ContainerImage.Pinniped

Author	SHA1	Message	Date
Margo Crawford	00978c15f7	Update wording for ActiveDirectoryIdentityProvider crd	2021-07-23 13:01:41 -07:00
Margo Crawford	8ea1bd3dfb	Make prepare-for-integration-tests active directory setup accessible for anyone	2021-07-23 13:01:41 -07:00
Margo Crawford	91085e68f9	Refactoring defaulting logic	2021-07-23 13:01:41 -07:00
Margo Crawford	f99f7be836	Default values for ad usersearch and groupsearch	2021-07-23 13:01:41 -07:00
Margo Crawford	890d9c3216	resolve some todos about error handling search base discovery results	2021-07-23 13:01:41 -07:00
Margo Crawford	cb0ee07b51	Fetch AD search base from defaultNamingContext when not specified	2021-07-23 13:01:41 -07:00
Margo Crawford	8e1d70562d	Remove shared variables from ldap upstream observer	2021-07-23 13:01:41 -07:00
Margo Crawford	5d8d7246c2	Refactor active directory and ldap controllers to share almost everything Signed-off-by: Ryan Richard <richardry@vmware.com>	2021-07-23 13:01:41 -07:00
Ryan Richard	3b4f521596	Changed TestLDAPUpstream.TestUsernameAttributeName back to TestUserMailAttributeName Also added TestUserSAMAccountNameValue Signed-off-by: Margo Crawford <margaretc@vmware.com>	2021-07-23 13:01:40 -07:00
Margo Crawford	e5c8cbb3a4	One line fix for lint error. Forgot a period in a comment. Signed-off-by: Ryan Richard <richardry@vmware.com>	2021-07-23 13:01:40 -07:00
Margo Crawford	7696f4256d	Move defaulting of ad username and uid attributes to controller Now the controller uses upstreamldap so there is less duplication, since they are very similar. Signed-off-by: Ryan Richard <richardry@vmware.com>	2021-07-23 13:01:40 -07:00
Ryan Richard	aaa4861373	Custom API Group overlay for AD Signed-off-by: Margo Crawford <margaretc@vmware.com>	2021-07-23 13:01:40 -07:00
Margo Crawford	b3d0b28bd0	Integration test fixes, fixing objectGUID handling	2021-07-23 13:01:40 -07:00
Margo Crawford	5c283d941c	Helper script for running active directory tests	2021-07-23 13:01:40 -07:00
Margo Crawford	94e90a5d26	groups related env variables for AD	2021-07-23 13:01:40 -07:00
Margo Crawford	be6f9f83ce	RBAC rules for activedirectoryidentityprovider	2021-07-23 13:01:40 -07:00
Margo Crawford	3b8edb84a5	WIP on active directory integration test	2021-07-23 13:01:40 -07:00
Margo Crawford	8fb35c6569	Active Directory cli options	2021-07-23 13:01:40 -07:00
Margo Crawford	3899292e89	Advertise Active Directory idps	2021-07-23 13:01:40 -07:00
Margo Crawford	b06de69f6a	ActiveDirectoryIdentityProvider - Create CRD - Create implementation of AD-specific user search defaults	2021-07-23 13:01:40 -07:00
Ryan Richard	ac4bc02817	Enhance integration test for CredentialIssuer spec annotations	2021-07-23 09:46:40 -07:00
Ryan Richard	708164b878	Carefully merge desired annotations into impersonation proxy Service Don't overwrite annotations that might have come from a human user or from some other non-Pinniped controller.	2021-07-22 17:09:50 -07:00
Ryan Richard	e30cf6e51a	Merge branch 'main' into cli_username_password_env_vars	2021-07-22 09:29:03 -07:00
Matt Moyer	ee30b78117	Update ROADMAP.md Bump "Wider Concierge cluster support" to August.	2021-07-22 10:30:45 -05:00
Ryan Richard	64aba7e703	Add new howto guide login.md	2021-07-21 12:10:47 -07:00
Matt Moyer	c6c3a80a86	Merge pull request #733 from mattmoyer/switch-tools-images Switch to GHCR tools images for local tests, with `imagePullPolicy: IfNotPresent`.	2021-07-21 11:47:37 -06:00
Margo Crawford	a7af63ca3a	Merge pull request #729 from rdimitrov/dimitrovr/add-dex-docs Add documentation for configuring Supervisor with Dex and Github	2021-07-21 08:48:49 -07:00
Matt Moyer	ae72d30cec	Switch to GHCR tools images for local tests, with `imagePullPolicy: IfNotPresent`. This is more consistent with our CI environment. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2021-07-21 09:21:05 -05:00
Nanci Lancaster	fec59eb1bf	Merge pull request #731 from microwavables/main Removed Andrew Keesler, Pablo Schumaker from site, moved them to emeritus status on maintainers file,	2021-07-20 15:37:04 -07:00
Radoslav Dimitrov	f6273b0604	Update the Prerequisites section and add a note about the groups scope Add Dex to the prerequisites and add a note that to query for the groups scope the user must set the organizations Dex should search against. Otherwise the groups claim would be empty. This is because of the format group claims are represented, i.e. "org:team". Signed-off-by: Radoslav Dimitrov <dimitrovr@vmware.com>	2021-07-20 13:49:45 +03:00
Ryan Richard	deb699a84a	e2e test: PINNIPED_USERNAME/PINNIPED_PASSWORD env vars during LDAP login	2021-07-19 17:08:52 -07:00
Ryan Richard	cac45fd999	LDAP logins read from PINNIPED_USERNAME and PINNIPED_PASSWORD env vars For CLI-based auth, such as with LDAP upstream identity providers, the user may use these environment variables to avoid getting interactively prompted for username and password.	2021-07-19 16:20:59 -07:00
Radoslav Dimitrov	0bdd1bc68f	Add documentation for configuring Supervisor with Dex and Github The following guide describes the process of configuring Supervisor with Dex and identify users through their Github account. Issue #415 Signed-off-by: Radoslav Dimitrov <dimitrovr@vmware.com>	2021-07-19 16:00:43 +03:00
Mo Khan	4605846499	Merge pull request #724 from vmware-tanzu/fix_git_sha_in_version_info Copy .git dir during Docker build; used to bake git sha into binary	2021-07-16 14:34:33 -04:00
Ryan Richard	4670890a82	Add .git dir to Docker; used to bake git sha into binary	2021-07-16 09:51:46 -07:00
Margo Crawford	d204b46c18	Merge pull request #721 from vmware-tanzu/resolve-load-balancer-dns wait for lb dns to resolve in the impersonation proxy integration test	2021-07-15 17:02:08 -07:00
Ryan Richard	b3208f0ca6	wait for lb dns to resolve in the impersonation proxy integration test this will hopefully fix some flakes where aws provisioned a host for the load balancer but the tests weren't able to resolve it. Signed-off-by: Margo Crawford <margaretc@vmware.com>	2021-07-15 16:39:15 -07:00
Ryan Richard	be7bf9c193	Merge pull request #718 from vmware-tanzu/workaround_for_flaky_unit_test TestAgentController unit test is flaky, try to add workaround	2021-07-15 14:17:11 -07:00
Ryan Richard	2bba39d723	TestAgentController unit test is flaky, try to add workaround TestAgentController really runs the controller and evaluates multiple calls to the controller's Sync with real informers caching updates. There is a large amount of non-determinism in this unit test, and it does not always behave the same way. Because it makes assertions about the specific errors that should be returned by Sync, it was not accounting for some errors that are only returned by Sync once in a while depending on the exact (unpredictable) order of operations. This commit doesn't fix the non-determinism in the test, but rather tries to work around it by also allowing other (undesired but inevitable) error messages to appear in the list of actual error messages returned by the calls to the Sync function. Signed-off-by: Margo Crawford <margaretc@vmware.com>	2021-07-15 13:41:31 -07:00
anjalitelang	dc567d0d1f	Update ROADMAP.md Added https://github.com/vmware-tanzu/pinniped/issues/577 to Roadmap	2021-07-15 12:29:51 -04:00
Ryan Richard	143837c136	Merge pull request #714 from vmware-tanzu/ytt_install_doc_fix ytt install docs suggest that you checkout the release tag	2021-07-14 12:52:23 -07:00
Ryan Richard	11eb18d348	ytt install docs suggest that you checkout the release tag Previously, the ytt install docs suggested that you use ytt templates from the HEAD of main with the container image from the latest public release, which could result in a mismatch.	2021-07-14 10:59:51 -07:00
Ryan Richard	d5cf5b91d6	Merge pull request #711 from vmware-tanzu/e2e_test_clear_cookies Clear the browser cookies between each TestE2EFullIntegration subtest	2021-07-13 16:43:57 -07:00
Ryan Richard	48b58e2fad	Clear the browser cookies between each TestE2EFullIntegration test It seems like page.ClearCookies() only clears cookies for the current domain, so there doesn't seem to be a function to clear all browser cookies. Instead, we'll just start a whole new browser each test. They start fast enough that it shouldn't be a problem.	2021-07-13 16:20:02 -07:00
Ryan Richard	7ef3d42e01	Merge pull request #704 from mattmoyer/deflake-serving-certificate-rotation-test Make TestAPIServingCertificateAutoCreationAndRotation less flaky.	2021-07-13 14:58:54 -07:00
Ryan Richard	33461ddc14	Merge branch 'main' into deflake-serving-certificate-rotation-test	2021-07-13 14:04:34 -07:00
Mo Khan	238c9e6743	Merge pull request #709 from vmware-tanzu/dependabot/go_modules/github.com/tdewolff/minify/v2-2.9.19 Bump github.com/tdewolff/minify/v2 from 2.9.18 to 2.9.19	2021-07-12 14:48:16 -04:00
dependabot[bot]	25cda4f3e6	Bump github.com/tdewolff/minify/v2 from 2.9.18 to 2.9.19 Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.9.18 to 2.9.19. - [Release notes](https://github.com/tdewolff/minify/releases) - [Commits](https://github.com/tdewolff/minify/compare/v2.9.18...v2.9.19) --- updated-dependencies: - dependency-name: github.com/tdewolff/minify/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-07-12 01:20:59 +00:00
Matt Moyer	c71703e4db	Merge pull request #707 from mattmoyer/fix-okta-cli-integration-test Fix TestCLILoginOIDC when running against Okta, and lower CLI server shutdown timeout.	2021-07-09 14:30:19 -07:00
Matt Moyer	5527566a36	Fix TestCLILoginOIDC when running directly against Okta. Our actual CLI code behaved correctly, but this test made some invalid assumptions about the "upstream" IDP we're testing. It assumed that the upstream didn't support `response_mode=form_post`, but Okta does. This means that when we end up on the localhost callback page, there are no URL query parameters. Adjusting this regex makes the test pass as expected. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2021-07-09 16:29:42 -05:00

... 5 6 7 8 9 ...

2496 Commits