -05:00
Monis Khan
a544f7d7bf
Add integration test to check app is running
Signed-off-by: Monis Khan <mok@vmware.com>
2020-07-09 15:30:59 -04:00
Andrew Keesler
619ae2b178
Add -c/--config flag
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-07-08 13:06:44 -04:00
Matt Moyer
9bcd532c19 Add initial linter configuration.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-07-07 14:55:50 -05:00
Ryan Richard
57a22f99aa Add a simple /healthz endpoint
- Also remove the old hello world code

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-07-06 16:07:21 -07:00
Ryan Richard
911f8736f1 Hello, world! 2020-07-02 17:05:59 -07:00