djpbessems
/
ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,773 Commits 30 Branches 34 Tags 22 MiB
Commit Graph

185 Commits

Author SHA1 Message Date
Mo Khan 853cc753b8
Merge pull request #1024 from anjaltelang/main 
Blog changes for Group refresh
 2022-03-04 13:28:18 -05:00
Pinny cdfb3b75cb Updated versions in docs for v0.15.0 release 2022-03-04 17:36:24 +00:00
Pinny 89e68489ea Updated versions in docs for v0.14.0 release 2022-03-03 21:57:36 +00:00
Mo Khan eec5f0fa26
Fix v0.15.0 release link 2022-03-03 15:28:01 -05:00
Ryan Richard 7e8eba3244
Update 2022-01-18-idp-refresh-tls-ciphers-for-compliance.md 2022-03-03 12:23:42 -08:00
Margo Crawford b8bdfa1b9a Update docs to reference the latest k8s codegen version 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-03-03 10:36:42 -08:00
Anjali Telang 27f04e9ab9 Blog changes for Group refresh 
Signed-off-by: Anjali Telang <atelang@vmware.com>
 2022-03-03 12:49:01 -05:00
Mo Khan be2aee957c
Bump API docs to 1.23 
Seems like this should be automated.
 2022-03-02 09:04:41 -05:00
Mo Khan c4ae5cfebb
Merge pull request #1003 from enj/enj/d/dex_password 
Update dex docs regarding password grant
 2022-02-15 15:45:54 -05:00
Ryan Richard 0175445ece Merge branch 'main' into gke_tutorial 2022-02-15 09:22:52 -08:00
Ryan Richard f728ea743f Add --ignore-not-found to delete Supervisor app command 2022-02-15 09:04:47 -08:00
Ryan Richard 230e563ab7 Another draft of the new tutorial guide 2022-02-14 17:23:57 -08:00
Monis Khan a21a5bca1e
Update dex docs regarding password grant 
Signed-off-by: Monis Khan <mok@vmware.com>
 2022-02-13 12:48:20 -05:00
Ryan Richard 05ec8cba8c Add a new subheading to the tutorial doc 2022-02-11 17:16:40 -08:00
Ryan Richard e57a1a7891 Overwrite the old Supervisor+Concierge tutorial with the new one 
And make it easier for web site readers to find by adding prominent
links to it from several places.
 2022-02-11 17:03:13 -08:00
Mo Khan 2c0b5b733b
Bump site latest_version to v0.14.0 2022-02-10 16:13:39 -05:00
Ryan Richard c56ef5c40c First draft of a Supervisor on GKE + Concierge on GKE tutorial 
Including ingress, DNS, cert-manager + letsencrypt for TLS certs,
Okta, multiple workload clusters, etc.
 2022-02-09 17:13:40 -08:00
Nanci Lancaster d728c89ba6
updated search functionality of docs on site 
Signed-off-by: Nanci Lancaster <nancil@vmware.com>
 2022-02-09 11:01:37 -05:00
Margo Crawford 3b1153cd91 Update latest version to v0.13.0 2022-01-21 15:19:40 -08:00
anjalitelang 6590230bcd
Merge pull request #954 from anjaltelang/main 
Blog for v0.13.0
 2022-01-21 15:17:18 -08:00
Pinny 4f06cd3c2e Update CLI docs for v0.13.0 release 2022-01-21 23:12:12 +00:00
Margo Crawford dea9bf9b90
Merge pull request #970 from vmware-tanzu/kubectl-apply-resources 
When instructing users how to install the concierge with kubectl apply,
 2022-01-21 13:36:52 -08:00
Margo Crawford 726e88ea03 When instructing users how to install the concierge with kubectl apply, 
reccommend using install-pinniped-concierge-crds.yaml, then
install-pinniped-concierge-resources.yaml.

Previously we recommended install-pinniped-concierge-crds (a subset),
then install-pinniped-concierge (everything concierge related, including
the crds). This works fine for install, but not uninstall. Instead we
should use a separate yaml file that contains everything in
install-pinniped-concierge but *not* in install-pinniped-concierge-crds.

We have been generating this file in CI since a5ced4286b6febc7474b7adee34eeb1b62ec82b7
but we haven't released since then so we haven't been able to recommend
its use.
 2022-01-21 10:26:45 -08:00
Margo Crawford 62a8967db1 Request offline_access in the concierge with supervisor demo 
It's a generic config and not OIDC provider specific
but since most providers require it it seems like the
best default.
 2022-01-21 09:58:04 -08:00
Monis Khan 1e1789f6d1
Allow configuration of supervisor endpoints 
This change allows configuration of the http and https listeners
used by the supervisor.

TCP (IPv4 and IPv6 with any interface and port) and Unix domain
socket based listeners are supported.  Listeners may also be
disabled.

Binding the http listener to TCP addresses other than 127.0.0.1 or
::1 is deprecated.

The deployment now uses https health checks.  The supervisor is
always able to complete a TLS connection with the use of a bootstrap
certificate that is signed by an in-memory certificate authority.

To support sidecar containers used by service meshes, Unix domain
socket based listeners include ACLs that allow writes to the socket
file from any runAsUser specified in the pod's containers.

Signed-off-by: Monis Khan <mok@vmware.com>
 2022-01-18 17:43:45 -05:00
Nanci Lancaster e31a410096 Updated community and resources pages 2021-12-16 16:02:47 -06:00
Ryan Richard aa361a70a7 clarifications to code walkthrough doc 2021-12-03 10:50:02 -08:00
Ryan Richard 7b6bdd8129 fix link to blog and add another in doc 2021-12-03 10:32:16 -08:00
Ryan Richard 2736c3603a fix typo in doc 2021-12-03 09:17:17 -08:00
Ryan Richard 3ea90467b7 add first draft of code walk-through doc 2021-12-02 17:18:50 -08:00
Monis Khan 2ba5d51120
Change default install hint to use get.pinniped.dev/cli 
This avoids a hard link against a docs page that may change over
time.

Signed-off-by: Monis Khan <mok@vmware.com>
 2021-10-26 17:14:13 -04:00
Anjali Telang 59256264ec Changing the architecture.md weight back to 100 
Signed-off-by: Anjali Telang <atelang@vmware.com>
 2021-10-26 16:34:32 -04:00
Anjali Telang f93cdcb9c5 Merge remote-tracking branch 'upstream/main' into main 2021-10-26 15:29:56 -04:00
Ryan Richard dec43289f6 Lots of small updates based on PR feedback 2021-10-20 15:53:25 -07:00
Anjali Telang a22507f835 Architecture should be on top of the docs page 
Signed-off-by: Anjali Telang <atelang@vmware.com>
 2021-10-19 13:46:30 -04:00
Ryan Richard d3ade82f3f Update docs 2021-10-19 09:48:40 -07:00
Ryan Richard d68bebeb49 Merge branch 'main' into upstream_refresh 2021-10-18 15:35:46 -07:00
Ryan Richard ddb23bd2ed Add upstream refresh related config to OIDCIdentityProvider CRD 
Also update related docs.
 2021-10-14 15:49:44 -07:00
Margo Crawford 4aa66b9667
Update site/content/docs/reference/supported-clusters.md 
Co-authored-by: Mo Khan <i@monis.app>
 2021-10-06 11:23:29 -07:00
Margo Crawford 11797db866 Change description of impersonation proxy strategy in supported clusters. 
This was wrong, since you don't need a LoadBalancer to run the
impersonation proxy if you specify spec.service.type = "None" or
"ClusterIP" on the CredentialIssuer.
 2021-10-06 11:08:17 -07:00
Ryan Richard 95b9782549
Update config.yaml 2021-09-16 11:43:40 -07:00
Matt Moyer 402c213183
So long and thanks for all the fish 🦭 
Today is my last day working full time on Pinniped (for now). This change removes me from the MAINTAINERS.md and the website.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
 2021-09-03 12:38:53 -05:00
Anjali Telang 4e7214c6b5 Rephrased again 
Signed-off-by: Anjali Telang <atelang@vmware.com>
 2021-09-02 14:54:14 -04:00
Anjali Telang 85daec4748 Rephrased 
Signed-off-by: Anjali Telang <atelang@vmware.com>
 2021-09-02 14:51:36 -04:00
Anjali Telang cf014656af Add Reference to release notes in the v0.11.0 Blog post 
Signed-off-by: Anjali Telang <atelang@vmware.com>
 2021-09-02 14:44:53 -04:00
Anjali Telang fcffab9a4c Add community info and resolve some minor issues 
Signed-off-by: Anjali Telang <atelang@vmware.com>
 2021-09-01 13:23:26 -04:00
Ryan Richard 92f7f12bab Update latest release tag in site/config.yaml, used by docs 2021-08-31 16:47:40 -07:00
Ryan Richard 7c40185676
Merge pull request #825 from anjaltelang/main 
Add Blog post for v0.11.0 release
 2021-08-31 16:46:23 -07:00
Pinny abf19f649d Update CLI docs for v0.11.0 release 2021-08-31 23:40:00 +00:00
Pinny 0a2a716796 Update CLI docs for v0.10.0 release 2021-08-31 23:21:54 +00:00