djpbessems
/
ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3,020 Commits 30 Branches 34 Tags 22 MiB
Commit Graph

3020 Commits

Author SHA1 Message Date
Ryan Richard 57f8e18dbc Merge branch 'main' into dynamic_clients 2022-07-26 09:31:18 -07:00
Ryan Richard a876591765
Merge pull request #1126 from vmware-tanzu/dynamic_clients_proposal 
Dynamic Supervisor OIDC Clients proposal
 2022-07-26 09:27:37 -07:00
Ryan Richard b5c0b4b90e
Merge pull request #1240 from vmware-tanzu/pause_community_meeting 
pause community meeting for a little while
 2022-07-26 09:24:19 -07:00
Ryan Richard c07cc6b8ec Update e2e_test.go for clusters which have ServerSideFieldValidation 
Also update prepare-cluster-for-integration-tests.sh for new
kubectl version command options.
 2022-07-25 17:25:21 -07:00
Ryan Richard 8c7fbd2c0c pause community meeting for a little while 2022-07-25 12:07:18 -07:00
Ryan Richard f1cd4eebb0 Merge branch 'main' into dynamic_clients 2022-07-22 10:00:53 -07:00
Ryan Richard 075bc824e7 Merge branch 'main' into dynamic_clients_proposal 2022-07-22 09:56:40 -07:00
Ryan Richard 7ccd41b5f2 docs gen tool changed its output, so rerun codegen 2022-07-22 09:56:20 -07:00
Ryan Richard ae917bfd8d Merge branch 'main' into dynamic_clients_proposal 2022-07-22 09:33:45 -07:00
Ryan Richard 7450fb6c8e A few more small changes to the dynamic clients proposal 2022-07-22 09:26:24 -07:00
Mo Khan ee3646ef13
Merge pull request #1239 from enj/goodbye 
Update current maintainers ✌️👋🫡
 2022-07-22 10:39:55 -04:00
Monis Khan 1e56968491
Update current maintainers ✌️👋🫡 
Signed-off-by: Monis Khan <mok@vmware.com>
 2022-07-21 18:07:54 -04:00
Ryan Richard b507604b90 Update dynamic clients proposal with a link to the LDAP/AD UI release 
Also fix a typos.
 2022-07-21 11:37:58 -07:00
Ryan Richard 1eefba537d Update dynamic clients proposal with details learned during implementation 
Also fix some typos and add some clarifying comments.
 2022-07-21 11:26:04 -07:00
Mo Khan f9dfd68420
Merge pull request #1221 from vmware-tanzu/oidcclient_controller2 
Enhancements to OIDCClient controller
 2022-07-15 08:51:44 -04:00
Ryan Richard be85e1ed0a TotalClientSecrets field gets omitempty and becomes int32 2022-07-14 09:30:03 -07:00
Ryan Richard 93939ccbd8 OIDCClient watcher controller updates based on PR feedback 2022-07-06 10:34:24 -07:00
Ryan Richard 8a23f244f3
Merge pull request #1215 from vmware-tanzu/prepare_supervisor_on_kind_linux 
fix usage of base64 in hack script for linux
 2022-06-29 10:51:16 -07:00
Ryan Richard 5b0c165dc8 fix usage of base64 in hack script 2022-06-28 12:44:41 -07:00
Ryan Richard 4878ae77e5
Merge pull request #1142 from vmware-tanzu/audit_logging_proposal 
Audit logging proposal
 2022-06-28 12:33:55 -07:00
Ryan Richard 18a1f3a43a
Merge branch 'main' into audit_logging_proposal 2022-06-28 12:33:02 -07:00
Mo Khan 43a76648d5
Merge pull request #1213 from vmware-tanzu/fix-groups-scope-integration-tests 
One line fix to the supervisor warnings test
 2022-06-24 11:12:07 -04:00
Margo Crawford 98b0b6b21c One line fix to the supervisor warnings test 
Make the scopes in the cache key include the new groups scope

Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-24 08:09:32 -07:00
Monis Khan f13c5e3f06
Fix supervisor scheme comment 
Signed-off-by: Monis Khan <mok@vmware.com>
 2022-06-24 09:56:44 -04:00
Mo Khan d576e44f0a
Merge pull request #1197 from vmware-tanzu/require-groups-scope 
Require groups scope
 2022-06-23 14:06:46 -04:00
Margo Crawford 8adc1ce345 Fix failing active directory integration test 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-22 16:16:32 -07:00
Ryan Richard 3cf3b28c5b Update audit log proposal 2022-06-22 15:12:28 -07:00
Margo Crawford a010e72b29 Merge branch 'dynamic_clients' into require-groups-scope 2022-06-22 14:27:06 -07:00
Margo Crawford dac0395680 Add a couple tests, address pr comments 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-22 14:19:55 -07:00
Margo Crawford f2005b4c7f Merge branch 'dynamic_clients' into require-groups-scope 2022-06-22 12:30:54 -07:00
Margo Crawford c70a0b99a8 Don't do ldap group search when group scope not specified 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-22 10:58:08 -07:00
Margo Crawford 9903c5f79e Handle refresh requests without groups scope 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-22 08:21:16 -07:00
Mo Khan 0a2aa9338d
Merge pull request #1198 from vmware-tanzu/oidcclient_controller 
New controller watches OIDCClients and updates validation Conditions
 2022-06-17 13:39:49 -04:00
Ryan Richard 5aa0d91267
New controller watches OIDCClients and updates validation Conditions 2022-06-17 13:11:26 -04:00
Mo Khan f8183e0fab
Merge pull request #1199 from enj/enj/f/dynamic_clients_name_fix 
Fix TestOIDCClientStaticValidation on old servers
 2022-06-17 09:05:08 -04:00
Monis Khan 36a5c4c20d
Fix TestOIDCClientStaticValidation on old servers 
Signed-off-by: Monis Khan <mok@vmware.com>
 2022-06-17 09:04:03 -04:00
Mo Khan 4bf734061d
Merge pull request #1190 from vmware-tanzu/client-secret-api-noop 
aggregated api for oidcclientsecretrequest
 2022-06-16 10:30:13 -04:00
Mo Khan 90077f7135
Merge pull request #1195 from enj/enj/f/dynamic_clients_name 
Static validation for OIDC clients
 2022-06-16 10:29:03 -04:00
Margo Crawford 64cd8b0b9f Add e2e test for groups scope 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-15 13:41:22 -07:00
Monis Khan 59d67322d3
Static validation for OIDC clients 
The following validation is enforced:

1. Names must start with client.oauth.pinniped.dev-
2. Redirect URIs must start with https://
   or http://127.0.0.1
   or http://::1
3. All spec lists must not have duplicates

Added an integration test to assert all static validations.

Signed-off-by: Monis Khan <mok@vmware.com>
 2022-06-15 15:09:40 -04:00
Margo Crawford ff26c424ae Remove unused role binding 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-15 10:19:56 -07:00
Margo Crawford 424f925a14 Merge branch 'dynamic_clients' into client-secret-api-noop 2022-06-15 09:38:55 -07:00
Margo Crawford c117329553 Updates based on code review 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-15 09:38:21 -07:00
Margo Crawford 4d0c2e16f4 require groups scope to get groups back from supervisor 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-15 08:00:17 -07:00
Mo Khan c77bee67c1
Merge pull request #1189 from vmware-tanzu/token_exchange_aud 
Disallow certain requested audience strings in token exchange
 2022-06-14 16:41:51 -04:00
Margo Crawford c95efad180 Merge branch 'dynamic_clients' into client-secret-api-noop 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-13 17:12:00 -07:00
Ryan Richard 268e1108d1
Merge pull request #1194 from vmware-tanzu/config_oidcclient 
Move oidcclient into config.supervisor.pinniped.dev
 2022-06-13 16:03:05 -07:00
Margo Crawford 104e08b0f6 Merge branch 'dynamic_clients' into client-secret-api-noop 2022-06-13 15:52:34 -07:00
Margo Crawford 0c1f48cbc1 Move oidcclient into config.supervisor.pinniped.dev 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-13 15:48:54 -07:00
Margo Crawford 8f4285dbff Change group names 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-06-13 14:28:05 -07:00