Commit Graph

3136 Commits

Author SHA1 Message Date
Joshua Casey
a430f4b730 Bump K8s deps to 0.26 and add codegen for 0.26 2023-01-18 13:41:06 -08:00
Joshua Casey
585adc96d8 Bump generated files for K8s 1.22, 1.23, 1.24, 1.25 2023-01-18 13:38:36 -08:00
Ryan Richard
3b46547efc add hack/update-copyright-year.sh 2023-01-18 13:36:23 -08:00
Ryan Richard
53f56f328b
Merge pull request #1371 from vmware-tanzu/jtc/bump-deps-except-k8s
Bump Golang and Deps (except K8s)
2023-01-18 09:19:27 -08:00
Ryan Richard
9aafff78f1 bump two more direct deps 2023-01-18 08:26:55 -08:00
Joshua Casey
a49e48c6f7 Bump FIPS Golang to 1.18.10b7
Resolves #1367
2023-01-17 21:20:50 -06:00
Joshua Casey
6926c1ab64 Bump Golang to 1.19.5
Resolves #1368
2023-01-17 21:20:37 -06:00
Joshua Casey
f9e2212882 Bump all deps except K8s
Resolves:
- #1360
- #1361
- #1362
- #1363
- #1364
- #1365
2023-01-17 21:11:39 -06:00
Joshua Casey
95d35a174d
Merge pull request #1294 from vmware-tanzu/additional_claim_mapping
Add `spec.claims.additionalClaimMappings` to OIDCIdentityProvider
2023-01-17 20:48:58 -06:00
Ryan Richard
2f9b8b105d update copyright to 2023 in files changed by this PR 2023-01-17 15:54:16 -08:00
Ryan Richard
3d20fa79a7 Two more integration tests for additionalClaimMappings
Co-authored-by: Ryan Richard <richardry@vmware.com>
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
2023-01-17 15:36:39 -08:00
Ryan Richard
74c3156059 Assert more cluster-scoped ID token claims in supervisor_login_test.go 2023-01-17 13:10:51 -08:00
Joshua Casey
6156fdf175 Expect complex subclaims of additionalClaims to have type interface{}
Co-authored-by: Ryan Richard <richardry@vmware.com>
2023-01-17 13:27:40 -06:00
Joshua Casey
f494c61790 additionalClaims claim should not be present when no sub claims are expected
Co-authored-by: Ryan Richard <richardry@vmware.com>
Co-authored-by: Benjamin A. Petersen <ben@benjaminapetersen.me>
2023-01-17 11:58:08 -06:00
Ryan Richard
2633d72ce2 Change some test variable names related to additional claims
Co-authored-by: Ryan Richard <richardry@vmware.com>
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
2023-01-13 14:59:59 -08:00
Joshua Casey
a94bbe70c7 Add integration test to verify that additionalClaims are present in an ID Token
Co-authored-by: Ryan Richard <richardry@vmware.com>
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
Co-authored-by: Benjamin A. Petersen <ben@benjaminapetersen.me>
2023-01-13 14:59:59 -08:00
Joshua Casey
9acc456fd7 Update token_handler_test to check additionalClaims for bools, numbers, and slices
Co-authored-by: Ryan Richard <richardry@vmware.com>
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
Co-authored-by: Benjamin A. Petersen <ben@benjaminapetersen.me>
2023-01-13 14:59:59 -08:00
Ryan Richard
8ff6ef32e9 Allow additional claims to map into an ID token issued by the supervisor
- Specify mappings on OIDCIdentityProvider.spec.claims.additionalClaimMappings
- Advertise additionalClaims in the OIDC discovery endpoint under claims_supported

Co-authored-by: Ryan Richard <richardry@vmware.com>
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
2023-01-13 14:59:50 -08:00
Joshua Casey
f4c9202f49
Merge pull request #1369 from vmware-tanzu/kube_cert_agent_reduce_memory
Reduce memory consumption of pinniped-concierge-kube-cert-agent binary
2023-01-13 14:26:39 -06:00
Ryan Richard
bc7ffd37a6 Reduce memory consumption of pinniped-concierge-kube-cert-agent binary
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
2023-01-13 11:07:42 -08:00
Pinny
f691baec74 Updated versions in docs for v0.21.0 release 2022-12-21 13:12:06 +00:00
Ryan Richard
39a95e1198
Merge pull request #1354 from vmware-tanzu/dump_more_deps_dec_2022
Bump Go 1.19.1 -> 1.19.4, and go-boringcrypto 1.18.6b7 -> 1.18.9b7
2022-12-15 10:35:54 -08:00
Ryan Richard
6d3ed73eee Bump Go 1.19.1 -> 1.19.4, and go-boringcrypto 1.18.6b7 -> 1.18.9b7 2022-12-15 09:40:32 -08:00
Ryan Richard
e3a963b73f
Merge pull request #1340 from vmware-tanzu/jtc/update-maintainers
Update maintainers
2022-12-15 09:31:14 -08:00
Ryan Richard
30818cb66d
Merge pull request #1353 from vmware-tanzu/dump_deps_dec_2022
Upgrade project Go dependencies
2022-12-15 09:23:16 -08:00
Ryan Richard
976035115e Stop using pointer pkg functions that were deprecated by dependency bump 2022-12-14 08:47:16 -08:00
Ryan Richard
85b67f254c Add more assertion to token_handler_test.go for token exchange exp claim 2022-12-14 08:47:16 -08:00
Ryan Richard
e1a0367b03 Upgrade project Go dependencies
Most of the changes in this commit are because of these fosite PRs
which changed behavior and/or APIs in fosite:
- https://github.com/ory/fosite/pull/667
- https://github.com/ory/fosite/pull/679 (from me!)
- https://github.com/ory/fosite/pull/675
- https://github.com/ory/fosite/pull/688

Due to the changes in fosite PR #688, we need to bump our storage
version for anything which stores the DefaultSession struct as JSON.
2022-12-14 08:47:16 -08:00
Joshua Casey
a9aac69c65 Add https://github.com/joshuatcasey as a Maintainer. Remove Technical Lead role. 2022-12-08 11:47:06 -06:00
Joshua Casey
d88895c4a5 Prettify MAINTAINERS.md 2022-12-08 11:43:09 -06:00
Ryan Richard
d35306aa85
Merge pull request #1322 from rooso/main
Update example configuration for Active Directory
2022-11-09 09:35:32 -08:00
rooso
3548362ce4
Update example configuration for Active Directory
there was an typo in the example configuration for Microsoft Active Directory. Attribute was `userPrincipleName` but should be `userPrincipalName`
2022-10-20 14:34:12 +02:00
Ben Petersen
4951cbe5d4
Merge pull request #1306 from vmware-tanzu/ci-updates-for-external-idps
Update TestLDAPSearch_Parallel to notice different var for external ldap server
2022-09-29 12:35:50 -04:00
Ryan Richard
66f4ee8a1b Update more tests to notice different var for external ldap server 2022-09-28 14:32:10 -07:00
Benjamin A. Petersen
09b9075abb
Update TestLDAPSearch_Parallel to notice different var for external ldap server 2022-09-28 16:02:56 -04:00
Ben Petersen
99c635c38d
Merge pull request #1304 from vmware-tanzu/site-footers
Update site footer and maintainers page
2022-09-27 16:18:18 -04:00
Benjamin A. Petersen
265c63fa54
Update site footer and maintainers page
Co-authored-by: Ryan Richard <richardry@vmware.com>
Co-authored-by: Benjamin A. Petersen <ben@benjaminapetersen.me>
2022-09-27 16:13:55 -04:00
Pinny
2995e6a48c Updated versions in docs for v0.20.0 release 2022-09-27 17:16:32 +00:00
Ryan Richard
563c193499 Fix integration test expectation for AKS clusters 2022-09-26 17:00:11 -07:00
Ryan Richard
0d215566d8 Yet another integration test fix for dynamic clients feature with Okta 2022-09-26 16:41:52 -07:00
Ryan Richard
23185d55a5 Another integration test fix for dynamic clients feature with Okta
Also increase the timeout in an integration test because it is flaking
on one of the GKE environments sometimes, probably because the
Concierge controllers aren't ready fast enough before the integration
tests start.
2022-09-26 14:43:50 -07:00
Ryan Richard
f302e71b0f Fix some integration tests' handling of groups to work with Okta 2022-09-26 12:40:07 -07:00
Ryan Richard
110681cdb8 Fix the name of the API Service updater controller in the log messages 2022-09-26 12:37:34 -07:00
Ryan Richard
36dbc7c9bf Update supervisor_storage_test.go to avoid using fuzzed value
The fuzzed value depends on which Go compiler is used. This breaks
the fips tests in CI as long as the fips compiler is a version behind
(we are still waiting for the 1.19 fips compiler to come out).

The fuzzing is still being tested by a separate unit test, so we are
not losing fuzzing test coverage.
2022-09-26 11:19:39 -07:00
Ryan Richard
1e05012bdb
Merge pull request #1303 from vmware-tanzu/dependabot/go_modules/github.com/tdewolff/minify/v2-2.12.2
Bump github.com/tdewolff/minify/v2 from 2.12.1 to 2.12.2
2022-09-26 07:56:37 -07:00
dependabot[bot]
e122e65b0a
Bump github.com/tdewolff/minify/v2 from 2.12.1 to 2.12.2
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.12.1 to 2.12.2.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.12.1...v2.12.2)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-26 01:34:52 +00:00
Ryan Richard
d444242431
Merge pull request #1302 from vmware-tanzu/bump_deps_sept_2022
Bump deps sept 2022
2022-09-23 16:38:41 -07:00
Ryan Richard
3b507dab4a Upgrade generated code to use the latest available versions of Kube libs
Manually kube-versions.txt and then ran ./hack/update.sh to update the
generated code.
2022-09-23 14:55:23 -07:00
Ryan Richard
bad95c072e Upgrade project dependencies to latest
- Upgrade Go used in CI from 1.19.0 to 1.19.1
- Upgrade all go.mod direct dependencies to latest available versions
- Upgrade distroless base image to latest available version
- Upgrade Go fips compiler to to latest available version

Note that upgrading the go-oidc library changed an error message
returned by that library, so update the places where tests were
expecting that error message.
2022-09-23 14:41:54 -07:00
Ryan Richard
eb62f04f21
Merge pull request #1181 from vmware-tanzu/dynamic_clients
Dynamic OIDC clients feature
2022-09-23 14:03:08 -07:00