ContainerImage.Pinniped

Author	SHA1	Message	Date
Ryan Richard	0431a072ae	Remove an unnecessary nolint comment	2022-02-07 16:26:39 -08:00
Ryan Richard	6781bfd7d8	Fix JS bug: form post UI shows manual copy/paste UI upon failed callback When the POST to the CLI's localhost callback endpoint results in a non-2XX status code, then treat that as a failed login attempt and automatically show the manual copy/paste UI.	2022-02-07 16:21:23 -08:00
Ryan Richard	aa56f174db	Capture and print the full kubectl output in an e2e test upon failure	2022-02-07 16:17:38 -08:00
Ryan Richard	3c7e387137	Keep the CLI localhost listener running after requests with wrong verb Just in case some future browser change sends some new kind of request to our CLI, just ignore them by returning StatusMethodNotAllowed and continuing to listen.	2022-02-07 13:32:31 -08:00
Ryan Richard	2b93fdf357	Fix a bug in the e2e tests When the test was going to fail, a goroutine would accidentally block on writing to an unbuffered channel, and the spawnTestGoroutine helper would wait for that goroutine to end on cleanup, causing the test to hang forever while it was trying to fail.	2022-02-07 11:57:54 -08:00
Ryan Richard	7b97f1533e	Add CORS request handling to CLI's localhost listener This is to support the new changes in Google Chrome v98 which now performs CORS preflight requests for the Javascript form submission on the Supervisor's login page, even though the form is being submitted to a localhost listener.	2022-02-04 16:57:37 -08:00
anjalitelang	7c246784dc	Update ROADMAP.md Updated roadmap to reflect changes planned for v0.14 release and beyond.	2022-02-03 08:57:47 -05:00
anjalitelang	0dd3b40694	Update ROADMAP.md	2022-01-31 12:13:18 -05:00
Ryan Richard	a2a05548f9	More updates to draft proposal process based on feedback	2022-01-27 14:56:10 -08:00
Ryan Richard	d4725423a9	More updates to draft proposal process based on feedback	2022-01-27 14:51:52 -08:00
Ryan Richard	e9e56689cf	Update draft proposal process based on feedback	2022-01-25 11:22:19 -08:00
Ryan Richard	31bd50c011	first draft of proposal process	2022-01-24 15:17:09 -08:00
Margo Crawford	3b1153cd91	Update latest version to v0.13.0	2022-01-21 15:19:40 -08:00
anjalitelang	6590230bcd	Merge pull request #954 from anjaltelang/main Blog for v0.13.0	2022-01-21 15:17:18 -08:00
Pinny	4f06cd3c2e	Update CLI docs for v0.13.0 release	2022-01-21 23:12:12 +00:00
Margo Crawford	dea9bf9b90	Merge pull request #970 from vmware-tanzu/kubectl-apply-resources When instructing users how to install the concierge with kubectl apply,	2022-01-21 13:36:52 -08:00
Margo Crawford	726e88ea03	When instructing users how to install the concierge with kubectl apply, reccommend using install-pinniped-concierge-crds.yaml, then install-pinniped-concierge-resources.yaml. Previously we recommended install-pinniped-concierge-crds (a subset), then install-pinniped-concierge (everything concierge related, including the crds). This works fine for install, but not uninstall. Instead we should use a separate yaml file that contains everything in install-pinniped-concierge but not in install-pinniped-concierge-crds. We have been generating this file in CI since a5ced4286b6febc7474b7adee34eeb1b62ec82b7 but we haven't released since then so we haven't been able to recommend its use.	2022-01-21 10:26:45 -08:00
Margo Crawford	70c99c6d44	Merge pull request #969 from vmware-tanzu/request-offline-access-in-docs Request offline_access in the concierge with supervisor demo	2022-01-21 10:24:04 -08:00
Margo Crawford	62a8967db1	Request offline_access in the concierge with supervisor demo It's a generic config and not OIDC provider specific but since most providers require it it seems like the best default.	2022-01-21 09:58:04 -08:00
Mo Khan	3fc73c21d2	Merge pull request #968 from enj/enj/i/bump_0002 Bump to Kube v0.23.2	2022-01-21 12:16:49 -05:00
Monis Khan	d55ae3f8bb	Bump all deps to latest Signed-off-by: Monis Khan <mok@vmware.com>	2022-01-21 11:25:56 -05:00
Ryan Richard	c8d4b73f94	Merge pull request #967 from vmware-tanzu/refresh-token-test-warnings Fix new refresh token grace period test to have warnings	2022-01-21 04:20:46 -08:00
Margo Crawford	b30dad72ed	Fix new refresh token grace period test to have warnings	2022-01-20 14:54:59 -08:00
Margo Crawford	31cdd808ac	Merge pull request #951 from vmware-tanzu/short-session-warning Supervisor should emit a warning when access token lifetime is too short	2022-01-20 14:44:32 -08:00
Ryan Richard	e85a6c09f6	Merge pull request #953 from vmware-tanzu/dependabot/go_modules/github.com/tdewolff/minify/v2-2.9.29 Bump github.com/tdewolff/minify/v2 from 2.9.26 to 2.9.29	2022-01-20 14:16:05 -08:00
Mo Khan	025ef6311b	Merge pull request #943 from vmware-tanzu/dependabot/go_modules/github.com/ory/fosite-0.42.0 Bump github.com/ory/fosite from 0.41.0 to 0.42.0	2022-01-20 17:03:52 -05:00
Margo Crawford	842ef38868	Ensure warning is on stderr and not stdout.	2022-01-20 13:48:50 -08:00
Margo Crawford	acd23c4c37	Separate test for access token refresh	2022-01-20 13:48:50 -08:00
Margo Crawford	38d184fe81	Integration test + making sure we get the session correctly in token handler	2022-01-20 13:48:50 -08:00
Margo Crawford	b0ea7063c7	Supervisor should emit a warning when access token lifetime is too short	2022-01-20 13:48:50 -08:00
Ryan Richard	fe819e3512	Empty commit to trigger CI	2022-01-20 13:37:15 -08:00
Ryan Richard	42ca31055a	Empty commit to trigger CI	2022-01-20 13:25:29 -08:00
Ryan Richard	652797ba0b	Merge branch 'main' into dependabot/go_modules/github.com/tdewolff/minify/v2-2.9.29	2022-01-20 12:23:02 -08:00
Ryan Richard	89c40259f3	Use latest github.com/ory/x v0.0.336	2022-01-20 12:21:19 -08:00
Ryan Richard	520fcf195a	Merge branch 'main' into dependabot/go_modules/github.com/ory/fosite-0.42.0	2022-01-20 12:16:54 -08:00
Ryan Richard	284ce00aef	Merge pull request #957 from vmware-tanzu/dependabot/go_modules/github.com/ory/x-0.0.334 Bump github.com/ory/x from 0.0.331 to 0.0.334	2022-01-20 12:10:57 -08:00
Ryan Richard	db789dc2bf	Merge branch 'main' into dependabot/go_modules/github.com/tdewolff/minify/v2-2.9.29	2022-01-20 12:10:24 -08:00
Ryan Richard	6ddc953989	Merge branch 'main' into dependabot/go_modules/github.com/ory/fosite-0.42.0	2022-01-20 12:10:01 -08:00
Ryan Richard	1f21e30bb2	Merge pull request #948 from vmware-tanzu/upstream-oidc-refresh-groups Update group memberships during refresh for upstream OIDC providers	2022-01-20 12:07:42 -08:00
Margo Crawford	6c923d3bc6	Merge pull request #956 from vmware-tanzu/fix-scopes-access-token-refresh-test Keep all scopes except offline_access in access token refresh integration test	2022-01-19 16:19:13 -08:00
dependabot[bot]	cd3d1333de	Bump github.com/ory/x from 0.0.331 to 0.0.334 Bumps [github.com/ory/x](https://github.com/ory/x) from 0.0.331 to 0.0.334. - [Release notes](https://github.com/ory/x/releases) - [Commits](https://github.com/ory/x/compare/v0.0.331...v0.0.334) --- updated-dependencies: - dependency-name: github.com/ory/x dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-01-19 22:07:18 +00:00
Ryan Richard	dff53b8144	Changes for Fosite's new RevokeRefreshTokenMaybeGracePeriod() interface Fosite v0.42.0 introduced a new RevokeRefreshTokenMaybeGracePeriod() interface function. Updated our code to support this change. We didn't support grace periods on refresh tokens before, so implemented it by making the new RevokeRefreshTokenMaybeGracePeriod() method just call the old RevokeRefreshToken() method, therefore keeping our old behavior.	2022-01-19 13:57:01 -08:00
Margo Crawford	513c943e87	Keep all scopes except offline_access in integration test	2022-01-19 13:29:26 -08:00
Ryan Richard	3b1cc30e8d	Update unit test to match new JS minify output after minify upgrade	2022-01-19 13:29:07 -08:00
Ryan Richard	a4ca44ca14	Improve error handling when upstream groups is invalid during refresh	2022-01-19 12:57:47 -08:00
dependabot[bot]	4ce2f9db50	Bump github.com/tdewolff/minify/v2 from 2.9.26 to 2.9.29 Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.9.26 to 2.9.29. - [Release notes](https://github.com/tdewolff/minify/releases) - [Commits](https://github.com/tdewolff/minify/compare/v2.9.26...v2.9.29) --- updated-dependencies: - dependency-name: github.com/tdewolff/minify/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-01-19 01:05:43 +00:00
Ryan Richard	78bdb1928a	Merge branch 'main' into upstream-oidc-refresh-groups	2022-01-18 16:03:14 -08:00
dependabot[bot]	b2bdf01152	Bump github.com/ory/fosite from 0.41.0 to 0.42.0 Bumps [github.com/ory/fosite](https://github.com/ory/fosite) from 0.41.0 to 0.42.0. - [Release notes](https://github.com/ory/fosite/releases) - [Changelog](https://github.com/ory/fosite/blob/master/CHANGELOG.md) - [Commits](https://github.com/ory/fosite/compare/v0.41.0...v0.42.0) --- updated-dependencies: - dependency-name: github.com/ory/fosite dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-01-18 23:53:34 +00:00
Mo Khan	956f6f1eab	Merge pull request #945 from enj/enj/i/supervisor_ports Allow configuration of supervisor endpoints	2022-01-18 18:52:32 -05:00
Monis Khan	1e1789f6d1	Allow configuration of supervisor endpoints This change allows configuration of the http and https listeners used by the supervisor. TCP (IPv4 and IPv6 with any interface and port) and Unix domain socket based listeners are supported. Listeners may also be disabled. Binding the http listener to TCP addresses other than 127.0.0.1 or ::1 is deprecated. The deployment now uses https health checks. The supervisor is always able to complete a TLS connection with the use of a bootstrap certificate that is signed by an in-memory certificate authority. To support sidecar containers used by service meshes, Unix domain socket based listeners include ACLs that allow writes to the socket file from any runAsUser specified in the pod's containers. Signed-off-by: Monis Khan <mok@vmware.com>	2022-01-18 17:43:45 -05:00

... 5 6 7 8 9 ...

2954 Commits