Commit Graph

18 Commits

Author SHA1 Message Date
Benjamin A. Petersen
d803b7c3d4
simplify env vars again, create one well known /tmp/integration-test-env file again 2023-10-19 15:28:08 -04:00
Benjamin A. Petersen
4bbd6312c5
Update hack scripts to support fresh /tmp/pinniped-XXX env files on every run 2023-10-12 11:24:19 -04:00
Ryan Richard
62c597eb3b Show errors from the form_post POST request on the page 2023-10-02 09:53:53 -07:00
Ryan Richard
0ab6311cf5 Optionally use Contour in hack/prepare-supervisor-on-kind.sh
Using Contour for ingress allows us to avoid using the hacky proxy
server approach. This makes it easy to use any web browser to complete
the login process, since there is no need to configure the proxy server
for the browser.
2023-09-27 12:32:49 -07:00
Ryan Richard
c52ed93bf8 make prepare-supervisor-on-kind.sh work with older versions of bash 2023-09-12 10:24:55 -07:00
Ryan Richard
e2bdab9e2d add the IDP display name to the downstream ID token's sub claim
To make the subject of the downstream ID token more unique when
there are multiple IDPs. It is possible to define two IDPs in a
FederationDomain using the same identity provider CR, in which
case the only thing that would make the subject claim different
is adding the IDP display name into the values of the subject claim.
2023-09-11 11:15:40 -07:00
Ryan Richard
b05e8a5e24 Replace sleep with kubectl wait in prepare-supervisor-on-kind.sh
- Now that the FederationDomain has `status.conditions`, we can use
  `kubectl wait` to wait for it to be ready in this hack script
2023-09-11 11:14:05 -07:00
Ryan Richard
7af75dfe3c First draft of implementation of multiple IDPs support 2023-09-11 11:09:49 -07:00
Ryan Richard
5b0c165dc8 fix usage of base64 in hack script 2022-06-28 12:44:41 -07:00
Ryan Richard
00d68845c4 Add --flow to choose login flow in prepare-supervisor-on-kind.sh 2022-05-05 13:42:23 -07:00
Ryan Richard
eaa87c7628 support AD in hack/prepare-supervisor-on-kind.sh 2022-05-03 12:59:39 -07:00
Ryan Richard
6c2a775c9b Use proxy for pinniped get kubeconfig in hack/prepare-supervisor-on-kind.sh
Because the command now calls the discovery endpoint,
so it needs to go through the proxy to resolve the
hostname.
2021-05-12 11:34:16 -07:00
Ryan Richard
36819989a3 Remove DryRunAuthenticationUsername from LDAPIdentityProviderSpec
Signed-off-by: Margo Crawford <margaretc@vmware.com>
2021-04-28 14:26:57 -07:00
Ryan Richard
263a33cc85 Some updates based on PR review 2021-04-27 12:43:09 -07:00
Ryan Richard
9b818dbf10 Remove another 10s sleep related to JWTAuthenticator initialization 2021-04-22 16:59:42 -07:00
Ryan Richard
c176d15aa7 Add Supervisor upstream LDAP login to the Pinniped CLI
- Also enhance prepare-supervisor-on-kind.sh to allow setup of
  a working LDAP upstream IDP.
2021-04-19 17:59:46 -07:00
Ryan Richard
70d607d87e prepare-supervisor-on-kind.sh was accidentally double base64 encoding
$PINNIPED_TEST_SUPERVISOR_UPSTREAM_OIDC_ISSUER_CA_BUNDLE was recently
changed to be a base64 encoded value, so this script does not need to
base64 encode the value itself anymore.
2021-04-16 18:32:30 -07:00
Ryan Richard
7bb5657c4d Add hack/prepare-supervisor-on-kind.sh
A demo of running the Supervisor and Concierge on
a kind cluster. Can be used to quickly set up an
environment for manual testing.

Also added some missing copyright headers to other
hack scripts.
2021-03-31 11:39:10 -07:00