Benjamin A. Petersen
899ea429de
metadata.yml applied to package repository packages
2023-09-14 10:05:24 -04:00
Benjamin A. Petersen
9ba2609c58
metadata.yml files support namespace templating
2023-09-14 10:05:24 -04:00
Benjamin A. Petersen
51afadba19
Fix: default image_repo for supervisor,concierge, packages installed in
...
global kapp-controller-packaging-global
2023-09-14 10:05:24 -04:00
Benjamin A. Petersen
23915fbc0c
build.sh refactor: variables for dir names, ensure consistency
2023-09-14 10:05:23 -04:00
Benjamin A. Petersen
7d9a8f77ff
fix ytt templating error
2023-09-14 10:05:23 -04:00
Benjamin A. Petersen
edc95ea4aa
fix RBAC in build.sh script
2023-09-14 10:05:23 -04:00
Benjamin A. Petersen
a2487cb72a
add build.sh which outlines all steps to build & generate resources
2023-09-14 10:05:23 -04:00
Benjamin A. Petersen
172be119f0
add package-repository directory and resources
2023-09-14 10:05:23 -04:00
Benjamin A. Petersen
f12d826972
add package_image to values.yaml files (sibling to image)
2023-09-14 10:05:23 -04:00
Benjamin A. Petersen
e8ddae3aab
commit generated schema-openapi.yml
2023-09-14 10:05:23 -04:00
Benjamin A. Petersen
730b1bbe43
use package-template.yml to generate packages
2023-09-14 10:05:22 -04:00
Benjamin A. Petersen
9e5e2f8acb
metadata.yml fix
2023-09-14 10:05:22 -04:00
Benjamin A. Petersen
4517258d9a
build.yaml kbld config: pass in image_repo
2023-09-14 10:05:22 -04:00
Benjamin A. Petersen
cabf4c9088
Update supervisor values.yaml to a schema doc. Make @nullable work
...
- see build.sh for documented script to run to generate:
ytt --file concierge/config/values.yaml --data-values-schema-inspect --output openapi-v3 > concierge/schema-openapi.yml
2023-09-14 10:05:22 -04:00
Benjamin A. Petersen
dfa60bbafd
WIP: update the schema gen for supervisor
...
the ./build.sh for the ytt invocation for this.
there is more work to do here, this gets us started.
many of our multiline descriptions need to be assessed.
do we want both? the description and also the schema text?
2023-09-14 10:05:22 -04:00
Benjamin A. Petersen
1191e7470c
Update supervisor values.yaml to a schema doc. Make @nullable work
...
- see build.sh for documented script to run to generate:
ytt --file supervisor/config/values.yaml --data-values-schema-inspect --output openapi-v3 > supervisor/schema-openapi.yml
2023-09-14 10:05:22 -04:00
Benjamin A. Petersen
520c6b643d
add some hacky scripts for generating things
2023-09-14 10:05:21 -04:00
Benjamin A. Petersen
5c767cc785
add concierge package, schema, metadata files
2023-09-14 10:05:21 -04:00
Benjamin A. Petersen
7f7a6b6f97
add supervisor package, schema, metadata files
2023-09-14 10:05:21 -04:00
Benjamin A. Petersen
a644b82005
WIP: add .imgpkg directories
2023-09-14 10:05:21 -04:00
Benjamin A. Petersen
2898bd99ed
WIP: hack in a deploy_carvel/concierge directory, but strip out the deployment for simplicity
2023-09-14 10:05:21 -04:00
Benjamin A. Petersen
61f5c9798a
WIP: hack in a deploy_carvel/supervisor directory, but strip out the deployment for simplicity
2023-09-14 10:05:09 -04:00
Ryan Richard
06d456fc87
Merge pull request #1419 from vmware-tanzu/multiple_idps_and_transformations
...
Support multiple IDPs and identity transformations on Supervisor FederationDomains
2023-09-13 14:26:23 -07:00
Ryan Richard
5573c629b5
remove extra timeoutCtx for exec.CommandContext invocations in e2e test
...
These extra timeout contexts were only in the new multiple IDPs e2e
test. Remove this possible cause of test cleanup flakes where the test
runs slow enough in CI that this timeout context has already expired
and then the cleanup function fails with context deadline exceeded
errors.
2023-09-13 12:48:10 -07:00
Ryan Richard
2cecc17ef0
add celformer unit test demonstrating string regexp in CEL expressions
2023-09-13 12:31:00 -07:00
Ryan Richard
c52ed93bf8
make prepare-supervisor-on-kind.sh work with older versions of bash
2023-09-12 10:24:55 -07:00
Ryan Richard
84498d5a55
fix imports grouping in manager.go
2023-09-12 09:34:19 -07:00
Ryan Richard
8faf3b0e26
add workaround in update-codegen.sh for problem seen when run on linux
2023-09-11 13:07:05 -07:00
Ryan Richard
a7bd494ec3
update FederationDomain.status.conditions to come from metav1
2023-09-11 13:06:52 -07:00
Ryan Richard
b6f0dc3ba7
Fix conflicts caused from rebasing main into multiple IDPs branch
2023-09-11 11:15:40 -07:00
Ryan Richard
e2bdab9e2d
add the IDP display name to the downstream ID token's sub
claim
...
To make the subject of the downstream ID token more unique when
there are multiple IDPs. It is possible to define two IDPs in a
FederationDomain using the same identity provider CR, in which
case the only thing that would make the subject claim different
is adding the IDP display name into the values of the subject claim.
2023-09-11 11:15:40 -07:00
Ryan Richard
28210ab14d
add units tests to token_handler_test.go
2023-09-11 11:15:40 -07:00
Ryan Richard
593d55ec09
run codegen again after rebasing main branch into feature branch
2023-09-11 11:15:37 -07:00
Ryan Richard
5ad7e9a8ca
started add units tests for identity transforms to token_handler_test.go
2023-09-11 11:14:06 -07:00
Ryan Richard
7f70fcf679
add units tests to post_login_handler_test.go
2023-09-11 11:14:06 -07:00
Ryan Richard
f653942065
add new unit tests in callback_handler_test.go
2023-09-11 11:14:06 -07:00
Ryan Richard
d4611b829d
use slices.Contains() instead of custom func in token_handler_test.go
2023-09-11 11:14:06 -07:00
Ryan Richard
b2656b9cb1
add new unit tests in auth_handler_test.go
2023-09-11 11:14:06 -07:00
Ryan Richard
2eb82cc1d7
Add more tests with identity transformations in supervisor_login_test.go
2023-09-11 11:14:06 -07:00
Ryan Richard
0a21cb6d08
Replace more pointer.String() with the new ptr.To()
2023-09-11 11:14:06 -07:00
Ryan Richard
519aece8a5
Start adding identity transformations tests to supervisor_login_test.go
2023-09-11 11:14:06 -07:00
Ryan Richard
e6c78facfc
Fix expectations in FederationDomains status test for old Kube versions
...
Also try to avoid flakes by using RetryOnConflict when calling Update
on the FederationDomain.
2023-09-11 11:14:05 -07:00
Ryan Richard
01ab7758d8
Add e2e test for rejecting auth using identity transformation policy
2023-09-11 11:14:05 -07:00
Ryan Richard
957892b677
handle old versions of k8s in supervisor_federationdomain_status_test.go
2023-09-11 11:14:05 -07:00
Ryan Richard
c701a4a344
remove expectation about TransformsConstantsNamesUnique status condition
...
Forgot to remove this in the previous commit which removed writing that
condition from the controller code.
2023-09-11 11:14:05 -07:00
Ryan Richard
92bf826ec5
rename a local variable in an integration test
2023-09-11 11:14:05 -07:00
Ryan Richard
446384a7f5
add an e2e test for a FederationDomain with multiple IDPs and transforms
2023-09-11 11:14:05 -07:00
Ryan Richard
6d82a11645
CRD already validates that IDP transform constant names are unique
...
- Remove that validation from the controller since the CRD already
validates it during creates and updates.
- Also finish the supervisor_federationdomain_status_test.go by adding
more tests for both controller validations and CRD validations
2023-09-11 11:14:05 -07:00
Ryan Richard
bd5cabf0ff
fix some here.Doc string indents in federation_domain_watcher_test.go
...
To make things visually line up better.
2023-09-11 11:14:05 -07:00
Ryan Richard
51742366fe
wordsmith some FederationDomain status messages
2023-09-11 11:14:05 -07:00