djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3,020 Commits 30 Branches 34 Tags 22 MiB
57f8e18dbc
Commit Graph

3020 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ryan Richard
57f8e18dbc Merge branch 'main' into dynamic_clients 2022-07-26 09:31:18 -07:00
Ryan Richard
a876591765
Merge pull request #1126 from vmware-tanzu/dynamic_clients_proposal 
Dynamic Supervisor OIDC Clients proposal
 2022-07-26 09:27:37 -07:00
Ryan Richard
b5c0b4b90e
Merge pull request #1240 from vmware-tanzu/pause_community_meeting 
pause community meeting for a little while
 2022-07-26 09:24:19 -07:00
Ryan Richard
c07cc6b8ec Update e2e_test.go for clusters which have ServerSideFieldValidation 
Also update prepare-cluster-for-integration-tests.sh for new
kubectl version command options.
 2022-07-25 17:25:21 -07:00
Ryan Richard
8c7fbd2c0c pause community meeting for a little while 2022-07-25 12:07:18 -07:00
Ryan Richard
f1cd4eebb0 Merge branch 'main' into dynamic_clients 2022-07-22 10:00:53 -07:00
Ryan Richard
075bc824e7 Merge branch 'main' into dynamic_clients_proposal 2022-07-22 09:56:40 -07:00
Ryan Richard
7ccd41b5f2 docs gen tool changed its output, so rerun codegen 2022-07-22 09:56:20 -07:00
Ryan Richard
ae917bfd8d Merge branch 'main' into dynamic_clients_proposal 2022-07-22 09:33:45 -07:00
Ryan Richard
7450fb6c8e A few more small changes to the dynamic clients proposal 2022-07-22 09:26:24 -07:00
Mo Khan
ee3646ef13
Merge pull request #1239 from enj/goodbye 
Update current maintainers ✌️👋🫡
 2022-07-22 10:39:55 -04:00
Monis Khan
1e56968491
Update current maintainers ✌️👋🫡 
Signed-off-by: Monis Khan <mok@vmware.com>
 2022-07-21 18:07:54 -04:00
Ryan Richard
b507604b90 Update dynamic clients proposal with a link to the LDAP/AD UI release 
Also fix a typos.
 2022-07-21 11:37:58 -07:00
Ryan Richard
1eefba537d Update dynamic clients proposal with details learned during implementation 
Also fix some typos and add some clarifying comments.
 2022-07-21 11:26:04 -07:00
Mo Khan
f9dfd68420
Merge pull request #1221 from vmware-tanzu/oidcclient_controller2 
Enhancements to OIDCClient controller
 2022-07-15 08:51:44 -04:00
Ryan Richard
be85e1ed0a TotalClientSecrets field gets omitempty and becomes int32 2022-07-14 09:30:03 -07:00
Ryan Richard
93939ccbd8 OIDCClient watcher controller updates based on PR feedback 2022-07-06 10:34:24 -07:00
Ryan Richard
8a23f244f3
Merge pull request #1215 from vmware-tanzu/prepare_supervisor_on_kind_linux 
fix usage of base64 in hack script for linux
 2022-06-29 10:51:16 -07:00
Ryan Richard
5b0c165dc8 fix usage of base64 in hack script 2022-06-28 12:44:41 -07:00
Ryan Richard
4878ae77e5
Merge pull request #1142 from vmware-tanzu/audit_logging_proposal 
Audit logging proposal
 2022-06-28 12:33:55 -07:00
Ryan Richard
18a1f3a43a
Merge branch 'main' into audit_logging_proposal 2022-06-28 12:33:02 -07:00
Mo Khan
43a76648d5
Merge pull request #1213 from vmware-tanzu/fix-groups-scope-integration-tests 
One line fix to the supervisor warnings test
 2022-06-24 11:12:07 -04:00
Margo Crawford
98b0b6b21c One line fix to the supervisor warnings test 
Make the scopes in the cache key include the new groups scope

Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-24 08:09:32 -07:00
Monis Khan
f13c5e3f06
Fix supervisor scheme comment 
Signed-off-by: Monis Khan <mok@vmware.com>
 2022-06-24 09:56:44 -04:00
Mo Khan
d576e44f0a
Merge pull request #1197 from vmware-tanzu/require-groups-scope 
Require groups scope
 2022-06-23 14:06:46 -04:00
Margo Crawford
8adc1ce345 Fix failing active directory integration test 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-22 16:16:32 -07:00
Ryan Richard
3cf3b28c5b Update audit log proposal 2022-06-22 15:12:28 -07:00
Margo Crawford
a010e72b29 Merge branch 'dynamic_clients' into require-groups-scope 2022-06-22 14:27:06 -07:00
Margo Crawford
dac0395680 Add a couple tests, address pr comments 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-22 14:19:55 -07:00
Margo Crawford
f2005b4c7f Merge branch 'dynamic_clients' into require-groups-scope 2022-06-22 12:30:54 -07:00
Margo Crawford
c70a0b99a8 Don't do ldap group search when group scope not specified 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-22 10:58:08 -07:00
Margo Crawford
9903c5f79e Handle refresh requests without groups scope 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-22 08:21:16 -07:00
Mo Khan
0a2aa9338d
Merge pull request #1198 from vmware-tanzu/oidcclient_controller 
New controller watches OIDCClients and updates validation Conditions
 2022-06-17 13:39:49 -04:00
Ryan Richard
5aa0d91267
New controller watches OIDCClients and updates validation Conditions 2022-06-17 13:11:26 -04:00
Mo Khan
f8183e0fab
Merge pull request #1199 from enj/enj/f/dynamic_clients_name_fix 
Fix TestOIDCClientStaticValidation on old servers
 2022-06-17 09:05:08 -04:00
Monis Khan
36a5c4c20d
Fix TestOIDCClientStaticValidation on old servers 
Signed-off-by: Monis Khan <mok@vmware.com>
 2022-06-17 09:04:03 -04:00
Mo Khan
4bf734061d
Merge pull request #1190 from vmware-tanzu/client-secret-api-noop 
aggregated api for oidcclientsecretrequest
 2022-06-16 10:30:13 -04:00
Mo Khan
90077f7135
Merge pull request #1195 from enj/enj/f/dynamic_clients_name 
Static validation for OIDC clients
 2022-06-16 10:29:03 -04:00
Margo Crawford
64cd8b0b9f Add e2e test for groups scope 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-15 13:41:22 -07:00
Monis Khan
59d67322d3
Static validation for OIDC clients 
The following validation is enforced:

1. Names must start with client.oauth.pinniped.dev-
2. Redirect URIs must start with https://
   or http://127.0.0.1
   or http://::1
3. All spec lists must not have duplicates

Added an integration test to assert all static validations.

Signed-off-by: Monis Khan <mok@vmware.com>
 2022-06-15 15:09:40 -04:00
Margo Crawford
ff26c424ae Remove unused role binding 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-15 10:19:56 -07:00
Margo Crawford
424f925a14 Merge branch 'dynamic_clients' into client-secret-api-noop 2022-06-15 09:38:55 -07:00
Margo Crawford
c117329553 Updates based on code review 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-15 09:38:21 -07:00
Margo Crawford
4d0c2e16f4 require groups scope to get groups back from supervisor 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-15 08:00:17 -07:00
Mo Khan
c77bee67c1
Merge pull request #1189 from vmware-tanzu/token_exchange_aud 
Disallow certain requested audience strings in token exchange
 2022-06-14 16:41:51 -04:00
Margo Crawford
c95efad180 Merge branch 'dynamic_clients' into client-secret-api-noop 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-13 17:12:00 -07:00
Ryan Richard
268e1108d1
Merge pull request #1194 from vmware-tanzu/config_oidcclient 
Move oidcclient into config.supervisor.pinniped.dev
 2022-06-13 16:03:05 -07:00
Margo Crawford
104e08b0f6 Merge branch 'dynamic_clients' into client-secret-api-noop 2022-06-13 15:52:34 -07:00
Margo Crawford
0c1f48cbc1 Move oidcclient into config.supervisor.pinniped.dev 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-13 15:48:54 -07:00
Margo Crawford
8f4285dbff Change group names 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-13 14:28:05 -07:00