Andrew Keesler
f464e03380
Generate code against 1.17.11
...
We want to be able to run kind integration tests against the same
versions that we generate code against. There is no public
kindest/node image for 1.17.9, so let's update to the next 1.17.x
version where there is an image: 1.17.11.
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-09-17 10:35:45 -04:00
Ryan Richard
efbe3a26c1
Merge pull request #111 from suzerain-io/contributor_guide_updates
...
Contributor guide updates
2020-09-16 16:48:26 -07:00
Andrew Keesler
4f59d9286c
Update community meeting link to one which requires a host to be present
...
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-09-16 16:39:59 -07:00
Andrew Keesler
6c75de9334
Use public container images for codegen as as defaults when deploying
...
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-09-16 15:46:51 -07:00
Ryan Richard
f425eed07c
Small edits to PR template file
2020-09-16 09:06:36 -07:00
Ryan Richard
7a975d98fb
First draft of a PR template file.
2020-09-16 08:56:18 -07:00
Ryan Richard
635ecd7b1a
Merge branch 'main' into contributor_guide_updates
2020-09-16 08:32:34 -07:00
Andrew Keesler
6d0b83aabf
Merge pull request #113 from ankeesler/pinniped-copyright
...
Pinniped copyright
2020-09-16 10:58:40 -04:00
Andrew Keesler
6ba712d612
Fix copyright format in hack/header.txt
2020-09-16 10:42:26 -04:00
Andrew Keesler
eab5c2b86b
Save 2 lines by using inline-style comments for Copyright
...
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-09-16 10:35:19 -04:00
Andrew Keesler
e7b389ae6c
Update copyright to reference Pinniped contributors
...
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-09-16 10:05:51 -04:00
Ryan Richard
e51e51dfd4
Add link to public Pinniped Biweekly Community Meeting agenda/notes doc
2020-09-15 18:19:20 -07:00
Ryan Richard
cd0194cb68
Contributor guide updates
2020-09-15 17:59:40 -07:00
Ryan Richard
a73f14e03d
Revert "Fake README update to test a change to the PR pipeline"
...
This reverts commit e3b8c3b611
.
2020-09-15 16:43:04 -07:00
Ryan Richard
e3b8c3b611
Fake README update to test a change to the PR pipeline
2020-09-15 16:41:39 -07:00
Ryan Richard
da9f24cf30
Merge pull request #99 from ankeesler/arch-doc
...
doc/architecture.md and new overview diagram
2020-09-15 16:20:31 -07:00
Ryan Richard
67de7f5646
Further explain the webhook API in architecture.md
2020-09-15 16:18:48 -07:00
Ryan Richard
43c69ec339
Update the architecture diagram
...
- Also update the instructions for editing the documentation images
2020-09-15 16:07:09 -07:00
Ryan Richard
014fb518bc
Change one usage of "external" back to "upstream"
2020-09-15 14:04:05 -07:00
Ryan Richard
321c6a5392
Merge remote-tracking branch 'origin/main' into arch-doc
2020-09-15 14:02:26 -07:00
Ryan Richard
db98f2810f
Merge pull request #98 from suzerain-io/get_kubeconfig_cli
...
Organize Pinniped CLI into subcommands; Add get-kubeconfig subcommand
2020-09-15 13:34:14 -07:00
Andrew Keesler
062dfa3e75
Merge pull request #100 from ankeesler/adopters-doc
...
ADOPTERS.md: add initial draft
2020-09-15 16:20:35 -04:00
Matt Moyer
1244a950e7
Merge pull request #108 from mattmoyer/cleanup-credential-request-api
...
Clean up CredentialRequest `types.go`.
2020-09-15 15:03:07 -05:00
Matt Moyer
8df910361c
Clean up CredentialRequest types.go
.
...
Mostly cleaned up and added doc strings, but also removed unneeded protobuf tags.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 14:30:12 -05:00
Matt Moyer
37da441e96
Merge pull request #107 from mattmoyer/tidy-go-modules
...
Tidy go.mod/go.sum.
2020-09-15 14:29:39 -05:00
Matt Moyer
6faf224e20
Merge pull request #105 from mattmoyer/extend-readiness-check
...
Wait for informers to sync before we pass readiness check.
2020-09-15 14:27:42 -05:00
Matt Moyer
92372d20a9
Tidy go.mod/go.sum.
...
I accidentally missed this in bbef017989
and it's not currently part of our CI linting.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 14:14:44 -05:00
Matt Moyer
12f0997193
Wait for informers to sync before we pass readiness check.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 14:14:25 -05:00
Matt Moyer
e428877473
Merge pull request #106 from mattmoyer/fix-webhook-base64-encoding
...
Fix base64 encoding style in webhookcachefiller.
2020-09-15 14:12:02 -05:00
Ryan Richard
cecd691a84
Add demo instructions
...
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-09-15 12:10:20 -07:00
Matt Moyer
1c7b3c3072
Fix base64 encoding style in webhookcachefiller.
...
This was previously using the unpadded (raw) base64 encoder, which worked sometimes (if the CA happened to be a length that didn't require padding). The correct encoding is the `base64.StdEncoding` one that includes padding.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 13:54:19 -05:00
Matt Moyer
b1ea04b036
Merge pull request #83 from mattmoyer/add-idp-config-crd
...
Implement the initial version of a WebhookIdentityProvider CRD.
2020-09-15 12:53:31 -05:00
Andrew Keesler
36a66f4e8b
Merge pull request #104 from ankeesler/maintainers-doc
...
MAINTAINERS.md: add initial draft
2020-09-15 13:31:15 -04:00
Matt Moyer
b39160e4c4
Add some log output to TestCredentialIssuerConfig for troubleshooting.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 12:15:42 -05:00
Andrew Keesler
a22b414b58
MAINTAINERS.md: add initial draft
...
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-09-15 13:14:50 -04:00
Matt Moyer
8de046a561
Remove static webhook config options.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 12:02:34 -05:00
Matt Moyer
f7c9ae8ba3
Validate tokens using the new dynamic IDP cache instead of the static config.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 12:02:34 -05:00
Matt Moyer
75ea0f48d9
Add a controller to clean up stale entries in the idpcache.Cache.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 12:02:33 -05:00
Matt Moyer
acfc5acfb2
Add a controller to fill the idpcache.Cache from WebhookIdentityProvider objects.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 12:02:33 -05:00
Matt Moyer
6506a82b19
Add a cache of active IDPs, which implements authenticator.Token.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 12:02:33 -05:00
Matt Moyer
66f4e62c6c
Add internal/mocks/mocktokenauthenticator generated mocks.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 12:02:33 -05:00
Matt Moyer
80a23bd2fd
Rename "Webhook" to "TokenAuthenticator" in our REST handler and callers.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 12:02:33 -05:00
Matt Moyer
2bdbac3e15
Move the ytt webhook config out into the CRD.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 12:02:33 -05:00
Matt Moyer
5b9f2ec9fc
Give our controller access to all our CRD types.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 12:02:33 -05:00
Matt Moyer
fc220d5f79
Remove kubectl dry-run verify for now.
...
The dry-run fails now because we are trying to install a CRD and a custom resource (of that CRD type) in the same step.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 12:02:32 -05:00
Matt Moyer
3344b5b86a
Expect the WebhookIdentityProvider CRD to be installed.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 11:44:24 -05:00
Matt Moyer
557fd0df26
Define the WebhookIdentityProvider CRD.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 11:44:23 -05:00
Matt Moyer
9bb3d4ef28
Add .gitattributes as a hint to the GitHub diff viewer.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-15 11:44:23 -05:00
Ryan Richard
4ced58b5b7
Add help/usage units for CLI exchange-credential
subcommand
2020-09-15 09:05:40 -07:00
Andrew Keesler
831df90c93
test/integration: add integration test for pinniped cli
2020-09-15 11:00:38 -04:00