github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
ce52227b684e88ae849f7a7390bf419c7ad5d84d
kubernetes/hack
History
Kubernetes Submit Queue cdbc4fbe20 Merge pull request #58544 from ericchiang/oidc-v2 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

oidc authentication: switch to v2 of coreos/go-oidc

Switch to v2 of [coreos/go-oidc](https://github.com/coreos/go-oidc), which uses square/go-jose to verify tokens and supports more signing algorithms.

Most of this PR removes dependencies used by the older version of github.com/coreos/go-oidc, and updates vendor files.

This PR has been tested against tokens issued by Okta, Google, and CoreOS's dex.

Closes https://github.com/kubernetes/kubernetes/issues/57806

```release-note
kube-apiserver: the OpenID Connect authenticator can now verify ID Tokens signed with JOSE algorithms other than RS256 through the --oidc-signing-algs flag.
kube-apiserver: the OpenID Connect authenticator no longer accepts tokens from the Google v3 token APIs, users must switch to the "https://www.googleapis.com/oauth2/v4/token" endpoint.
```

cc @rithujohn191 @liggitt 
cc @kubernetes/sig-auth-pr-reviews
2018-02-21 09:07:23 -08:00
..
boilerplate
Update boilerplate for 2018
2018-01-01 22:57:59 -08:00
cmd/teststale
Autogenerated: hack/update-bazel.sh
2018-02-16 13:43:01 -08:00
e2e-internal
Remove all traces of federation
2017-10-26 13:37:37 -07:00
gen-swagger-doc
Switch to k8s.gcr.io vanity domain
2018-02-07 21:14:19 -08:00
jenkins
Save benchmark data in perfdash-friendly format.
2018-02-14 14:22:18 +01:00
lib
gke-certificates-controller: rm -rf
2018-02-15 12:01:00 -08:00
make-rules
Merge pull request #59486 from soltysh/integration_fixes
2018-02-20 08:16:42 -08:00
testdata
update -o name format to kind.group/name
2018-02-15 10:33:06 -05:00
verify-flags
Add multi-vc configuration for e2e tests
2018-01-18 15:29:27 -08:00
.golint_failures
Merge pull request #58544 from ericchiang/oidc-v2
2018-02-21 09:07:23 -08:00
autogenerated_placeholder.txt
benchmark-go.sh
BUILD
Autogenerated: hack/update-bazel.sh
2018-02-16 13:43:01 -08:00
build-cross.sh
build-go.sh
build-ui.sh
cherry_pick_pull.sh
Add parent PR title to cherry-picked PR title
2017-11-25 13:36:13 +08:00
dev-build-and-push.sh
dev-build-and-up.sh
dev-push-hyperkube.sh
e2e_test.go
Fix e2e_test.go
2017-07-05 14:24:25 -07:00
e2e-node-test.sh
Fix typo in e2e-node-test.sh
2017-09-19 18:10:21 +05:30
e2e.go
Add signal handler for catching Ctrl-C on hack/e2e
2017-08-23 16:05:46 -07:00
generate-bindata.sh
cluster: move logging library to hack/
2018-01-13 16:37:50 -08:00
generate-docs.sh
Remove all traces of federation
2017-10-26 13:37:37 -07:00
get-build.sh
ginkgo-e2e.sh
cluster: remove unused functions
2018-02-01 07:23:50 -08:00
godep-restore.sh
Remove unneeded code
2018-01-30 09:29:51 -08:00
godep-save.sh
Enforce OWNERS file in Godeps and vendor dirs
2018-02-15 13:30:30 -08:00
grab-profiles.sh
hack/grab-profiles.sh: fix typos in error strings and variables.
2018-02-13 12:58:23 +02:00
import-restrictions.yaml
Expose single annotation/label via downward API
2017-11-21 19:21:10 -08:00
install-etcd.sh
list-feature-tests.sh
Fix list-features script
2017-08-27 22:20:04 -04:00
local-up-cluster.sh
Move ipvs module loading logic
2018-02-16 11:43:02 -08:00
lookup_pull.py
update url information to prevent http 304 redirection
2017-05-25 14:05:02 +08:00
OWNERS
Add liggitt to hack approvers
2018-01-18 20:50:18 -05:00
print-workspace-status.sh
bazel: support using SOURCE_DATE_EPOCH to override date
2018-02-08 21:12:03 -08:00
run-in-gopath.sh
test-cmd.sh
test-go.sh
test-integration.sh
Remove unnecessary wrapper flags
2017-06-07 12:31:01 -04:00
test-update-storage-objects.sh
add kube-root for file directory
2018-02-05 17:54:17 +08:00
update_owners.py
Remove myself from a bunch of places
2017-07-20 12:10:46 +02:00
update-all.sh
Force use of Makefile for update
2018-01-22 15:11:16 -08:00
update-api-reference-docs.sh
update-bazel.sh
Update bazelbuild/rules_go, kubernetes/repo-infra, and gazelle dependencies
2018-02-16 13:41:43 -08:00
update-cloudprovider-gce.sh
Fix lint and bazel
2018-01-09 23:09:08 -08:00
update-codegen.sh
Partial revert of fb5caac2da
2018-02-14 11:31:51 -08:00
update-generated-device-plugin-dockerized.sh
Create pkg/kubelet/apis/deviceplugin/v1beta1 directory.
2018-02-08 17:04:43 -08:00
update-generated-device-plugin.sh
Added script to generate the Device Plugin API
2017-08-15 14:59:42 -07:00
update-generated-docs.sh
Remove all traces of federation
2017-10-26 13:37:37 -07:00
update-generated-kms-dockerized.sh
Add verify script for kms generated file
2018-02-08 01:29:56 +00:00
update-generated-kms.sh
Add generated script for kms api pb file
2018-02-08 01:00:38 +00:00
update-generated-protobuf-dockerized.sh
add --go-header-file to use kube boilerplate
2018-02-13 12:34:54 +05:30
update-generated-protobuf.sh
update-generated-runtime-dockerized.sh
Increment CRI version from v1alpha1 to v1alpha2
2018-02-07 09:06:26 +01:00
update-generated-runtime.sh
update-generated-swagger-docs.sh
Promote v1alpha1 meta to v1beta1
2018-02-02 14:00:45 -05:00
update-godep-licenses.sh
hack: fix godep license parsing for gopkg.in packages
2017-11-22 09:38:17 -08:00
update-gofmt.sh
update-openapi-spec.sh
update-staging-godeps-dockerized.sh
Clean up godep scripts to be self-contained
2017-09-29 15:16:03 -07:00
update-staging-godeps.sh
Dockerize update-staging-godeps
2017-07-25 12:26:57 -07:00
update-swagger-spec.sh
Merge pull request #58303 from php-coder/fix_verify-swagger-spec_sript
2018-01-17 02:43:58 -08:00
update-translations.sh
verify-all.sh
verify-api-groups.sh
Fixup after k8s.io/{kube-gen -> code-generator} rename
2017-08-17 17:55:12 +02:00
verify-api-reference-docs.sh
Ignore OWNERS files in hack/verify-api-reference-docs.sh
2017-10-18 11:15:08 -07:00
verify-bazel.sh
Route verify-bazel output to stderr
2018-02-07 21:39:38 -08:00
verify-boilerplate.sh
Route verify-boilerplate output to stderr
2018-02-07 21:41:31 -08:00
verify-cli-conventions.sh
More cli sanity verifications
2017-05-18 15:44:49 -03:00
verify-cloudprovider-gce.sh
Fix lint and bazel
2018-01-09 23:09:08 -08:00
verify-codegen.sh
Add sample CustomResourceDefinition controller
2017-10-19 00:21:57 +01:00
verify-description.sh
pkg/apis/core: fixup package names
2017-11-09 12:14:07 +01:00
verify-flags-underscore.py
some small fix in verify-flags-underscore
2017-08-14 14:55:42 +08:00
verify-generated-device-plugin.sh
Create pkg/kubelet/apis/deviceplugin/v1beta1 directory.
2018-02-08 17:04:43 -08:00
verify-generated-docs.sh
Remove all traces of federation
2017-10-26 13:37:37 -07:00
verify-generated-files-remake.sh
Add debugging to the codegen process
2017-08-25 14:08:42 -07:00
verify-generated-kms.sh
Add verify script for kms generated file
2018-02-08 01:29:56 +00:00
verify-generated-protobuf.sh
Treat staging repos as authoritative for all files
2018-01-09 15:18:27 -08:00
verify-generated-runtime.sh
Increment CRI version from v1alpha1 to v1alpha2
2018-02-07 09:06:26 +01:00
verify-generated-swagger-docs.sh
Ignore .import-restrictions when checking against generated docs
2017-10-13 07:09:38 -04:00
verify-godep-licenses.sh
Route verify-godep-licenses output to stderr
2018-02-07 21:45:02 -08:00
verify-godeps.sh
Enforce OWNERS file in Godeps and vendor dirs
2018-02-15 13:30:30 -08:00
verify-gofmt.sh
Route verify-gofmt output to stderr
2018-02-07 21:39:49 -08:00
verify-golint.sh
Invert .linted_packages into .golint_failures.
2017-07-17 14:37:40 -07:00
verify-govet.sh
Run hack/verify-govet.sh as part of verify make target
2017-06-21 11:10:25 -07:00
verify-import-boss.sh
Fixup after k8s.io/{kube-gen -> code-generator} rename
2017-08-17 17:55:12 +02:00
verify-imports.sh
import-verifier: use yaml for inline comments
2017-10-25 16:53:26 +02:00
verify-linkcheck.sh
verify-no-vendor-cycles.sh
Bugfix: verify-no-vendor-cycles.sh detects wrong cycles
2017-08-01 21:09:53 -07:00
verify-openapi-spec.sh
Pipe error message from openapi/swaggerspec verify checks to stderr
2018-02-14 10:31:33 -08:00
verify-pkg-names.sh
remove reference to v1alpha1
2017-11-21 13:00:40 -08:00
verify-readonly-packages.sh
verify-staging-godeps.sh
Add in godeps verification for hack/lib/ and build/
2018-01-26 13:29:35 -08:00
verify-swagger-spec.sh
Pipe error message from openapi/swaggerspec verify checks to stderr
2018-02-14 10:31:33 -08:00
verify-symbols.sh
verify-test-images.sh
verify-test-owners.sh