djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,438 Commits 30 Branches 34 Tags 22 MiB
9bd206cedb
Commit Graph

13 Commits

Author SHA1 Message Date
Matt Moyer
6565265bee
Use new 'go.pinniped.dev/generated/latest' package. 
Signed-off-by: Matt Moyer <moyerm@vmware.com>
 2021-02-16 13:00:08 -06:00
Matt Moyer
04c4cd9534
Upgrade to github.com/coreos/go-oidc v3.0.0. 
See https://github.com/coreos/go-oidc/releases/tag/v3.0.0 for release notes.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
 2021-01-21 12:08:14 -06:00
Margo Crawford
5611212ea9 Changing references from 1.19 to 1.20 2021-01-07 15:25:47 -08:00
Aram Price
1b5e8c3439 Upstream Watcher Controller Syncs less often by adjusting its filters 
- Only watches Secrets of type "secrets.pinniped.dev/oidc-client"

Signed-off-by: Ryan Richard <richardry@vmware.com>
 2020-12-18 15:41:18 -08:00
aram price
587cced768 Add extra type info where SecretType is used 2020-12-17 15:43:20 -08:00
Aram Price
55483b726b More "op" and "opc" local variable renames 
Signed-off-by: Ryan Richard <richardry@vmware.com>
 2020-12-17 13:49:53 -08:00
Margo Crawford
196e43aa48 Rename off of main 
Signed-off-by: Ryan Richard <richardry@vmware.com>
 2020-12-16 14:27:09 -08:00
Matt Moyer
4fe691de92
Save an http.Client with each upstreamoidc.ProviderConfig object. 
This allows the token exchange request to be performed with the correct TLS configuration.

We go to a bit of extra work to make sure the `http.Client` object is cached between reconcile operations so that connection pooling works as expected.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
 2020-12-02 15:55:33 -06:00
Matt Moyer
d64acbb5a9
Add upstreamoidc.ProviderConfig type implementing provider.UpstreamOIDCIdentityProviderI. 
Signed-off-by: Matt Moyer <moyerm@vmware.com>
 2020-11-30 15:22:56 -06:00
Ryan Richard
227fbd63aa Use an interface instead of a concrete type for UpstreamOIDCIdentityProvider 
Because we want it to implement an AuthcodeExchanger interface and
do it in a way that will be more unit test-friendly than the underlying
library that we intend to use inside its implementation.
 2020-11-18 13:38:13 -08:00
Matt Moyer
ee978fdde8
Add controller support for spec.tls field. 
Signed-off-by: Matt Moyer <moyerm@vmware.com>
 2020-11-16 20:23:20 -06:00
Matt Moyer
c10393b495
Mask the raw error messages from go-oidc, since they are dangerous. 
Signed-off-by: Matt Moyer <moyerm@vmware.com>
 2020-11-13 16:22:34 -06:00
Matt Moyer
cbd71df574
Add "upstream-watcher" controller to supervisor. 
Signed-off-by: Matt Moyer <moyerm@vmware.com>
 2020-11-13 12:30:38 -06:00