djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
784 Commits 30 Branches 34 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Matt Moyer 7f2c43cd62
Put all of our APIs into a "pinniped" category, and never use "all". 
We want to have our APIs respond to `kubectl get pinniped`, and we shouldn't use `all` because we don't think most average users should have permission to see our API types, which means if we put our types there, they would get an error from `kubectl get all`.

I also added some tests to assert these properties on all `*.pinniped.dev` API resources.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-12 16:26:34 -06:00
.github
Get rid of WIP workflow
2020-10-27 18:39:19 -04:00
apis
Put all of our APIs into a "pinniped" category, and never use "all".
2020-11-12 16:26:34 -06:00
cmd
Merge pull request #185 from vmware-tanzu/authorize_endpoint
2020-11-11 16:03:15 -08:00
deploy
Put all of our APIs into a "pinniped" category, and never use "all".
2020-11-12 16:26:34 -06:00
doc
Merge pull request #154 from vmware-tanzu/change_release_static_yaml_names
2020-11-02 17:09:11 -08:00
generated
Put all of our APIs into a "pinniped" category, and never use "all".
2020-11-12 16:26:34 -06:00
hack
Remove extraneous internal packages for CRD APIs.
2020-11-12 14:04:53 -06:00
internal
auth_handler.go: fix lint error
2020-11-12 12:24:40 -05:00
site
Merge pull request #201 from amymanion/am-dev
2020-11-12 09:12:24 -06:00
test
Put all of our APIs into a "pinniped" category, and never use "all".
2020-11-12 16:26:34 -06:00
tools
Save 2 lines by using inline-style comments for Copyright
2020-09-16 10:35:19 -04:00
.gitattributes
Add .gitattributes as a hint to the GitHub diff viewer.
2020-09-15 11:44:23 -05:00
.gitignore
Add Tilt-based local dev workflow.
2020-10-05 16:34:33 -05:00
.golangci.yaml
Add Go vanity import paths.
2020-09-18 14:56:24 -05:00
.pre-commit-config.yaml
Add Tilt-based local dev workflow.
2020-10-05 16:34:33 -05:00
ADOPTERS.md
Update module/package names to match GitHub org switch.
2020-09-17 12:56:54 -05:00
CODE_OF_CONDUCT.md
Rename the CoC and contributor guide to the names GitHub recognizes.
2020-10-02 15:53:48 -05:00
CONTRIBUTING.md
Merge pull request #149 from mattmoyer/oidc-cli-part-2
2020-10-14 13:40:12 -05:00
Dockerfile
Upgrade golang patch release to 1.15.3 and debian 10.5-slim -> 10.6-slim
2020-11-02 16:17:15 -08:00
go.mod
WIP for saving authorize endpoint state into upstream state param
2020-11-10 17:58:00 -08:00
go.sum
WIP for saving authorize endpoint state into upstream state param
2020-11-10 17:58:00 -08:00
LICENSE
Add Apache 2.0 license.
2020-07-06 13:50:31 -05:00
MAINTAINERS.md
MAINTAINERS.md: add initial draft
2020-09-15 13:14:50 -04:00
README.md
Rename logo file
2020-10-26 15:06:04 -07:00
SECURITY.md
Update precommit hook config to ignore generated files and fix whitespace.
2020-08-31 16:41:22 -05:00

README.md

Pinniped Logo

Overview

Pinniped provides identity services to Kubernetes.

Pinniped allows cluster administrators to easily plug in external identity providers (IDPs) into Kubernetes clusters. This is achieved via a uniform install procedure across all types and origins of Kubernetes clusters, declarative configuration via Kubernetes APIs, enterprise-grade integrations with IDPs, and distribution-specific integration strategies.

Example Use Cases

  • Your team uses a large enterprise IDP, and has many clusters that they manage. Pinniped provides:
    • Seamless and robust integration with the IDP
    • Easy installation across clusters of any type and origin
    • A simplified login flow across all clusters
  • Your team shares a single cluster. Pinniped provides:
    • Simple configuration to integrate an IDP
    • Individual, revocable identities

Architecture

Pinniped offers credential exchange to enable a user to exchange an external IDP credential for a short-lived, cluster-specific credential. Pinniped supports various IDP types and implements different integration strategies for various Kubernetes distributions to make authentication possible.

To learn more, see doc/architecture.md.

Pinniped Architecture Sketch

Trying Pinniped

Care to kick the tires? It's easy to install and try Pinniped.

Discussion

Got a question, comment, or idea? Please don't hesitate to reach out via the GitHub Discussions tab at the top of this page.

Contributions

Contributions are welcome. Before contributing, please see the contributing guide.

Reporting Security Vulnerabilities

Please follow the procedure described in SECURITY.md.

License

Pinniped is open source and licensed under Apache License Version 2.0. See LICENSE.

Copyright 2020 the Pinniped contributors. All Rights Reserved.

Description
Pinniped is the easy, secure way to log in to your Kubernetes clusters.
active-directoryauthenticationidentityidpkubernetesldaploginoidc
Readme 22 MiB
Languages
Go 97.3%
Shell 1.3%
HTML 0.5%
SCSS 0.5%
CSS 0.2%
Other 0.1%