djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3,358 Commits 30 Branches 34 Tags 22 MiB
b861fdc148
Commit Graph

3358 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Benjamin A. Petersen
b861fdc148
WIP: update the schema gen for supervisor 
the ./build.sh for the ytt invocation for this.
there is more work to do here, this gets us started.
many of our multiline descriptions need to be assessed.
do we want both? the description and also the schema text?
 2023-09-06 14:08:01 -04:00
Benjamin A. Petersen
0c60e31d86
Update supervisor values.yaml to a schema doc. Make @nullable work 
- see build.sh for documented script to run to generate:
   ytt --file supervisor/config/values.yaml --data-values-schema-inspect --output openapi-v3 > supervisor/schema-openapi.yml
 2023-09-06 14:08:01 -04:00
Benjamin A. Petersen
1d1b98f9a1
add some hacky scripts for generating things 2023-09-06 14:08:01 -04:00
Benjamin A. Petersen
9657719f9f
add concierge package, schema, metadata files 2023-09-06 14:08:01 -04:00
Benjamin A. Petersen
5c75734112
add supervisor package, schema, metadata files 2023-09-06 14:08:01 -04:00
Benjamin A. Petersen
aceef06873
WIP: add .imgpkg directories 2023-09-06 14:08:00 -04:00
Benjamin A. Petersen
550673b8dd
WIP: hack in a deploy_carvel/concierge directory, but strip out the deployment for simplicity 2023-09-06 14:08:00 -04:00
Benjamin A. Petersen
715a93d64a
WIP: hack in a deploy_carvel/supervisor directory, but strip out the deployment for simplicity 2023-09-06 14:07:53 -04:00
Joshua Casey
b14e86bb91
Merge pull request #1654 from vmware-tanzu/docs/configure-supervisor-with-azuread 
Add docs for Supervisor with Azure AD
 2023-09-06 12:33:51 -05:00
Joshua Casey
c3445a747d
Merge pull request #1650 from vmware-tanzu/ben/prepare-for-integration-tests.sh-improvements 
Improve hack/prepare-for-integration-tests.sh flexibility
 2023-09-06 12:30:12 -05:00
Benjamin A. Petersen
a5c481cf61
Add docs for Supervisor with Azure AD 
- Note that Azure AD is being rebranded to Entra ID
 2023-09-06 13:14:37 -04:00
Benjamin A. Petersen
fd1936c45f
Improve hack/prepare-for-integration-tests.sh flexibility 
- move pushd/popd inside if statements for alternative-deploy methods
- add specific alternative-deploy vars for individual components
  - supervisor
  - concierge
  - local-user-authenticator
  while preserving the current alternative-deploy for all three
- doc that equals for flags does not work
  --foo=bar is invalid
  --foo bar is valid
 2023-08-31 15:02:24 -04:00
Ben Petersen
fbeb45a1a0
Merge pull request #1648 from vmware-tanzu/jtc/do-not-fail-hack-script-without-KUBE_GIT_VERSION 
Do not fail hack script without kube git version
 2023-08-30 10:58:15 -04:00
Joshua Casey
23bd3e7cc9 Do not fail hack/prepare-for-integration-tests.sh without KUBE_GIT_VERSION 2023-08-29 19:58:23 -05:00
Joshua Casey
7cda8f4123 Do not fail when KUBE_GIT_VERSION is not set 2023-08-29 17:31:22 -05:00
Joshua Casey
a42e3edf56
Merge pull request #1646 from vmware-tanzu/jtc/support-k8s-1-21-and-up 
Remove generated code prior to K8s 1.21
 2023-08-29 16:29:32 -05:00
Joshua Casey
76933f69b9 Update comments to indicate support for newer versions of Kubernetes 2023-08-29 15:40:52 -05:00
Joshua Casey
5c9d26baeb Remove generated code for K8s 1.17, 1.18, 1.19, and 1.20 
- Kind 0.20.0 supports 1.21 through 1.28 (inclusive)
- https://github.com/kubernetes-sigs/kind/releases/tag/v0.20.0
 2023-08-28 16:56:32 -05:00
Joshua Casey
9248db971a
Merge pull request #1634 from vmware-tanzu/jtc/1633/update-pinniped-cli-version-output 
#1633 Update `pinniped version` output
 2023-08-28 14:19:17 -05:00
Joshua Casey
2dcc149fee Split off helper function 2023-08-28 12:14:14 -05:00
Joshua Casey
38230fc518 Use pversion to retrieve buildtime information 2023-08-28 11:54:27 -05:00
Joshua Casey
8edecffcc0
Merge pull request #1630 from vmware-tanzu/jtc/support-k8s-1-28 
Support k8s 1.28
 2023-08-28 11:49:18 -05:00
Joshua Casey
ca05969f8d Integration tests should use 'kubectl explain --output plaintext-openapiv2' 
- OpenAPIV3 discovery of aggregate APIs seems to need a little more work in K8s 1.28
 2023-08-28 10:50:11 -05:00
Joshua Casey
1b504b6fbd Expose OpenAPIv3 explanations 2023-08-28 10:50:11 -05:00
Joshua Casey
dfd3d5075d Ensure that kubegenerator scripts are executable 2023-08-28 10:50:11 -05:00
Joshua Casey
c51722a121 Run K8s codegen, adding 1.28.0 2023-08-28 10:50:11 -05:00
Joshua Casey
23ec91dee0 K8s API Server audit events are no longer pointers 2023-08-28 10:50:10 -05:00
Joshua Casey
ccba159639 Update all golang dependencies, especially k8s.io (for 1.28) 2023-08-28 10:50:10 -05:00
Ryan Richard
20cfa0a207
Merge pull request #1631 from vmware-tanzu/which_service_doc 
Update docs to clarify which Supervisor port to expose outside cluster
 2023-08-22 10:43:53 -07:00
Ryan Richard
835b8a5333 Update docs to clarify which Supervisor port to expose outside cluster 2023-08-22 10:00:56 -07:00
Ben Petersen
decd40bc26
Merge pull request #1621 from vmware-tanzu/site/blog-post-tags 
blog: clean up tags page
 2023-08-15 15:07:31 -04:00
Benjamin A. Petersen
2891da25f5
blog: clean up tags page 2023-08-15 14:18:48 -04:00
Ben Petersen
c54933bf33
Merge pull request #1606 from vmware-tanzu/jtc/add-blog-post-for-v0.25.0 
Add blog post for v0.25.0
 2023-08-15 11:43:50 -04:00
Benjamin A. Petersen
820c565d21
blog: add multiple author support for posts 2023-08-15 11:37:11 -04:00
Benjamin A. Petersen
e5e8c13f23
blog: impersonation-proxy spelling, grammar 2023-08-15 11:37:11 -04:00
Benjamin A. Petersen
b81206c15d
blog: impersonation-proxy post updates 2023-08-14 11:42:26 -04:00
Benjamin A. Petersen
31c144261f
add author to blog list page 2023-08-14 11:42:26 -04:00
Joshua Casey
4d0da0a5b2 Add blog post for v0.25.0 2023-08-10 09:00:16 -05:00
Pinny
8c96616b51 Updated versions in docs for v0.25.0 release 2023-08-09 21:12:41 +00:00
Ben Petersen
c7b49d9b93
Merge pull request #1615 from vmware-tanzu/jtc/fix-double-decoding-of-ca-crt 
Fix #1582 by not double-decoding the ca.crt field in external TLS secrets for the impersonation proxy
 2023-08-09 14:25:13 -04:00
Joshua Casey
7f0d04dba6 Address PR feedback 2023-08-09 11:42:42 -05:00
Joshua Casey
1707995378 Fix #1582 by not double-decoding the ca.crt field in external TLS secrets for the impersonation proxy 2023-08-08 20:17:21 -05:00
Ben Petersen
f24f82b25b
Merge pull request #1607 from vmware-tanzu/pinny/bump-deps 
Bump go.mod direct dependencies
 2023-08-08 09:22:40 -04:00
Pinny
391c38057d Bump go.mod direct dependencies 2023-08-08 08:03:24 +00:00
Joshua Casey
e2e9819c58
Merge pull request #1582 from vmware-tanzu/jtc/1547-poc 
Add external certificate management for the Concierge Impersonation Proxy
 2023-08-03 15:52:56 -05:00
Joshua Casey
dc61d132cf Address PR feedback, especially to check that the CA bundle is some kind of valid cert 2023-08-03 14:57:21 -05:00
Joshua Casey
959f18b67b Add integration test to verify that the impersonation proxy will use an external TLS serving cert 2023-08-03 14:57:21 -05:00
Joshua Casey
ee75a63057 Test Refactor: use explicit names for mTLS signing cert 2023-08-03 14:57:21 -05:00
Joshua Casey
bd035a180e Impersonation proxy detects when the user has configured an externally provided TLS secret to serve TLS 
- https://github.com/vmware-tanzu/pinniped/tree/main/proposals/1547_impersonation-proxy-external-certs
- https://joshuatcasey.medium.com/k8s-mtls-auth-with-tls-passthrough-1bc25e750f52
 2023-08-03 14:57:21 -05:00
Joshua Casey
8df9033bfc Add CredentialIssuer.Spec.ImpersonationProxy.TLS to configure an externally provided TLS secret 2023-08-03 14:57:21 -05:00