Matt Moyer
67d5c91713
Wait for successful TCR in TestImpersonationProxy.
...
This test setup should tolerate when the TokenCredentialRequest API isn't quite ready to authenticate the user or issue a cert.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-27 13:03:07 -05:00
Ryan Richard
81148866e0
URL query escape the upstream OIDC subject in the downstream subject URL
2021-05-27 09:25:48 -07:00
Matt Moyer
349d3dad83
Make temporary errors return Pending in impersonatorconfig.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-27 11:13:10 -05:00
Matt Moyer
049abfb94c
Remove a "fail fast" check from TestImpersonationProxy.
...
This check is no longer valid, because there can be ephemeral, recoverable errors that show as ErrorDuringSetup.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-27 09:22:47 -05:00
Ryan Richard
033e1f0399
Add user search base to downstream subject for upstream LDAP
...
- Also add some tests about UTF-8 characters in LDAP attributes
2021-05-26 17:04:20 -07:00
Margo Crawford
d2d0dae4ed
Wait for credentialissuer to be updated and always use proxy on clusterip test
2021-05-26 15:58:46 -07:00
Matt Moyer
0a47aa4843
Adjust log levels in impersonatorconfig controller.
...
Signed-off-by: Margo Crawford <margaretc@vmware.com>
2021-05-26 16:47:02 -05:00
Matt Moyer
d780bf64bc
Remove references to impersonationConfigMap.
...
Signed-off-by: Margo Crawford <margaretc@vmware.com>
2021-05-26 15:24:59 -05:00
Matt Moyer
b57878ebc5
Remove TODO from impersonator.go.
...
We're now tracking this in an issue: https://github.com/vmware-tanzu/pinniped/issues/642
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-26 15:08:29 -05:00
Matt Moyer
1932b03c39
Refactor createOrUpdateService() method.
...
This updates the code to use a different mechanism for driving desired state:
- Read existing object
- If it does not exist, create desired object
- If it does exist, make a copy and set all the desired fields
- Do a deepequal to see if an update is necessary.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-26 15:03:04 -05:00
Matt Moyer
be8118ec2e
Re-enable parallelism on TestImpersonatorConfigControllerSync.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-26 12:57:51 -05:00
Matt Moyer
1a4687a40a
Switch impersonatorconfig to all singleton queues.
...
We also no longer need an initial event, since we don't do anything unless the CredentialIssuer exists, so we'll always be triggered at the appropriate time.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-26 12:54:40 -05:00
Matt Moyer
b13c494f93
Migrate off global logger in impersonatorconfig.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-26 12:44:05 -05:00
Margo Crawford
e5a61f3b95
IPv6 address in unit tests for ClusterIPs
2021-05-26 10:30:33 -07:00
Ryan Richard
9621ad9d2c
More doc updates
2021-05-26 10:08:03 -07:00
Margo Crawford
f2021f1b53
Merge branch 'credentialissuer-spec-api' of github.com:vmware-tanzu/pinniped into credentialissuer-spec-api
2021-05-25 17:06:26 -07:00
Margo Crawford
e2fad6932f
multiple cluster ips
2021-05-25 17:01:42 -07:00
Ryan Richard
9ee11d2a49
Merge branch 'main' into ldap_docs
2021-05-25 16:19:06 -07:00
Ryan Richard
bf39f930d4
Some light docs wordsmithing and reordering of the sidebar
2021-05-25 16:15:45 -07:00
Matt Moyer
450ce6a4aa
Switch impersonatorconfig to new endpointaddr package.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-25 17:44:25 -05:00
Matt Moyer
c970dd1fb0
Merge branch 'main' of github.com:vmware-tanzu/pinniped into credentialissuer-spec-api
2021-05-25 17:32:58 -05:00
Matt Moyer
18a2a27a06
Merge pull request #640 from mattmoyer/endpointaddr
...
Refactor "endpoint address" parsing code into shared package.
2021-05-25 17:22:31 -05:00
Anjali Telang
47582e3290
Documentation for using Jumpcloud as LDAP provider with Pinniped Supervisor
2021-05-25 17:52:32 -04:00
Matt Moyer
89eff28549
Convert LDAP code to use endpointaddr package.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-25 16:17:27 -05:00
Matt Moyer
d9a3992b3b
Add endpointaddr pkg for parsing host+port inputs.
...
This type of field appears in more than one of our APIs, so this package will provide a single source of truth for validating and parsing inputs.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-25 16:17:26 -05:00
Margo Crawford
75dd98a965
Integration test for impersonation proxy cluster ip
2021-05-25 13:50:50 -07:00
Matt Moyer
61362f8187
Merge pull request #639 from vmware-tanzu/dependabot/go_modules/github.com/google/go-cmp-0.5.6
...
Bump github.com/google/go-cmp from 0.5.5 to 0.5.6
2021-05-25 11:04:08 -05:00
dependabot[bot]
f89f2281d8
Bump github.com/google/go-cmp from 0.5.5 to 0.5.6
...
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp ) from 0.5.5 to 0.5.6.
- [Release notes](https://github.com/google/go-cmp/releases )
- [Commits](https://github.com/google/go-cmp/compare/v0.5.5...v0.5.6 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-25 05:51:17 +00:00
Ryan Richard
f5b11a0239
New docs: 1) Concierge with Supervisor, and 2) Supervisor with OpenLDAP
2021-05-24 19:08:25 -07:00
Ryan Richard
5e8945c616
Merge pull request #632 from vmware-tanzu/ldap_additional_unit_test
...
Add another unit test for the LDAP client code
2021-05-24 14:26:13 -07:00
Ryan Richard
2331c2dae2
Merge branch 'main' into ldap_additional_unit_test
2021-05-24 14:24:48 -07:00
Ryan Richard
2014f4623d
Move require.NoError() to t.Cleanup()
2021-05-24 14:24:09 -07:00
Matt Moyer
fabc08b01b
Merge branch 'main' of github.com:vmware-tanzu/pinniped into credentialissuer-spec-api
2021-05-24 15:49:13 -05:00
Matt Moyer
468463ce1d
Merge pull request #635 from mattmoyer/fix-docs-version-to-better-default
...
Replace all references to "a specific version" with v0.8.0.
2021-05-24 14:25:48 -05:00
Matt Moyer
520eb43bfd
Replace all references to "a specific version" with v0.8.0.
...
The documentation was a bit confusing before, and it was easy to accidentally install a very outdated version if you weren't reading carefully.
We could consider writing a post-release CI job to update these references automatically (perhaps using a Hugo macro?), but for now a manual update seems sufficient.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-24 11:50:16 -05:00
Margo Crawford
5de9bac4ac
Oof... good I wrote an integration test because that's not how updating works!
...
Now updating the existing service in kubernetes but with the new
annotations
2021-05-24 09:41:49 -07:00
Matt Moyer
523a8d432f
Merge pull request #616 from vmware-tanzu/okta-supervisor-docs
...
Add doc for configuring the supervisor with okta
2021-05-24 10:34:02 -05:00
Matt Moyer
1ab1d41735
Minor cleanups on the new Supervisor+Okta docs page.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-24 10:31:06 -05:00
Margo Crawford
36168122cc
Add doc for configuring the supervisor with okta
2021-05-24 10:30:50 -05:00
Margo Crawford
150e879a68
Add tests for deleting services
2021-05-21 13:47:06 -07:00
Ryan Richard
b16e84d90a
Add another unit test for the LDAP client code
2021-05-21 12:44:01 -07:00
Margo Crawford
722aa72206
Integration test tests update functionality
2021-05-21 10:19:33 -07:00
Matt Moyer
2d0cb16239
Merge pull request #631 from mattmoyer/remove-openapi-codegen
...
Stop generating zz_generated.openapi.go files.
2021-05-21 12:19:09 -05:00
Margo Crawford
b4bb0db6e5
Refactor some shared code between load balancer and cluster ip creation
2021-05-21 09:57:46 -07:00
Matt Moyer
fd9d9b8c73
Stop generating zz_generated.openapi.go files.
...
It turns out we no longer need these and can skip this bit of code generation.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 11:16:59 -05:00
Matt Moyer
44f6fd4437
Merge pull request #630 from mattmoyer/20210521-dependency-updates
...
Upgrade Go module dependencies
2021-05-21 11:12:03 -05:00
Matt Moyer
f0d5923091
Downgrade k8s.io/kube-openapi back to a previous version.
...
9b07d72531...00de3ae54c
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:42:39 -05:00
Matt Moyer
85ebaa96d5
Upgrade k8s.io/kube-openapi dependency.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:11:26 -05:00
Matt Moyer
cf5bc9f1b4
Upgrade k8s.io/utils dependency.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:07:41 -05:00
Matt Moyer
0d02ba6af3
Upgrade k8s.io/gengo dependency.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:07:00 -05:00