djpbessems
/
ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,970 Commits 30 Branches 34 Tags 22 MiB
Commit Graph

2970 Commits

Author SHA1 Message Date
Ryan Richard 13daf59217
Merge pull request #1108 from vicmarbev/main 
Use vmware-tanzu/carvel instead of the deprecated k14s/tap to install deps with brew
 2022-04-13 08:43:39 -07:00
Ryan Richard 9ebf3a5b92
Merge branch 'main' into main 2022-04-13 08:41:04 -07:00
Mo Khan 6af1aaeb20
Merge pull request #1114 from enj/enj/i/fips_init_log 
Use klog to make sure FIPS init log is emitted
 2022-04-12 16:23:38 -04:00
Monis Khan 6b4fbb6e0e
Use klog to make sure FIPS init log is emitted 
We cannot use plog until the log level config has been setup, but
that occurs after this init function has run.

Signed-off-by: Monis Khan <mok@vmware.com>
 2022-04-12 14:36:06 -04:00
Mo Khan edf4ffb018
Merge pull request #1101 from vmware-tanzu/dependabot/docker/hack/distroless/static-2556293 
Bump distroless/static from `80c956f` to `2556293` in /hack
 2022-04-11 12:37:25 -04:00
dependabot[bot] 721526b7e7
Bump distroless/static from `80c956f` to `2556293` in /hack 
Bumps distroless/static from `80c956f` to `2556293`.

---
updated-dependencies:
- dependency-name: distroless/static
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-07 14:13:12 +00:00
anjalitelang 91681b9368
Update ROADMAP.md 
Edits to the wiki based on our current backlog 4/5/2022
 2022-04-06 16:08:04 -04:00
Mo Khan 3c6f97a457
Target hack/Dockerfile_fips correctly 2022-04-06 15:32:08 -04:00
Mo Khan 12cbd744b7
Syntax highlighting for Dockerfile_fips 2022-04-06 15:31:07 -04:00
Ryan Richard 103538858f
Merge pull request #1094 from vmware-tanzu/disable_http 
Supervisor HTTP listener disabled by default and may only bind to loopback interfaces
 2022-04-05 12:39:04 -07:00
Ryan Richard bdabdf0f42 Update comment in FederationDomainTLSSpec 2022-04-05 09:53:22 -07:00
Ryan Richard 25d20d4081 Merge branch 'main' into disable_http 2022-04-05 09:00:26 -07:00
Víctor Martínez Bevià dc24397df4 Use vmware-tanzu/carvel instead of the deprecated k14/tap to install deps with brew 2022-04-05 16:43:22 +02:00
Mo Khan c0874706d9
Merge pull request #1106 from enj/enj/i/fips_followup 
Add more details to FIPS comments
 2022-04-01 13:16:50 -04:00
Monis Khan 07066e020d
Explicitly set defaultServing ciphers in FIPS mode 
This is a no-op today, but could change in the future when we add
support for FIPS in non-strict mode.

Signed-off-by: Monis Khan <mok@vmware.com>
 2022-04-01 10:59:47 -04:00
Monis Khan 3f0753ec5a
Remove duplication in secure TLS tests 
Signed-off-by: Monis Khan <mok@vmware.com>
 2022-04-01 10:56:38 -04:00
Monis Khan 15bc6a4a67
Add more details to FIPS comments 
Signed-off-by: Monis Khan <mok@vmware.com>
 2022-04-01 10:56:38 -04:00
Mo Khan ce82d799c9
Run OSSF scorecard on release branches 2022-04-01 10:41:23 -04:00
Mo Khan a453522d81
Add OSSF Scorecard GitHub Action 2022-04-01 10:30:01 -04:00
Ryan Richard 51c527a965 Change to camel-case for insecureAcceptExternalUnencryptedHttpRequests 
- Use camel-case in the static configmap
- Parse the value into a boolean in the go struct instead of a string
- Add test for when unsupported value is used in the configmap
- Run the config_test.go tests in parallel
- Update some paragraphs in configure-supervisor.md for clarity
 2022-03-31 16:23:45 -07:00
Ryan Richard ae7aac020a Merge branch 'main' into disable_http 2022-03-30 11:30:32 -07:00
Mo Khan 17e8faa0fe
Have dependabot keep the FIPS dockerfile updated 2022-03-30 13:55:19 -04:00
Mo Khan 6639ce2a1f
Merge pull request #1061 from vmware-tanzu/fips-boringcrypto 
FIPs compatibility
 2022-03-30 13:43:23 -04:00
Margo Crawford 53597bb824 Introduce FIPS compatibility 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-03-29 16:58:41 -07:00
Ryan Richard 0e54ba1a20 Slightly fancier way to prevent old values.yaml names from being used 2022-03-29 14:24:40 -07:00
Ryan Richard b07a4131e5 Merge branch 'main' into disable_http 2022-03-29 12:47:53 -07:00
Mo Khan 2cffea5880
Merge pull request #1099 from vmware-tanzu/remove_supervisorhttpaddress_var 
Remove unused env.SupervisorHTTPAddress integration test var
 2022-03-29 13:36:00 -04:00
Ryan Richard 5f34efc0b7 Empty commit to trigger CI 2022-03-29 09:39:18 -07:00
Ryan Richard cf471d6422 Remove unused env.SupervisorHTTPAddress integration test var 2022-03-29 09:13:44 -07:00
Ryan Richard 3592f80457 Merge branch 'main' into disable_http 2022-03-28 17:03:59 -07:00
Ryan Richard 488f08dd6e Provide a way to override the new HTTP loopback-only validation 
Add new deprecated_insecure_accept_external_unencrypted_http_requests
value in values.yaml. Allow it to be a boolean or a string to make it
easier to use (both --data-value and --data-value-yaml will work).

Also:
- Consider "ip6-localhost" and "ip6-loopback" to be loopback addresses
  for the validation
- Remove unused env.SupervisorHTTPAddress var
- Deprecate the `service_http_*` values in values.yaml by renaming them
  and causing a ytt render error when the old names are used
 2022-03-28 17:03:23 -07:00
Mo Khan cd25cb89c4
Merge pull request #1093 from enj/enj/d/ws1 
Add Workspace ONE Access docs
 2022-03-24 20:24:29 -04:00
Monis Khan 57fb085bef
Add Workspace ONE Access docs 
Signed-off-by: Monis Khan <mok@vmware.com>
 2022-03-24 20:17:54 -04:00
Ryan Richard 8d12c1b674 HTTP listener: default disabled and may only bind to loopback interfaces 2022-03-24 15:46:10 -07:00
Mo Khan 9c5adad062
Merge pull request #1092 from vmware-tanzu/remove_oryx_direct_dep 
Remove direct dependency on ory/x
 2022-03-24 15:16:34 -04:00
Mo Khan 4649b8e0e4
Merge pull request #1085 from pnbrown/community-page-update 
Update _index.html
 2022-03-24 14:02:51 -04:00
Ryan Richard 48c5a625a5 Remove our direct dependency on ory/x 
ory/x has new releases very often, sometimes multiple times per week,
causing a lot of noise from dependabot. We were barely using it
directly, so replace our direct usages with equivalent code.
 2022-03-24 10:24:54 -07:00
Ryan Richard 42bd385cbd
Merge pull request #1088 from vmware-tanzu/pty_int_test_flakes 
WIP: Try to fix recent integration test flakes
 2022-03-22 18:10:08 -07:00
Ryan Richard bedf4e5a39 Try to avoid getting a second username prompt in a test in e2e_test.go 2022-03-22 14:23:50 -07:00
Ryan Richard 2715741c2c Increase a test timeout in e2e_test.go 2022-03-22 12:13:10 -07:00
Ryan Richard d20b2056f2
Merge branch 'main' into pty_int_test_flakes 2022-03-22 11:14:19 -07:00
Margo Crawford a9b054e2f4
Merge pull request #1087 from vmware-tanzu/update-install-linter-1.45.0 
Update install-linter.sh to use v1.45.0
 2022-03-22 10:57:34 -07:00
Margo Crawford 051a228a8c Update install-linter.sh to use v1.45.0 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-03-22 10:29:08 -07:00
Ryan Richard d162e294ed Split up the context timeouts per test in e2e_test.go 2022-03-22 10:17:45 -07:00
Margo Crawford 636d2014a7
Merge pull request #1086 from pnbrown/patch-1 
Update MAINTAINERS.md
 2022-03-21 15:02:05 -07:00
Nigel Brown f981f63b90
Update MAINTAINERS.md 2022-03-21 13:17:14 -05:00
Nigel Brown b5be8c6c9b Update _index.html 
Add current community meeting info
 2022-03-21 13:08:54 -05:00
Ryan Richard ff4ceb5d0b
Merge pull request #1079 from vmware-tanzu/contributor_guide_updates2 
Small updates to CONTRIBUTING.md
 2022-03-21 10:45:17 -07:00
Ryan Richard d24f82fff5
Merge branch 'main' into contributor_guide_updates2 2022-03-21 10:45:10 -07:00
Ryan Richard 0ac37fd169
Merge pull request #1059 from vmware-tanzu/2022-readme 
Update main README.md for 2022
 2022-03-21 10:44:41 -07:00