Monis Khan
8179a7e802
Bump kube to v0.23.4, rest to latest
...
Signed-off-by: Monis Khan <mok@vmware.com>
2022-03-01 09:25:56 -05:00
Monis Khan
4be2dd3b2a
Bump Kube to v0.23.3 and rest to latest
...
Signed-off-by: Monis Khan <mok@vmware.com>
2022-02-10 16:15:26 -05:00
Monis Khan
d55ae3f8bb
Bump all deps to latest
...
Signed-off-by: Monis Khan <mok@vmware.com>
2022-01-21 11:25:56 -05:00
Ryan Richard
e85a6c09f6
Merge pull request #953 from vmware-tanzu/dependabot/go_modules/github.com/tdewolff/minify/v2-2.9.29
...
Bump github.com/tdewolff/minify/v2 from 2.9.26 to 2.9.29
2022-01-20 14:16:05 -08:00
Ryan Richard
652797ba0b
Merge branch 'main' into dependabot/go_modules/github.com/tdewolff/minify/v2-2.9.29
2022-01-20 12:23:02 -08:00
Ryan Richard
89c40259f3
Use latest github.com/ory/x v0.0.336
2022-01-20 12:21:19 -08:00
dependabot[bot]
cd3d1333de
Bump github.com/ory/x from 0.0.331 to 0.0.334
...
Bumps [github.com/ory/x](https://github.com/ory/x ) from 0.0.331 to 0.0.334.
- [Release notes](https://github.com/ory/x/releases )
- [Commits](https://github.com/ory/x/compare/v0.0.331...v0.0.334 )
---
updated-dependencies:
- dependency-name: github.com/ory/x
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-19 22:07:18 +00:00
dependabot[bot]
4ce2f9db50
Bump github.com/tdewolff/minify/v2 from 2.9.26 to 2.9.29
...
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify ) from 2.9.26 to 2.9.29.
- [Release notes](https://github.com/tdewolff/minify/releases )
- [Commits](https://github.com/tdewolff/minify/compare/v2.9.26...v2.9.29 )
---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-19 01:05:43 +00:00
dependabot[bot]
b2bdf01152
Bump github.com/ory/fosite from 0.41.0 to 0.42.0
...
Bumps [github.com/ory/fosite](https://github.com/ory/fosite ) from 0.41.0 to 0.42.0.
- [Release notes](https://github.com/ory/fosite/releases )
- [Changelog](https://github.com/ory/fosite/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ory/fosite/compare/v0.41.0...v0.42.0 )
---
updated-dependencies:
- dependency-name: github.com/ory/fosite
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-18 23:53:34 +00:00
Monis Khan
1e1789f6d1
Allow configuration of supervisor endpoints
...
This change allows configuration of the http and https listeners
used by the supervisor.
TCP (IPv4 and IPv6 with any interface and port) and Unix domain
socket based listeners are supported. Listeners may also be
disabled.
Binding the http listener to TCP addresses other than 127.0.0.1 or
::1 is deprecated.
The deployment now uses https health checks. The supervisor is
always able to complete a TLS connection with the use of a bootstrap
certificate that is signed by an in-memory certificate authority.
To support sidecar containers used by service meshes, Unix domain
socket based listeners include ACLs that allow writes to the socket
file from any runAsUser specified in the pod's containers.
Signed-off-by: Monis Khan <mok@vmware.com>
2022-01-18 17:43:45 -05:00
dependabot[bot]
a7ff638f4c
Bump github.com/ory/x from 0.0.330 to 0.0.331
...
Bumps [github.com/ory/x](https://github.com/ory/x ) from 0.0.330 to 0.0.331.
- [Release notes](https://github.com/ory/x/releases )
- [Commits](https://github.com/ory/x/compare/v0.0.330...v0.0.331 )
---
updated-dependencies:
- dependency-name: github.com/ory/x
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-07 13:45:37 +00:00
Monis Khan
f90f173826
Bump all deps to latest
...
Ran:
go get -u ./... && go mod tidy
Pinned all go.opentelemetry.io deps to match k/k.
This is needed to make the go get command work.
Signed-off-by: Monis Khan <mok@vmware.com>
2022-01-03 17:48:59 -05:00
Monis Khan
9599ffcfb9
Update all deps to latest where possible, bump Kube deps to v0.23.1
...
Highlights from this dep bump:
1. Made a copy of the v0.4.0 github.com/go-logr/stdr implementation
for use in tests. We must bump this dep as Kube code uses a
newer version now. We would have to rewrite hundreds of test log
assertions without this copy.
2. Use github.com/felixge/httpsnoop to undo the changes made by
ory/fosite#636 for CLI based login flows. This is required for
backwards compatibility with older versions of our CLI. A
separate change after this will update the CLI to be more
flexible (it is purposefully not part of this change to confirm
that we did not break anything). For all browser login flows, we
now redirect using http.StatusSeeOther instead of http.StatusFound.
3. Drop plog.RemoveKlogGlobalFlags as klog no longer mutates global
process flags
4. Only bump github.com/ory/x to v0.0.297 instead of the latest
v0.0.321 because v0.0.298+ pulls in a newer version of
go.opentelemetry.io/otel/semconv which breaks k8s.io/apiserver.
We should update k8s.io/apiserver to use the newer code.
5. Migrate all code from k8s.io/apimachinery/pkg/util/clock to
k8s.io/utils/clock and k8s.io/utils/clock/testing
6. Delete testutil.NewDeleteOptionsRecorder and migrate to the new
kubetesting.NewDeleteActionWithOptions
7. Updated ExpectedAuthorizeCodeSessionJSONFromFuzzing caused by
fosite's new rotated_secrets OAuth client field. This new field
is currently not relevant to us as we have no private clients.
Signed-off-by: Monis Khan <mok@vmware.com>
2021-12-16 21:15:27 -05:00
Ryan Richard
6bf67f44ef
replace reflections in go.mod
2021-12-16 11:15:24 -08:00
Ryan Richard
0a31f45812
Update the AdditionalPrinterColumns of the CRDs, and add a test for it
2021-09-20 12:47:39 -07:00
Monis Khan
40d70bf1fc
Bump Kube to v0.22.1
...
Signed-off-by: Monis Khan <mok@vmware.com>
2021-08-27 07:36:12 -04:00
Matt Moyer
03a8160a91
Remove replace directive for dgrijalva/jwt-go.
...
We no longer have a transitive dependency on this older repository, so we don't need the replace directive anymore.
There is a new fork of this that we should move to (https://github.com/golang-jwt/jwt ), but we can't easily do that until a couple of our direct dependencies upgrade.
This is a revert of d162cb9adf
.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-08-20 10:15:55 -05:00
Matt Moyer
f379eee7a3
Drop replace directive for oleiade/reflections.
...
This is reverting 8358c26107
.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-08-20 10:15:55 -05:00
Matt Moyer
4f5312807b
Undo dep hacks to work around gRPC example module.
...
This is essentially reverting 87c7e89b13
.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-08-20 10:15:54 -05:00
dependabot[bot]
e05a46b7f5
Bump github.com/go-ldap/ldap/v3 from 3.3.0 to 3.4.1
...
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap ) from 3.3.0 to 3.4.1.
- [Release notes](https://github.com/go-ldap/ldap/releases )
- [Commits](https://github.com/go-ldap/ldap/compare/v3.3.0...v3.4.1 )
---
updated-dependencies:
- dependency-name: github.com/go-ldap/ldap/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-08-16 20:46:25 +00:00
Monis Khan
d2891554a4
remove google.golang.org/grpc pin
...
Signed-off-by: Monis Khan <mok@vmware.com>
2021-08-09 19:16:14 -04:00
Monis Khan
25b4d82d87
Bump to Go 1.16.7 and Kube v0.22.0
...
Signed-off-by: Monis Khan <mok@vmware.com>
2021-08-09 15:32:13 -04:00
Ryan Richard
8afbb4eb4f
Merge pull request #744 from vmware-tanzu/dependabot/go_modules/github.com/tdewolff/minify/v2-2.9.20
...
Bump github.com/tdewolff/minify/v2 from 2.9.19 to 2.9.20
2021-07-28 09:08:22 -07:00
dependabot[bot]
fc82fde585
Bump github.com/tdewolff/minify/v2 from 2.9.19 to 2.9.20
...
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify ) from 2.9.19 to 2.9.20.
- [Release notes](https://github.com/tdewolff/minify/releases )
- [Commits](https://github.com/tdewolff/minify/compare/v2.9.19...v2.9.20 )
---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-07-28 00:03:48 +00:00
dependabot[bot]
f352db8072
Bump github.com/creack/pty from 1.1.13 to 1.1.14
...
Bumps [github.com/creack/pty](https://github.com/creack/pty ) from 1.1.13 to 1.1.14.
- [Release notes](https://github.com/creack/pty/releases )
- [Commits](https://github.com/creack/pty/compare/v1.1.13...v1.1.14 )
---
updated-dependencies:
- dependency-name: github.com/creack/pty
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-07-28 00:03:39 +00:00
Monis Khan
32c9aa5087
Bump to Go 1.16.6 and Kube v0.21.3
...
Signed-off-by: Monis Khan <mok@vmware.com>
2021-07-27 14:18:08 -04:00
dependabot[bot]
25cda4f3e6
Bump github.com/tdewolff/minify/v2 from 2.9.18 to 2.9.19
...
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify ) from 2.9.18 to 2.9.19.
- [Release notes](https://github.com/tdewolff/minify/releases )
- [Commits](https://github.com/tdewolff/minify/compare/v2.9.18...v2.9.19 )
---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-07-12 01:20:59 +00:00
Matt Moyer
71d4e05fb6
Add custom response_mode=form_post HTML template.
...
This is a new pacakge internal/oidc/provider/formposthtml containing a number of static files embedded using the relatively recent Go "//go:embed" functionality introduced in Go 1.16 (https://blog.golang.org/go1.16 ).
The Javascript and CSS files are minifiied and injected to make a single self-contained HTML response. There is a special Content-Security-Policy helper to calculate hash-based script-src and style-src rules.
This new code is covered by a new integration test that exercises the JS/HTML functionality in a real browser outside of the rest of the Supervisor.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-07-09 12:08:43 -05:00
dependabot[bot]
1c746feafe
Bump github.com/spf13/cobra from 1.2.0 to 1.2.1
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.2.0...v1.2.1 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-07-05 01:28:57 +00:00
dependabot[bot]
e26486bd41
Bump github.com/spf13/cobra from 1.1.3 to 1.2.0
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.1.3 to 1.2.0.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.1.3...v1.2.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-07-02 01:11:11 +00:00
dependabot[bot]
43fee6bb94
Bump github.com/gofrs/flock from 0.8.0 to 0.8.1
...
Bumps [github.com/gofrs/flock](https://github.com/gofrs/flock ) from 0.8.0 to 0.8.1.
- [Release notes](https://github.com/gofrs/flock/releases )
- [Commits](https://github.com/gofrs/flock/compare/v0.8.0...v0.8.1 )
---
updated-dependencies:
- dependency-name: github.com/gofrs/flock
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-28 01:28:52 +00:00
Matt Moyer
594e47efdf
Update to Kubernetes 1.21.2 runtime components.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-06-22 11:55:22 -05:00
dependabot[bot]
9f06869f76
Bump github.com/golang/mock from 1.5.0 to 1.6.0
...
Bumps [github.com/golang/mock](https://github.com/golang/mock ) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/golang/mock/releases )
- [Changelog](https://github.com/golang/mock/blob/master/.goreleaser.yml )
- [Commits](https://github.com/golang/mock/compare/v1.5.0...v1.6.0 )
---
updated-dependencies:
- dependency-name: github.com/golang/mock
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-16 01:22:04 +00:00
dependabot[bot]
c88aad873b
Bump gopkg.in/square/go-jose.v2 from 2.5.1 to 2.6.0
...
Bumps [gopkg.in/square/go-jose.v2](https://github.com/square/go-jose ) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/square/go-jose/releases )
- [Commits](https://github.com/square/go-jose/compare/v2.5.1...v2.6.0 )
---
updated-dependencies:
- dependency-name: gopkg.in/square/go-jose.v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-08 05:41:45 +00:00
dependabot[bot]
d4a6a61560
Bump github.com/creack/pty from 1.1.12 to 1.1.13
...
Bumps [github.com/creack/pty](https://github.com/creack/pty ) from 1.1.12 to 1.1.13.
- [Release notes](https://github.com/creack/pty/releases )
- [Commits](https://github.com/creack/pty/compare/v1.1.12...v1.1.13 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-01 20:15:47 +00:00
Matt Moyer
83f418e7f2
Upgrade k8s.io/klog/v2 to v2.9.0.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-28 12:53:37 -05:00
Matt Moyer
87c7e89b13
Upgrade github.com/ory/fosite to v0.40.2.
...
This required a weird hack because some of the Fosite tests (or a transitive dependency of them) depends on a newer version of gRPC that's incompatible with the Kubernetes runtime version we use. It wasn't as simple as just replacing the gRPC module with an older version, because in the latest versions of gRPC, they split out the "examples" packages into their own module. This new module name doesn't exist at the old version.
Ultimately, the workaround was to make a fake "examples" module locally. This module can be empty because we never actually depend on that code (it's only used in transitive dependency tests).
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-28 12:53:37 -05:00
dependabot[bot]
f89f2281d8
Bump github.com/google/go-cmp from 0.5.5 to 0.5.6
...
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp ) from 0.5.5 to 0.5.6.
- [Release notes](https://github.com/google/go-cmp/releases )
- [Commits](https://github.com/google/go-cmp/compare/v0.5.5...v0.5.6 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-25 05:51:17 +00:00
Matt Moyer
f0d5923091
Downgrade k8s.io/kube-openapi back to a previous version.
...
9b07d72531...00de3ae54c
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:42:39 -05:00
Matt Moyer
85ebaa96d5
Upgrade k8s.io/kube-openapi dependency.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:11:26 -05:00
Matt Moyer
cf5bc9f1b4
Upgrade k8s.io/utils dependency.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:07:41 -05:00
Matt Moyer
0d02ba6af3
Upgrade k8s.io/gengo dependency.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:07:00 -05:00
Matt Moyer
74a569fa82
Upgrade golang.org/x/* module dependencies.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:06:29 -05:00
Matt Moyer
01c0514057
Upgrade github.com/pkg/browser.
...
This some some kind of improvement on Windows.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 10:00:19 -05:00
Matt Moyer
0d42c1e9fe
Update to Kubernetes 1.21.1 runtime components.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-05-21 09:57:41 -05:00
dependabot[bot]
f595e81dbb
Bump github.com/creack/pty from 1.1.11 to 1.1.12
...
Bumps [github.com/creack/pty](https://github.com/creack/pty ) from 1.1.11 to 1.1.12.
- [Release notes](https://github.com/creack/pty/releases )
- [Commits](https://github.com/creack/pty/compare/v1.1.11...v1.1.12 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-18 05:56:45 +00:00
Ryan Richard
6723ed9fd8
Add end-to-end integration test for CLI-based LDAP login
2021-05-11 13:55:46 -07:00
Ryan Richard
8d75825635
Merge branch 'main' into initial_ldap
2021-04-14 17:47:26 -07:00
Matt Moyer
38f3ea3f2f
Upgrade to client-go and apimachinery from Kubernetes 1.21.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-04-09 13:00:49 -05:00
Andrew Keesler
4ab704b7de
ldap: add initial stub upstream LDAP connection package
...
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2021-04-09 11:38:53 -04:00