ContainerImage.Pinniped/internal
Ryan Richard 83085aa3d6 Retest the server connection when the bind Secret has changed
Unfortunately, Secrets do not seem to have a Generation field, so we
use the ResourceVersion field instead. This means that any change to
the Secret will cause us to retry the connection to the LDAP server,
even if the username and password fields in the Secret were not
changed. Seems like an okay trade-off for this early draft of the
controller compared to a more complex implementation.
2021-04-15 17:45:15 -07:00
..
apiserviceref Use API service as owner ref for cluster scoped resources 2021-02-10 21:52:08 -05:00
authenticators More LDAP WIP: started controller and LDAP server connection code 2021-04-09 18:49:43 -07:00
certauthority dynamiccert: split into serving cert and CA providers 2021-03-15 12:24:07 -04:00
clusterhost Introduce clusterhost package to determine whether a cluster has control plane nodes 2021-02-09 11:16:01 -08:00
concierge Remove metav1.ExportOptions from scheme tests. 2021-04-09 13:00:50 -05:00
config Use TokenCredentialRequest instead of base64 token with impersonator 2021-03-10 10:30:06 -08:00
constable Save 2 lines by using inline-style comments for Copyright 2020-09-16 10:35:19 -04:00
controller Retest the server connection when the bind Secret has changed 2021-04-15 17:45:15 -07:00
controllerlib Allow multiple Pinnipeds to work on same cluster 2021-02-02 15:18:41 -08:00
controllermanager dynamiccert: split into serving cert and CA providers 2021-03-15 12:24:07 -04:00
crud Supervisor storage garbage collection controller enabled in production 2020-12-11 15:21:34 -08:00
deploymentref Use API service as owner ref for cluster scoped resources 2021-02-10 21:52:08 -05:00
downward internal/downward: add support for (optional) pod name 2020-12-11 11:49:27 -05:00
dynamiccert dynamiccert: unit test with DynamicServingCertificateController 2021-03-15 17:23:37 -04:00
execcredcache Add CLI caching of cluster-specific credentials. 2021-04-08 14:12:34 -05:00
fositestorage Update ExpectedAuthorizeCodeSessionJSONFromFuzzing. 2020-12-17 16:31:08 -06:00
fositestoragei Implement upstream LDAP support in auth_handler.go 2021-04-08 17:28:01 -07:00
groupsuffix Add WhoAmIRequest Aggregated Virtual REST API 2021-02-22 20:02:41 -05:00
here Save 2 lines by using inline-style comments for Copyright 2020-09-16 10:35:19 -04:00
httputil impersonator: test UID impersonation and header canonicalization 2021-03-16 13:00:51 -04:00
issuer dynamiccert: split into serving cert and CA providers 2021-03-15 12:24:07 -04:00
kubeclient Add WhoAmIRequest Aggregated Virtual REST API 2021-02-22 20:02:41 -05:00
mocks ldap: add initial stub upstream LDAP connection package 2021-04-09 11:38:53 -04:00
oidc Return unauthenticated instead of error for bad username or password 2021-04-13 16:22:13 -07:00
ownerref internal/groupsuffix: mutate TokenCredentialRequest's Authenticator 2021-02-10 15:53:44 -05:00
plog internal/plog: add KObj() and KRef() 2021-02-10 14:25:39 -05:00
registry certauthority.go: Refactor issuing client versus server certs 2021-03-12 16:09:37 -08:00
secret All controller unit tests should not cancel context until test is over 2021-03-04 17:26:01 -08:00
testutil Implement upstream LDAP support in auth_handler.go 2021-04-08 17:28:01 -07:00
upstreamldap Test the LDAP config by connecting to the server in the controller 2021-04-15 14:44:43 -07:00
upstreamoidc Upgrade to github.com/coreos/go-oidc v3.0.0. 2021-01-21 12:08:14 -06:00