djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Commit Graph

  • 0b66321902 Changes to make the linter pass Margo Crawford 2021-05-19 11:05:35 -0700
  • 297a484948
         Add more validation and update tests for impersonationProxy as pointer. Matt Moyer 2021-05-19 11:40:32 -0500
  • 13372a43e6
         Update generated code from previous commit. Matt Moyer 2021-05-19 11:39:53 -0500
  • 54e0b83146
         Update API so that impersonationProxy spec is a pointer. Matt Moyer 2021-05-19 11:39:28 -0500
  • 986d618e82
         Bump k8s.io/apiserver from 0.21.0 to 0.21.1 dependabot[bot] 2021-05-19 05:51:41 +0000
  • 7a251de0c7
         Bump k8s.io/component-base from 0.21.0 to 0.21.1 dependabot[bot] 2021-05-19 05:51:26 +0000
  • 8f6da724c9
         Bump k8s.io/api from 0.21.0 to 0.21.1 dependabot[bot] 2021-05-19 05:51:11 +0000
  • 7776cd9069
         Bump k8s.io/apimachinery from 0.21.0 to 0.21.1 dependabot[bot] 2021-05-19 05:50:51 +0000
  • 7387a21511
         Bump k8s.io/kube-aggregator from 0.21.0 to 0.21.1 dependabot[bot] 2021-05-19 05:50:25 +0000
  • 94c370ac85 Annotations for impersonation load balancer Margo Crawford 2021-05-18 16:54:59 -0700
  • b5063e59ab Merge branch 'initial_ldap_group_support' into ldap_starttls Ryan Richard 2021-05-18 16:39:59 -0700
  • a6f95cfff1 Configure openldap to disallow non-TLS clients Ryan Richard 2021-05-18 16:38:12 -0700
  • eaea3471ec Validation for service type none and external endpoint none Margo Crawford 2021-05-18 13:50:52 -0700
  • 4a785e73e6
         WIP fixing impersonatorconfig tests Matt Moyer 2021-05-18 14:54:04 -0500
  • 51f1a0ec13 WIP: not using impersonator.config just credentialissuer directly Margo Crawford 2021-05-18 12:16:27 -0700
  • 9af3cb1115 Change impersonation integration test to use CredentialIssuer spec Matt Moyer 2021-05-18 09:51:11 -0700
  • 18ccf11905 Update impersonatorconfig controller to use CredentialIssuer API instead of ConfigMap. Matt Moyer 2021-05-17 17:08:05 -0500
  • 1a131e64fe
         Start deploying an initial CredentialIssuer in our install YAML. Matt Moyer 2021-05-17 10:05:42 -0500
  • e885114221
         Add generated code from adding spec fields to CredentialIssuer. Matt Moyer 2021-05-14 11:55:12 -0500
  • 26da763962
         Add spec fields to CredentialIssuer. Matt Moyer 2021-05-14 10:19:45 -0500
  • 4a456446ff
         Update doc comments for types_credentialissuer.go.tmpl. Matt Moyer 2021-05-11 21:23:43 -0500
  • efeb25b8eb
         Merge pull request #619 from vmware-tanzu/dependabot/go_modules/github.com/creack/pty-1.1.12 Matt Moyer 2021-05-18 09:16:27 -0500
  • f595e81dbb
         Bump github.com/creack/pty from 1.1.11 to 1.1.12 dependabot[bot] 2021-05-18 05:56:45 +0000
  • 0f5f72829b
         Merge pull request #594 from enj/enj/i/tcr_strict_user_info Mo Khan 2021-05-17 19:28:21 -0400
  • f40fd29c7c
         local-user-authenticator: stop setting UID Monis Khan 2021-05-03 15:19:28 -0400
  • 35479e2978
         cred req: disallow lossy user info translations Monis Khan 2021-05-03 14:06:49 -0400
  • 742b70d6a4 Merge branch 'main' into initial_ldap_group_support Ryan Richard 2021-05-17 14:24:56 -0700
  • dab5ff3788 ldap_client_test.go: Forgot to change an assertion related to groups Ryan Richard 2021-05-17 14:21:57 -0700
  • 99099fd32f Yet more debugging of tests which only fail in main CI Ryan Richard 2021-05-17 14:20:41 -0700
  • 65cab53a11 Merge branch 'main' into initial_ldap_group_support Ryan Richard 2021-05-17 14:12:20 -0700
  • 8c660f09bc More debugging of tests which only fail in main CI Ryan Richard 2021-05-17 13:53:17 -0700
  • ac431ddc6d Add more to failure message in test which only fails in main CI Ryan Richard 2021-05-17 12:57:34 -0700
  • 3e1e8880f7 Initial support for upstream LDAP group membership Ryan Richard 2021-05-17 11:10:26 -0700
  • 14b8fcc472
         Merge pull request #555 from vmware-tanzu/initial_ldap Ryan Richard 2021-05-17 10:40:50 -0700
  • 20b1c41bf5 Experiment to see if we can ignore read /dev/ptmx: input/output error Ryan Richard 2021-05-13 16:02:24 -0700
  • f5bf8978a3 Cache ResourceVersion of the validated bind Secret in memory Ryan Richard 2021-05-13 15:22:36 -0700
  • 514ee5b883 Merge branch 'main' into initial_ldap Ryan Richard 2021-05-13 14:24:10 -0700
  • 39d7f8b6eb
         Merge pull request #614 from vmware-tanzu/gc-bug-tests Margo Crawford 2021-05-13 13:08:07 -0700
  • 609883c49e Update TestSupervisorOIDCDiscovery for versioned IDP discovery endpoint Ryan Richard 2021-05-13 13:07:31 -0700
  • f15fc66e06 pinniped get kubeconfig refactor to use oidc.NewProvider for discovery Ryan Richard 2021-05-13 12:27:42 -0700
  • 6479015caf Remove timeout so this test doesnt take forever Margo Crawford 2021-05-13 10:23:44 -0700
  • 67dca688d7 Add an API version to the Supervisor IDP discovery endpoint Ryan Richard 2021-05-13 10:05:56 -0700
  • b391d5ae02 Also check that the authcode storage is around for a while Margo Crawford 2021-05-12 14:22:14 -0700
  • 29ca8acab4 oidc_upstream_watcher.go: two methods become private funcs Ryan Richard 2021-05-12 14:05:08 -0700
  • 1ae3c6a1ad Split package upstreamwatchers into four packages Ryan Richard 2021-05-12 14:00:39 -0700
  • 22092e9aed Missed a usage of int64Ptr in previous commit Ryan Richard 2021-05-12 14:00:26 -0700
  • 874f938fc7 unit test for garbage collection time for refresh and access tokens Margo Crawford 2021-05-12 13:55:54 -0700
  • 4804c837d4 Insignificant change in ldap_upstream_watcher_test.go Ryan Richard 2021-05-12 13:37:01 -0700
  • f0652c1ce1 Replace all usages of strPtr() with pointer.StringPtr() Ryan Richard 2021-05-12 13:20:00 -0700
  • 044443f315 Rename X-Pinniped-Idp-* headers to Pinniped-* Ryan Richard 2021-05-12 13:06:08 -0700
  • 9ca72fcd30 login.go: Respect overallTimeout for LDAP login-related http requests Ryan Richard 2021-05-12 12:57:10 -0700
  • 3008d1a85c Log slow LDAP authentication attempts for debugging purposes Ryan Richard 2021-05-12 11:59:48 -0700
  • 6c2a775c9b Use proxy for pinniped get kubeconfig in hack/prepare-supervisor-on-kind.sh Ryan Richard 2021-05-12 11:34:16 -0700
  • 41d3e3b6ec Fix lint error in e2e_test.go Ryan Richard 2021-05-12 11:24:00 -0700
  • 20b86ac0a9
         Merge pull request #589 from vmware-tanzu/ldap-get-kubeconfig Ryan Richard 2021-05-12 10:10:49 -0700
  • df0e715bb7 Add integration test that waits for access token expiry Margo Crawford 2021-05-12 09:05:13 -0700
  • 6723ed9fd8 Add end-to-end integration test for CLI-based LDAP login Ryan Richard 2021-05-11 13:55:46 -0700
  • f98aa96ed3 Merge branch 'initial_ldap' into ldap-get-kubeconfig Ryan Richard 2021-05-11 11:10:25 -0700
  • 675bbb2aba Merge branch 'main' into initial_ldap Ryan Richard 2021-05-11 11:09:37 -0700
  • e25eb05450 Move Supervisor IDP discovery to its own new endpoint Ryan Richard 2021-05-11 10:31:33 -0700
  • dbde150c38 Update CLI docs for v0.8.0 release Pinny 2021-05-10 22:01:16 +0000
  • c0fcd27594
         Fix typo in test/integration/e2e_test.go Ryan Richard 2021-05-10 12:51:56 -0700
  • 1ddc85495f
         Merge pull request #610 from enj/enj/t/eks_extra_nested_impersonation v0.8.0 Mo Khan 2021-05-10 13:49:24 -0400
  • 716659b74a
         impersonation proxy test: handle admin users with mixed case extra keys Monis Khan 2021-05-10 13:22:51 -0400
  • 696c2b9133
         Merge pull request #609 from enj/enj/t/eks_uid_nested_impersonation Mo Khan 2021-05-10 10:35:26 -0400
  • 0770682bf9
         impersonation proxy test: handle admin users with UID such as on EKS Mo Khan 2021-05-10 00:50:59 -0400
  • 88ff3164a2
         Merge pull request #608 from enj/enj/i/discovery_keep_oidc_err Mo Khan 2021-05-10 09:18:13 -0400
  • 56d316e8d3
         upstreamwatcher: do not truncate explicit oidc errors Mo Khan 2021-05-10 00:22:34 -0400
  • 9fc7f43245
         Merge pull request #607 from mattmoyer/fix-eks-nested-impersonation-tests Matt Moyer 2021-05-07 16:46:40 -0500
  • 47f5e822d0
         Fix TestImpersonationProxy on EKS. Matt Moyer 2021-05-07 16:22:08 -0500
  • cc99d9aeb4
         Merge pull request #606 from enj/enj/i/log_discovery_err Mo Khan 2021-05-07 16:56:52 -0400
  • 7ece196893
         upstreamwatcher: preserve oidc discovery error Mo Khan 2021-05-07 15:59:04 -0400
  • a08a28d67b
         Merge pull request #603 from vmware-tanzu/dependabot/docker/golang-1.16.4 Matt Moyer 2021-05-07 06:58:13 -0500
  • 2634c9f04a
         Bump golang from 1.16.3 to 1.16.4 dependabot[bot] 2021-05-07 05:49:58 +0000
  • 29a1ca5168
         Merge pull request #602 from vmware-tanzu/access-token-lifetime Margo Crawford 2021-05-06 14:39:52 -0700
  • 5240f5e84a Change access token storage lifetime to be the same as the refresh token's Margo Crawford 2021-05-06 11:53:41 -0700
  • a8bccc5432
         Merge pull request #599 from mattmoyer/docs-tweak-configure-supervisor-with-gitlab Matt Moyer 2021-05-04 17:32:14 -0500
  • f167a075dd
         Clean up this language in configure-supervisor-with-gitlab.md a bit more. Matt Moyer 2021-05-04 15:47:18 -0500
  • 8136c787a7
         More adjustments to configure-supervisor-with-gitlab.md. Matt Moyer 2021-05-04 15:33:33 -0500
  • 3e13b5f39d
         Do some minor copyediting on "configure-supervisor-with-gitlab.md". Matt Moyer 2021-05-04 14:13:20 -0500
  • 1a2940c278
         Merge pull request #560 from vmware-tanzu/client-debug-logging Margo Crawford 2021-05-04 13:46:47 -0700
  • 4bb0fdeddd
         Merge pull request #598 from enj/enj/i/gc_tz Mo Khan 2021-05-04 15:08:06 -0400
  • 4ce77c4837
         supervisor gc: use singleton queue Monis Khan 2021-05-04 12:38:47 -0400
  • 1586171876
         Merge pull request #595 from mattmoyer/fix-psp-related-regression Matt Moyer 2021-05-04 11:04:16 -0500
  • 165bef7809
         Split out kube-cert-agent service account and bindings. Matt Moyer 2021-05-03 16:31:48 -0500
  • b80cbb8cc5
         Run kube-cert-agent pod as Concierge ServiceAccount. Matt Moyer 2021-05-03 16:20:13 -0500
  • 71e38d232e login.go discards logs by default Ryan Richard 2021-05-03 09:13:18 -0700
  • 778c194cc4 Autodetection with multiple idps in discovery document Margo Crawford 2021-04-30 17:14:28 -0700
  • a8754b5658 Refactor: extract helper func from runGetKubeconfig() Margo Crawford 2021-04-30 15:00:54 -0700
  • 1c66ffd5ff WIP: add supervisor upstream flags to pinniped get kubeconfig Ryan Richard 2021-04-30 14:28:03 -0700
  • ab94b97f4a Change login.go to use logr.logger Margo Crawford 2021-04-30 12:10:04 -0700
  • d6a172214d
         Merge pull request #587 from vmware-tanzu/supervisor-gitlab-docs Margo Crawford 2021-04-30 11:01:22 -0700
  • 638fa7ba27
         Merge pull request #592 from enj/enj/t/valueless_ctx_2 Mo Khan 2021-04-30 11:07:32 -0400
  • b5ffab6330
         valuelesscontext: make unit tests more clear Monis Khan 2021-04-30 10:33:11 -0400
  • 8556a638a2
         Merge pull request #591 from enj/enj/t/valueless_ctx Mo Khan 2021-04-30 10:10:48 -0400
  • 44c7f8daf0
         valuelesscontext: add some unit tests Monis Khan 2021-04-30 09:45:34 -0400
  • 1efa4da80c
         Merge pull request #590 from enj/enj/f/sa_authn_impersonation_proxy Mo Khan 2021-04-29 17:53:27 -0400
  • 62785674c3
         impersonator: add support for service account token authentication Monis Khan 2021-04-20 11:19:58 -0400
  • 9e4f601a3f
         Merge pull request #588 from enj/enj/i/webhookcachefiller_ca Mo Khan 2021-04-29 07:47:06 -0400
  • bb7e7fe81e
         webhookcachefiller: be stricter about CA bundle validation Monis Khan 2021-04-28 13:49:42 -0400