Commit Graph

1453 Commits

Author SHA1 Message Date
Mo Khan
4f700d4811
Merge pull request #473 from enj/enj/r/oidc_discovery_json
oidc discovery: encode metadata once and reuse
2021-03-03 14:12:33 -05:00
Monis Khan
d7edc41c24
oidc discovery: encode metadata once and reuse
Signed-off-by: Monis Khan <mok@vmware.com>
2021-03-03 13:37:43 -05:00
Matt Moyer
aa826a1579
Merge pull request #472 from mattmoyer/deflake-getpinnipedcategory-test
Make TestGetPinnipedCategory and TestKubeClientOwnerRef tests more resilient.
2021-03-02 16:42:23 -06:00
Matt Moyer
df27c2e1fc
Use randomly generated API groups in TestKubeClientOwnerRef.
I think this is another aspect of the test flakes we're trying to fix. This matters especially for the "Multiple Pinnipeds" test environment where two copies of the test suite are running concurrently.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-03-02 15:48:13 -06:00
Matt Moyer
45f57939af
Make TestGetPinnipedCategory more resilient.
If the test is run immediately after the Concierge is installed, the API server can still have broken discovery data and return an error on the first call.
This commit adds a retry loop to attempt this first kubectl command for up to 60s before declaring failure.
The subsequent tests should be covered by this as well since they are not run in parallel.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-03-02 15:40:17 -06:00
Matt Moyer
30f5f66090
Merge pull request #471 from vmware-tanzu/change-credentialissuer-strategies-api
Deprecate status.kubeConfigInfo field in CredentialIssuer and move this data into strategies field.
2021-03-02 15:39:41 -06:00
Matt Moyer
2a29303e3f
Fix label handling in kubecertagent controllers.
These controllers were a bit inconsistent. There were cases where the controllers ran out of the expected order and the custom labels might not have been applied.

We should still plan to remove this label handling or move responsibility into the middleware layer, but this avoids any regression.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-03-02 13:59:46 -06:00
Matt Moyer
643c60fd7a
Drop NewKubeConfigInfoPublisherController, start populating strategy frontend from kubecertagent execer controller.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-03-02 13:09:25 -06:00
Matt Moyer
7174f857d8
Add generated code.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-03-02 13:09:25 -06:00
Matt Moyer
0be2c0d40f
Add CredentialIssuer "status.strategies[].frontend" field.
This field is a new tagged-union style field that describes how clients can connect using each successful strategy.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-03-02 13:09:25 -06:00
Matt Moyer
a778a5ef81
Merge pull request #469 from mattmoyer/split-out-credentialissuer-status-helpers
Factor out issuerconfig.UpdateStrategy helper.
2021-03-01 18:14:16 -06:00
Matt Moyer
c94ee7188c
Factor out issuerconfig.UpdateStrategy helper.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-03-01 16:21:10 -06:00
Matt Moyer
7ef6a02d0a
Merge pull request #466 from mattmoyer/bump-dependencies
Upgrade Go and Go library dependencies.
2021-03-01 14:16:58 -06:00
Matt Moyer
c832cab8d0
Update internal/oidc/token_exchange.go for latest Fosite version.
The `fosite.TokenEndpointHandler` changed and now requires some additional methods.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-03-01 13:08:41 -06:00
Matt Moyer
234465789b
Regenerate gomock mocks with v1.5.0.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-03-01 11:44:27 -06:00
dependabot[bot]
da6d69d807
Bump github.com/golang/mock from 1.4.4 to 1.5.0
Bumps [github.com/golang/mock](https://github.com/golang/mock) from 1.4.4 to 1.5.0.
- [Release notes](https://github.com/golang/mock/releases)
- [Changelog](https://github.com/golang/mock/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang/mock/compare/v1.4.4...v1.5.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-01 11:44:26 -06:00
dependabot[bot]
04ef7c5456
Bump github.com/ory/fosite from 0.36.0 to 0.38.0
Bumps [github.com/ory/fosite](https://github.com/ory/fosite) from 0.36.0 to 0.38.0.
- [Release notes](https://github.com/ory/fosite/releases)
- [Changelog](https://github.com/ory/fosite/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ory/fosite/compare/v0.36.0...v0.38.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-01 11:44:26 -06:00
dependabot[bot]
f05c3092b5
Bump github.com/go-openapi/spec from 0.19.9 to 0.20.3
Bumps [github.com/go-openapi/spec](https://github.com/go-openapi/spec) from 0.19.9 to 0.20.3.
- [Release notes](https://github.com/go-openapi/spec/releases)
- [Commits](https://github.com/go-openapi/spec/compare/v0.19.9...v0.20.3)

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-01 11:44:26 -06:00
dependabot[bot]
2637dc00da
Bump golang from 1.15.8 to 1.16.0
Bumps golang from 1.15.8 to 1.16.0.

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-01 11:44:26 -06:00
Matt Moyer
e8365d2c57
Merge pull request #467 from mattmoyer/fix-docs-title
Fix missing titles on website docs.
2021-03-01 11:35:56 -06:00
Matt Moyer
dd151b3f50
Fix missing titles on website docs.
Also fixes our sitemap to have correct `lastmod` times when built locally (it was already correct on Netlify).

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-03-01 11:31:27 -06:00
Matt Moyer
a42e3708aa
Merge pull request #453 from mattmoyer/bump-dependencies
Bump a bunch of minor dependencies.
2021-02-25 09:33:53 -06:00
Matt Moyer
c8fc8a0b65
Reformat some log-based test assertions.
These are prone to breaking when stdr is upgraded because they rely on the exact ordering of keys in the log message. If we have more problems we can rewrite the assertions to be more robust, but for this time I'm just fixing them to match the new output.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-25 08:11:37 -06:00
Matt Moyer
a31c24e5a0
Bump a bunch of minor dependencies.
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.6.1 to 1.7.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.6.1...v1.7.0)

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Commits](https://github.com/go-logr/logr/compare/v0.3.0...v0.4.0)

Bumps [k8s.io/klog/v2](https://github.com/kubernetes/klog) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes/klog/compare/v2.4.0...v2.5.0)

Bumps [github.com/go-logr/stdr](https://github.com/go-logr/stdr) from 0.2.0 to 0.4.0.
- [Release notes](https://github.com/go-logr/stdr/releases)
- [Commits](https://github.com/go-logr/stdr/compare/v0.2.0...v0.4.0)

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.1.1 to 1.1.3.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md)
- [Commits](https://github.com/spf13/cobra/compare/v1.1.1...v1.1.3)

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-24 17:37:29 -06:00
Matt Moyer
2254f76b30
Fix a broken link, a typo, and tweak menu text.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-24 09:23:21 -06:00
Matt Moyer
852c1b7a27
Fix some copy-paste errors on install-supervisor.md.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-23 16:02:27 -06:00
Matt Moyer
522210adb6
Merge pull request #447 from mattmoyer/website-security-headers
Add security headers to the website.
2021-02-23 14:39:31 -06:00
Matt Moyer
a4089fcc72
Add security headers to the website.
The one bit of JS we have for the mobile menu needed some tweaking.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-23 14:38:05 -06:00
Matt Moyer
60034b39a3
Fix wording on website hero text.
Requested by @pabloschuhmacher as a small fix.
2021-02-23 12:17:26 -08:00
Matt Moyer
2f7c80a5e0
Merge pull request #446 from mattmoyer/more-website-tweaks
More website tweaks.
2021-02-23 14:13:27 -06:00
Matt Moyer
827e6e0dc0
More website tweaks.
These are some more changes that came up when Pablo and I were reviewing the previous docs PR.

In no particular order:

- Fix "related posts" on the blog section, and hide the section if there are none.

- Minor style changes to several pages (guided by various style guides).

- Redirect the root of get.pinniped.dev to our main page (shouldn't really be hit, but it's nice to do something).

- Add more mobile-friendly CSS for our docs.

- Reword the "getting started" CTA, and hide it on the docs pages (you're already there).

- Fix the "Learn how Pinniped provides identity services to Kubernetes" link on the landing page.

- Add a date to our blog post cards.

- Rewrite the hero text on the landing page.

- Fix the docs link for the "Get Started with Pinniped" button on the landing page.

- Rework the landing page grid text.

- Add Margo and Nanci to the team section and sort it alphabetically.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-23 14:03:37 -06:00
Matt Moyer
a6d74ea876
Merge pull request #443 from mattmoyer/reorg-docs
Restructure website documentation
2021-02-23 11:12:32 -06:00
Matt Moyer
7a1d92a8d4
Restructure docs into new layout.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-23 11:11:07 -06:00
Matt Moyer
f2db76a0d5
Fix typo in multiple-pinnipeds post.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-23 11:11:07 -06:00
Matt Moyer
3721632de2
Move scope doc out of website to SCOPE.md.
This is contributor-focused, so we decided to move it into GitHub only for now.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-23 11:11:07 -06:00
Matt Moyer
4de949fe18
Rework docs sidebar to have some nesting.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-23 11:11:07 -06:00
Mo Khan
e74dd47b1d
Merge pull request #439 from enj/enj/f/whoami_api
Add WhoAmIRequest Aggregated Virtual REST API
2021-02-23 10:40:38 -05:00
Monis Khan
6a9f57f83d
TestWhoAmI: support older clusters (CSR and impersonation)
Signed-off-by: Monis Khan <mok@vmware.com>
2021-02-23 10:15:17 -05:00
Monis Khan
aa22047a0f
Generated
Signed-off-by: Monis Khan <mok@vmware.com>
2021-02-22 20:02:42 -05:00
Monis Khan
abc941097c
Add WhoAmIRequest Aggregated Virtual REST API
This change adds a new virtual aggregated API that can be used by
any user to echo back who they are currently authenticated as.  This
has general utility to end users and can be used in tests to
validate if authentication was successful.

Signed-off-by: Monis Khan <mok@vmware.com>
2021-02-22 20:02:41 -05:00
Monis Khan
62630d6449
getAggregatedAPIServerScheme: move group version logic internally
Signed-off-by: Monis Khan <mok@vmware.com>
2021-02-19 11:10:54 -05:00
Mo Khan
f228f022f5
Merge pull request #435 from enj/enj/c/bump_v0.20.4
Bump Kube deps to v0.20.4
2021-02-19 10:59:40 -05:00
Monis Khan
1c1decfaf1
Generated
Signed-off-by: Monis Khan <mok@vmware.com>
2021-02-19 10:33:10 -05:00
Monis Khan
7786c83b0d
Bump kube deps to v0.20.4
Signed-off-by: Monis Khan <mok@vmware.com>
2021-02-19 10:26:53 -05:00
Mo Khan
41b75e6977
Merge pull request #431 from enj/enj-patch-1
concierge API service: update groupPriorityMinimum and versionPriority
2021-02-19 08:48:06 -05:00
Mo Khan
a54e1145a5
concierge API service: update groupPriorityMinimum and versionPriority
Copy over values that I have seen used in the past.
Signed-off-by: Monis Khan <mok@vmware.com>
2021-02-19 07:47:38 -05:00
Matt Moyer
2b208807a6
Merge pull request #426 from mattmoyer/website-accessibility-tweaks
Tweak website styles for accessibility.
2021-02-17 17:28:03 -06:00
Matt Moyer
25f841d063
Tweak website styles for accessibility.
Makes most of the fonts a bit bigger, increases contrast, fixes some nits about the spacing in numbered/bulletted lists, and adds some image alt texts.

Overall this improves our Lighthouse accessibility score from 71 to 95 and I think it's subjectively more readable.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-17 17:19:58 -06:00
Matt Moyer
93d4581721
Workaround a bad module version to fix Dependabot.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-16 17:05:33 -06:00
Matt Moyer
0a7c5b0604
Merge pull request #403 from mattmoyer/add-latest-generated-package
Add "go.pinniped.dev/generated/latest" package that is not a nested module.
2021-02-16 15:30:48 -06:00