djpbessems
/
ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ContainerImage.Pinniped/internal
History
Benjamin A. Petersen 492f6cfddf
impersonator: honor anonymous authentication being disabled 
When anonymous authentication is disabled, the impersonation proxy
will no longer authenticate anonymous requests other than calls to
the token credential request API (this API is used to retrieve
credentials and thus must be accessed anonymously).

Signed-off-by: Benjamin A. Petersen <ben@benjaminapetersen.me>
Signed-off-by: Monis Khan <mok@vmware.com>
 		2021-06-04 09:00:56 -04:00
..
apiserviceref Use API service as owner ref for cluster scoped resources 2021-02-10 21:52:08 -05:00
authenticators More LDAP WIP: started controller and LDAP server connection code 2021-04-09 18:49:43 -07:00
certauthority dynamiccert: split into serving cert and CA providers 2021-03-15 12:24:07 -04:00
clusterhost Introduce clusterhost package to determine whether a cluster has control plane nodes 2021-02-09 11:16:01 -08:00
concierge impersonator: honor anonymous authentication being disabled 2021-06-04 09:00:56 -04:00
config Remove references to impersonationConfigMap. 2021-05-26 15:24:59 -05:00
constable Save 2 lines by using inline-style comments for Copyright 2020-09-16 10:35:19 -04:00
controller Tolerate NotFound when deleting services in `impersonatorconfig`. 2021-06-03 12:07:19 -05:00
controllerlib Allow multiple Pinnipeds to work on same cluster 2021-02-02 15:18:41 -08:00
controllermanager Switch impersonatorconfig to all singleton queues. 2021-05-26 12:54:40 -05:00
crud Supervisor storage garbage collection controller enabled in production 2020-12-11 15:21:34 -08:00
deploymentref Use API service as owner ref for cluster scoped resources 2021-02-10 21:52:08 -05:00
downward internal/downward: add support for (optional) pod name 2020-12-11 11:49:27 -05:00
dynamiccert dynamiccert: unit test with DynamicServingCertificateController 2021-03-15 17:23:37 -04:00
endpointaddr Add endpointaddr pkg for parsing host+port inputs. 2021-05-25 16:17:26 -05:00
execcredcache Add CLI caching of cluster-specific credentials. 2021-04-08 14:12:34 -05:00
fositestorage Update ExpectedAuthorizeCodeSessionJSONFromFuzzing. 2020-12-17 16:31:08 -06:00
fositestoragei More adjustments based on PR feedback 2021-04-27 16:54:26 -07:00
groupsuffix Add WhoAmIRequest Aggregated Virtual REST API 2021-02-22 20:02:41 -05:00
here Save 2 lines by using inline-style comments for Copyright 2020-09-16 10:35:19 -04:00
httputil impersonator: test UID impersonation and header canonicalization 2021-03-16 13:00:51 -04:00
issuer dynamiccert: split into serving cert and CA providers 2021-03-15 12:24:07 -04:00
kubeclient internal/kubeclient: match plog level with klog level 2021-04-21 16:25:08 -04:00
mocks Initial support for upstream LDAP group membership 2021-05-17 11:10:26 -07:00
oidc Update ID token tests for latest Fosite. 2021-05-28 12:53:37 -05:00
ownerref internal/groupsuffix: mutate TokenCredentialRequest's Authenticator 2021-02-10 15:53:44 -05:00
plog WIP on new plog 2021-04-21 09:02:45 -07:00
registry cred req: disallow lossy user info translations 2021-05-17 19:03:44 -04:00
secret All controller unit tests should not cancel context until test is over 2021-03-04 17:26:01 -08:00
testutil Add user search base to downstream subject for upstream LDAP 2021-05-26 17:04:20 -07:00
upstreamldap In LDAP, do not log username until we know the user exists. 2021-05-28 16:57:48 -05:00
upstreamoidc Upgrade to github.com/coreos/go-oidc v3.0.0. 2021-01-21 12:08:14 -06:00
valuelesscontext valuelesscontext: make unit tests more clear 2021-04-30 10:43:29 -04:00