Song.Jin
9b5bec1ddf
check if crd exist before try creating them
2018-11-04 11:43:28 +11:00
Song.Jin
d2daa4e2ac
allow it to disable CRD creation
2018-11-02 21:13:37 +11:00
Stephan Renatus
b9f6594bf0
*: github.com/coreos/dex -> github.com/dexidp/dex
...
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-09-05 17:57:08 +02:00
rithu leena john
42ef8fd802
Merge pull request #1072 from ericchiang/k8s-test
...
*: run kubernetes tests in travis
2017-10-31 10:34:26 -07:00
Eric Chiang
3d2d92b31b
*: run kubernetes tests in travis
2017-10-31 10:29:52 -07:00
Eric Chiang
0aabf2d1ea
Merge pull request #1085 from rphillips/fixes/http_client_timeout
...
add client request timeout
2017-09-27 13:28:13 -07:00
Ryan Phillips
0318cd99b0
add client request timeout and dialer deadline
2017-09-26 18:52:11 -05:00
Chance Zibolski
9d7b0b59bd
storage/kubernetes: Log before registering custom resources
...
Logging before attempting to make any connection to Kubernetes is useful when the connection hangs and dex is killed before it can log any errors.
2017-09-26 16:23:49 -07:00
rithu john
d2706fcab8
storage/kubernetes: Correct the OfflineSession object CRD definition
2017-09-19 14:58:42 -07:00
rithu john
1311caf864
storage/kubernetes: add CRD support
2017-09-14 11:48:17 -07:00
rithu john
146481375e
[WIP]: add CRD support
2017-09-13 10:57:54 -07:00
Eric Stroczynski
4a88d0641a
: update {S->s}irupsen/logrus
2017-07-25 13:46:44 -07:00
rithu john
bc55b86d0d
storage: add connector object to backend storage.
2017-03-28 14:12:38 -07:00
Eric Chiang
6cb38604d9
storage/kubernetes: log INFO level if TPR already exists, not ERROR
2017-03-15 10:30:10 -07:00
Eric Chiang
777eeafabc
*: update go-oidc and use standard library's context package
2017-03-08 10:33:19 -08:00
Eric Chiang
38c77e0f33
storage/kubernetes: enable HTTP/2 support
2017-02-28 12:42:06 -08:00
Eric Chiang
a7b8e52b92
storage/kubernetes: fix conflict error detection in TRP creation
...
PR #815 fixed the Kubernetes storage implementation by correctly
returning storage.ErrAlreadyExists on POST conflicts. This caused a
regression in TPR creation (#822 ) when some, but not all, of the
resources already existed. E.g. for users upgrading from old
versions of dex.
Fixes #822
2017-02-27 11:01:47 -08:00
Eric Chiang
1da2ae279c
storage/kubernetes: fix hash initialization bug
2017-02-24 12:55:04 -08:00
Eric Chiang
4be029c6c1
storage/kubernetes: fix kubernetes storage conformance test failures
2017-02-23 19:23:19 -08:00
rithu john
d928ac0677
storage: Add OfflineSession object to backend storage.
2017-02-09 19:01:28 -08:00
Eric Chiang
312ca7491e
storage: add extra fields to refresh token and update method
2017-01-11 12:07:48 -08:00
rithu john
2c03693972
storage: Add ConnectorData to storage RefreshToken.
2017-01-09 15:01:29 -08:00
rithu john
9949a1313c
server: modify error messages to use logrus.
2016-12-13 11:52:44 -08:00
rithu john
2e22a948cf
cmd/dex: add logging config and serve logger for different modules.
2016-12-12 15:56:50 -08:00
Eric Chiang
879e018f74
storage/kubernetes: remove unused method
2016-12-08 16:42:18 -08:00
rithu john
19c22807a7
api: adding ListPasswords() method to the storage interface.
2016-11-16 17:25:38 -08:00
Eric Chiang
aa7f304bc1
*: switch to github.com/ghodss/yaml for more consistent YAML parsing
...
ghodss/yaml converts from YAML to JSON before attempting to unmarshal.
This allows us to:
* Get the correct behavor when decoding base64'd []byte slices.
* Use *json.RawMessage.
* Not have to support extravagant YAML features.
* Let our structs use `json:` tags
2016-11-03 14:39:32 -07:00
Eric Chiang
c0aa63ac97
storage: update godocs
2016-10-28 13:00:13 -07:00
Eric Chiang
d7a75c5b5d
storage/kubernetes: allow arbitrary client IDs
...
Use a hash algorithm to match client IDs to Kubernetes object names.
Because cryptographic hash algorithms produce sums larger than a
Kubernetes name can fit, a non-cryptographic hash is used instead.
Hash collisions are checked and result in errors.
2016-10-27 16:37:58 -07:00
Eric Chiang
4ab78d0ded
storage/kubernetes: run transactional conformance tests
2016-10-26 13:30:45 -07:00
Eric Chiang
d350938fb0
Merge pull request #626 from ericchiang/storage-kubernetes-guess-namespace-from-service-account-token
...
storage/kubernetes: guess namespace from the service account token
2016-10-25 16:54:58 -07:00
Eric Chiang
101a2bc22a
Merge pull request #634 from rithujohn191/kubeconfig_context
...
storage/kubernetes: set CurrentContext when the Kubeconfig file contains only one context
2016-10-25 14:57:57 -07:00
Eric Chiang
e0b83af981
Merge pull request #629 from ericchiang/dev-storage-kubernetes-dont-print-error
...
storage/kubernetes: don't automatically print errors on bad HTTP status codes
2016-10-25 14:16:32 -07:00
rithu leena john
9de16f2c45
storage/kubernetes: set CurrentContext when the Kubeconfig file contains only one context
2016-10-25 11:59:34 -07:00
Eric Chiang
bc16de0b58
storage/kubernetes: don't guess the kubeconfig location and change test env
...
Using the default KUBECONFIG environment variable to indicate that
the Kubernetes tests should be run lead to cases where developers
accidentally ran the tests. This has now been changed to
"DEX_KUBECONFIG" and documentation hsa been added detailing how to
run these tests.
Additionally, no other storage reads environment variables for its
normal configuration (outside of tests) so the Kubernetes storage
no longer does.
Overall, be less surprising.
2016-10-23 20:53:29 -07:00
Eric Chiang
138ff96c00
storage/kubernetes: don't automatically print errors on bad HTTP status codes
...
These status codes spam the error logs for events like key rotation
and third party resource creation. In these cases "bad" status codes
are expected and shouldn't be automatically printed.
2016-10-23 07:42:42 -07:00
Eric Chiang
8c9c5160b6
storage/kubernetes: guess namespace from the service account token
...
The in cluster kubernetes client currently requires using the
downward API to determine its namespace. However this value can be
determine by inspecting the service account token mounted into the
pod. As a fallback, use this to guess the current namespace.
2016-10-21 23:35:17 -07:00
Eric Chiang
691476b477
storage/kubernetes: manage third party resources and drop support for 1.3
2016-10-13 17:41:52 -07:00
Eric Chiang
558059ee58
storage/kubernetes: add garbage collection method
2016-10-12 18:48:23 -07:00
Eric Chiang
7ff3ce85a2
*: add password resource to kubernetes storage implementation
2016-10-05 17:26:41 -07:00
Eric Chiang
63f56b4269
storage: hook up conformance tests for SQL
2016-10-03 12:48:25 -07:00
Eric Chiang
e2bf8ceb63
storage: rename "storagetest" package to "conformance"
2016-10-03 12:48:25 -07:00
Eric Chiang
82a55cf785
{server,storage}: add LoggedIn flag to AuthRequest and improve storage docs
...
Currently, whether or not a user has authenticated themselves through
a connector is indicated by a pointer being nil or non-nil. Instead
add an explicit flag that marks this.
2016-09-30 22:40:04 -07:00
Eric Chiang
bfe560ee21
rename
2016-08-10 22:31:42 -07:00
Eric Chiang
3110f45c3d
*: lots of renaming
2016-08-02 21:57:36 -07:00
Eric Chiang
f4c5722e42
*: connectors use a different identity object than storage
2016-08-02 21:20:18 -07:00
Eric Chiang
820b460583
storage/kubernetes: garbage collect expired objects
2016-08-01 22:53:12 -07:00
Eric Chiang
94e26782b4
*: add gRPC server for interacting with storages
2016-07-31 23:25:06 -07:00
Eric Chiang
cab271f304
initial commit
2016-07-26 15:51:24 -07:00