profile
viewpoint
Henry Jenkins steakunderscore @thought-machine London, UK http://henryjenkins.name

oauth2-proxy/oauth2-proxy 2157

A reverse proxy that provides authentication with Google, Github or other providers.

railsbridge-montreal/railsbridge-montreal-website 5

RailsBridge Montreal's website

steakunderscore/eagle-cad-libraries 5

This is a dump of Element14's Eagle CAD libraries. Kept in a git repo for ease. https://www.element14.com/community/community/cadsoft_eagle/eagle_cad_libraries

steakunderscore/cake-day-register 2

Cake Day Register

Geeze-Louise/lowfodnocod.kiwi 1

Low FODMAP blog - New Zealand

steakunderscore/AVRJukebox 1

A Jukebox based on the ENEL353 Assignment at University of Canterbury, New Zealand

steakunderscore/Bandwidth-Monitoring 1

A program that interagates an external host's iptables and records the data sent and recived by each ip. Writen in python

steakunderscore/COSC418-Assignment 1

Implementing load balancing in CTP for TinyOS using nesC

fork steakunderscore/autoscaler

Autoscaling components for Kubernetes

fork in 14 days

issue openedinstrumenta/kubeval

Remove dependence on archived library fatih/color

Kubeval makes use of fatih/color. This project is now archived and is not maintained.

Kubeval should look to replace it with a supported library or drop support of writing colors.

created time in 18 days

starteddafthack/CloudPentestCheatsheets

started time in 2 months

startedtasks/tasks

started time in 2 months

startedwercker/stern

started time in 2 months

delete branch oauth2-proxy/oauth2-proxy

delete branch : fallback-to-userinfo

delete time in 2 months

push eventoauth2-proxy/oauth2-proxy

Joel Speed

commit sha 160bbaf98e603fc4dfa18b19e39eccb05b0ad416

Fallback to UserInfo is User ID claim not present (#560) Co-authored-by: Henry Jenkins <henry@henryjenkins.name>

view details

push time in 2 months

PR merged oauth2-proxy/oauth2-proxy

Fallback to UserInfo if User ID claim not present bug

<!--- Provide a general summary of your changes in the Title above -->

Description

<!--- Describe your changes in detail --> Previously, we would look for the email in the ID token and then fall back to checking the userinfo endpoint if it wasn't present. This behaviour was changed in #499. This PR restores that behaviour but allows the fallback for any user ID claim.

Fixes #558

Motivation and Context

<!--- Why is this change required? What problem does it solve? --> <!--- If it fixes an open issue, please link to the issue here. --> Fix behaviour that was broken in #499

How Has This Been Tested?

<!--- Please describe in detail how you tested your changes. --> <!--- Include details of your testing environment, and the tests you ran to --> <!--- see how your change affects other areas of the code, etc. --> None yet

Checklist:

<!--- Go over all the following points, and put an x in all the boxes that apply. --> <!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->

  • [x] My change requires a change to the documentation or CHANGELOG.
  • [x] I have updated the documentation/CHANGELOG accordingly.
  • [x] I have created a feature (non-master) branch for my PR.
+10 -10

3 comments

2 changed files

JoelSpeed

pr closed time in 2 months

issue closedoauth2-proxy/oauth2-proxy

Fetching User ID claim fails if claim not present in ID Token

I have built the latest master branch, a configuration that used to work perfectly with the stable version v5.1.1.

is not working anymore with the current master branch code, now it is checking for email field, and failing my previous working configuration, any idea on how to workaround this ?.

[2020/05/15 20:02:10] [oauthproxy.go:890] Error retrieving session from token in Authorization header: couldn't extract claims from id_token (&{%!e(string=claims did not contains the required user-id-claim 'email')}) [2020/05/15 20:02:10] [oauthproxy.go:901] Error loading cookied session: cookie "_oauth2_proxy" not present

Thank you.

closed time in 2 months

rveve

push eventoauth2-proxy/oauth2-proxy

Yoshiki Nakagawa

commit sha d8d43bb51b7cc5c29966f43324a10fe286274629

Support new option "github-user" (#421) * feat(github): support new option "github-user" * feat(github): rename github-user to github-users * feat(github): update docs for github-users option * feat(github): remove unneeded code * feat(github): remove logging * feat(github-user): use github-user as flagset options * feat(github-user): remove optionns.go * feat(github-user): add github-user flagset * feat(github): improve readability in the docs * feat(github-user): refactored SetUsers method * Update flag description Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>

view details

Scott Guymer

commit sha 3aeca4368c3c9f4d1f02af8c662c39c679a7fc96

ACR values should not be automatically added when blank (#598) * ACR values should not be automatically added when blank * Added changelog

view details

Henry Jenkins

commit sha b98e31ddba51912a71a3f149519e003ce86fd3fd

Merge branch 'master' into fallback-to-userinfo

view details

push time in 2 months

pull request commenthelm/charts

[stable/oauth2-proxy] Update to new repo and upstream release

Just noticed this is a duplicate diff of #22309. Perhaps this PR should be closed?

steakunderscore

comment created time in 2 months

pull request commenthelm/charts

[stable/oauth2-proxy] Update to new repo and upstream release

@abdennour Can you test this for us?

steakunderscore

comment created time in 2 months

startedkubernetes-sigs/secrets-store-csi-driver

started time in 2 months

startedEHfive/pulseaudio-modules-bt

started time in 2 months

pull request commentoauth2-proxy/oauth2-proxy

Fallback to UserInfo if User ID claim not present

@rveve how did you go with testing this?

JoelSpeed

comment created time in 2 months

push eventoauth2-proxy/oauth2-proxy

dependabot[bot]

commit sha d1bab0e22edc202f21004a86a93ff1e95f213b84

Bump activesupport from 6.0.2.1 to 6.0.3.1 in /docs Bumps [activesupport](https://github.com/rails/rails) from 6.0.2.1 to 6.0.3.1. - [Release notes](https://github.com/rails/rails/releases) - [Changelog](https://github.com/rails/rails/blob/v6.0.3.1/activesupport/CHANGELOG.md) - [Commits](https://github.com/rails/rails/compare/v6.0.2.1...v6.0.3.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

Joel Speed

commit sha 11c8a983c89d9dc6f5d606f3187bd8a8b82ffe89

Merge pull request #582 from oauth2-proxy/dependabot/bundler/docs/activesupport-6.0.3.1 Bump activesupport from 6.0.2.1 to 6.0.3.1 in /docs

view details

Amnay

commit sha 6a88da7f7a7fe3a17785b2074536eb8cef91effa

Parse Redis cluster and sentinel urls (#573) * Parse Redis cluster and sentinel urls * Add changelog entry for #573 * Add unit tests for redis session store * Use %v for error fmt Co-authored-by: Amnay Mokhtari <amnay.mokhtari@adevinta.com> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>

view details

Joel Speed

commit sha f7b28cb1d362f54d13379136c37f0edc1303a1b0

Improvements to Session State code (#536) * Drop SessionStateJSON wrapper * Use EncrpytInto/DecryptInto to reduce sessionstate Co-authored-by: Henry Jenkins <henry@henryjenkins.name>

view details

Henry Jenkins

commit sha 6755c1913c2bd27392758702598fd2e9187702c0

Merge branch 'master' into move-logging-options

view details

push time in 2 months

delete branch oauth2-proxy/oauth2-proxy

delete branch : session-state-improvements

delete time in 2 months

push eventoauth2-proxy/oauth2-proxy

Joel Speed

commit sha f7b28cb1d362f54d13379136c37f0edc1303a1b0

Improvements to Session State code (#536) * Drop SessionStateJSON wrapper * Use EncrpytInto/DecryptInto to reduce sessionstate Co-authored-by: Henry Jenkins <henry@henryjenkins.name>

view details

push time in 2 months

PR merged oauth2-proxy/oauth2-proxy

Improvements to Session State code refactor

<!--- Provide a general summary of your changes in the Title above -->

Description

<!--- Describe your changes in detail --> This is a follow on to #535 that refactors some of the session state code to try and make it easier to manage

Motivation and Context

<!--- Why is this change required? What problem does it solve? --> <!--- If it fixes an open issue, please link to the issue here. --> Improve maintainability of the project

How Has This Been Tested?

<!--- Please describe in detail how you tested your changes. --> <!--- Include details of your testing environment, and the tests you ran to --> <!--- see how your change affects other areas of the code, etc. --> Unit tests only

Checklist:

<!--- Go over all the following points, and put an x in all the boxes that apply. --> <!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->

  • [x] My change requires a change to the documentation or CHANGELOG.
  • [x] I have updated the documentation/CHANGELOG accordingly.
  • [x] I have created a feature (non-master) branch for my PR.
+185 -164

1 comment

17 changed files

JoelSpeed

pr closed time in 2 months

startedemersion/mako

started time in 2 months

push eventoauth2-proxy/oauth2-proxy

dependabot[bot]

commit sha d1bab0e22edc202f21004a86a93ff1e95f213b84

Bump activesupport from 6.0.2.1 to 6.0.3.1 in /docs Bumps [activesupport](https://github.com/rails/rails) from 6.0.2.1 to 6.0.3.1. - [Release notes](https://github.com/rails/rails/releases) - [Changelog](https://github.com/rails/rails/blob/v6.0.3.1/activesupport/CHANGELOG.md) - [Commits](https://github.com/rails/rails/compare/v6.0.2.1...v6.0.3.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

Joel Speed

commit sha 11c8a983c89d9dc6f5d606f3187bd8a8b82ffe89

Merge pull request #582 from oauth2-proxy/dependabot/bundler/docs/activesupport-6.0.3.1 Bump activesupport from 6.0.2.1 to 6.0.3.1 in /docs

view details

Amnay

commit sha 6a88da7f7a7fe3a17785b2074536eb8cef91effa

Parse Redis cluster and sentinel urls (#573) * Parse Redis cluster and sentinel urls * Add changelog entry for #573 * Add unit tests for redis session store * Use %v for error fmt Co-authored-by: Amnay Mokhtari <amnay.mokhtari@adevinta.com> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>

view details

Henry Jenkins

commit sha 494e1c627ac382430e0bbd99a02d672a94b3287c

Merge branch 'master' into session-state-improvements

view details

push time in 2 months

Pull request review commentthought-machine/dracon

Basic auth support for elasticsearch consumer

 import ( )  var (-	esURL   string-	esIndex string+	esURL             string+	esIndex           string+	basicAuthUsername string+	basicAuthPassword string

nit: could use the shorter names of basicAuthUser and basicAuthPass

northdpole

comment created time in 2 months

Pull request review commentthought-machine/dracon

Basic auth support for elasticsearch consumer

+package main++import (+	v1 "api/proto/v1"

redundant import renaming

northdpole

comment created time in 2 months

Pull request review commentthought-machine/dracon

Basic auth support for elasticsearch consumer

 func getESClient() error { func esPush(b []byte) error { 	var err error 	var res interface{}+	// fmt.Printf("Sending: %s \n", b)

Remove debug lines

northdpole

comment created time in 2 months

Pull request review commentthought-machine/dracon

Basic auth support for elasticsearch consumer

 type esDocument struct { var esClient interface{}  func getESClient() error {-	es, err := elasticsearchv7.NewDefaultClient()+	var es *elasticsearchv7.Client+	var err error = nil+	if len(basicAuthUsername) > 0 && len(basicAuthPassword) > 0 {

len(basicAuthUsername) > 0 should be basicAuthUsername != "" Same for password

northdpole

comment created time in 2 months

Pull request review commentthought-machine/dracon

Basic auth support for elasticsearch consumer

 func main() { 	}  	if err := getESClient(); err != nil {-		log.Fatal(err)+		log.Fatal("Could not contact remote Elasticsearch, error is: ", err)

Can we make these error messages consistent, they should:

  • start with lower case
  • not include error is

So this line should be:

log.Fatal("could not contact Elasticsearch: ", err) 
northdpole

comment created time in 2 months

delete branch thought-machine/dracon

delete branch : pleasings

delete time in 2 months

push eventthought-machine/dracon

Spyros

commit sha 9c9496a7f7022fbca5d65161169338d490db3da3

Fix build issues by adding pleasings as a git_subrepo (#30)

view details

push time in 2 months

pull request commentthought-machine/dracon

fix build issues by adding pleasings as a git_subrepo

What is causing the issue? This diff goes against the docs: https://please.build/pleasings.html

northdpole

comment created time in 2 months

Pull request review commentoauth2-proxy/oauth2-proxy

Move provider URLs to package level vars

 func testAzureProvider(hostname string) *AzureProvider { 	return p } -func TestAzureProviderDefaults(t *testing.T) {-	p := testAzureProvider("")-	assert.NotEqual(t, nil, p)-	p.Configure("")-	assert.Equal(t, "Azure", p.Data().ProviderName)-	assert.Equal(t, "common", p.Tenant)-	assert.Equal(t, "https://login.microsoftonline.com/common/oauth2/authorize",-		p.Data().LoginURL.String())-	assert.Equal(t, "https://login.microsoftonline.com/common/oauth2/token",-		p.Data().RedeemURL.String())-	assert.Equal(t, "https://graph.microsoft.com/v1.0/me",-		p.Data().ProfileURL.String())-	assert.Equal(t, "https://graph.microsoft.com",-		p.Data().ProtectedResource.String())-	assert.Equal(t, "",-		p.Data().ValidateURL.String())-	assert.Equal(t, "openid", p.Data().Scope)+func TestNewAzureProvider(t *testing.T) {+	g := NewWithT(t)++	// Test that defaults are set when calling for a new provider with nothing set+	providerData := NewAzureProvider(&ProviderData{}).Data()+	g.Expect(providerData.ProviderName).To(Equal(azureProviderName))

Not sure what this test is achieving. The old test actually tested that name was accurate, so made sense. I would stick to:

 	g.Expect(providerData.ProviderName).To(Equal("Azure")) 
JoelSpeed

comment created time in 2 months

Pull request review commentoauth2-proxy/oauth2-proxy

Move provider URLs to package level vars

 func (p *ProviderData) GetClientSecret() (clientSecret string, err error) { 	} 	return string(fileClientSecret), nil }++func (p *ProviderData) setProviderDefaults(name string, defaultLoginURL, defaultRedeemURL, defaultProfileURL, defaultValidateURL *url.URL, defaultScope string) {+	p.ProviderName = name+	setURLDefault(&p.LoginURL, defaultLoginURL)+	setURLDefault(&p.RedeemURL, defaultRedeemURL)+	setURLDefault(&p.ProfileURL, defaultProfileURL)+	setURLDefault(&p.ValidateURL, defaultValidateURL)++	if p.Scope == "" {+		p.Scope = defaultScope+	}+}++// setURLDefault will set the url to the default given if it is empty or nil.+// If the provided default is nil, it will populate it with an empty URL to make sure it is not nil.

This seems a bit awkward. Would the double pointer be better solved by allowing us to assume they are setup correctly in a func NewProviderData() *ProviderData function? Also not really sure why these are pointers to start with.

JoelSpeed

comment created time in 2 months

Pull request review commentoauth2-proxy/oauth2-proxy

Move provider URLs to package level vars

 func testAzureProvider(hostname string) *AzureProvider { 	return p } -func TestAzureProviderDefaults(t *testing.T) {-	p := testAzureProvider("")-	assert.NotEqual(t, nil, p)-	p.Configure("")-	assert.Equal(t, "Azure", p.Data().ProviderName)-	assert.Equal(t, "common", p.Tenant)-	assert.Equal(t, "https://login.microsoftonline.com/common/oauth2/authorize",-		p.Data().LoginURL.String())-	assert.Equal(t, "https://login.microsoftonline.com/common/oauth2/token",-		p.Data().RedeemURL.String())-	assert.Equal(t, "https://graph.microsoft.com/v1.0/me",-		p.Data().ProfileURL.String())-	assert.Equal(t, "https://graph.microsoft.com",-		p.Data().ProtectedResource.String())-	assert.Equal(t, "",-		p.Data().ValidateURL.String())-	assert.Equal(t, "openid", p.Data().Scope)+func TestNewAzureProvider(t *testing.T) {+	g := NewWithT(t)++	// Test that defaults are set when calling for a new provider with nothing set+	providerData := NewAzureProvider(&ProviderData{}).Data()+	g.Expect(providerData.ProviderName).To(Equal(azureProviderName))+	g.Expect(providerData.LoginURL.String()).To(Equal("https://login.microsoftonline.com/common/oauth2/authorize"))+	g.Expect(providerData.RedeemURL.String()).To(Equal("https://login.microsoftonline.com/common/oauth2/token"))+	g.Expect(providerData.ProfileURL.String()).To(Equal("https://graph.microsoft.com/v1.0/me"))+	g.Expect(providerData.ValidateURL.String()).To(Equal(""))+	g.Expect(providerData.Scope).To(Equal(azureDefaultScope))

Same with this test, it no longer tests anything much.

JoelSpeed

comment created time in 2 months

push eventamnay-mo/oauth2-proxy

Joel Speed

commit sha 810a9e9967e23dfe3ec81000fcb268026d188e5b

Rename cookie-domain config to cookie-domains (#559) Co-authored-by: Henry Jenkins <henry@henryjenkins.name>

view details

Henry Jenkins

commit sha f77a84d7d019f9283fcc2695116ca2b682f11f8d

Merge branch 'master' into fix-redis-url-parsing

view details

push time in 2 months

Pull request review commentoauth2-proxy/oauth2-proxy

Move logging options out of main package

+package options++import (+	"github.com/oauth2-proxy/oauth2-proxy/pkg/logger"+	"github.com/spf13/pflag"+)++// LoggingOptions contains all options required for configuring the logging+type LoggingOptions struct {

Yep, that sounds like a good plan.

JoelSpeed

comment created time in 2 months

push eventoauth2-proxy/oauth2-proxy

Isabelle COWAN-BERGMAN

commit sha fc11d8d508e30ae3ef024ce0fb82142f604463d0

Updated autocompletion for `--` long options. (#569) * Updated autocompletion for `--` long options. * Added CHANGELOG.md entry.

view details

Henry Jenkins

commit sha b781ac56084af0173004f71c104fe04574a6e75d

Merge branch 'master' into cookie-domains

view details

push time in 2 months

Pull request review commentoauth2-proxy/oauth2-proxy

Rename cookie-domain config to cookie-domains

     reporting an invalid length of 20 or 28 when the user input cookie-secret was not that length.   - Now we will only base64 decode a cookie-secret to raw bytes if it is 16, 24, or 32 bytes long. Otherwise, we will convert     the direct cookie-secret to bytes without silent padding added.+- [#412](https://github.com/oauth2-proxy/oauth2-proxy/pull/412)/[#559](https://github.com/oauth2-proxy/oauth2-proxy/pull/559) Allow multiple cookie domains to be specified

Yes, never mind. You're right, this should be here.

JoelSpeed

comment created time in 2 months

pull request commentoauth2-proxy/oauth2-proxy

Rename cookie-domain config to cookie-domains

@edahlseng ping, just so you know this change is going through.

JoelSpeed

comment created time in 2 months

Pull request review commentoauth2-proxy/oauth2-proxy

Rename cookie-domain config to cookie-domains

     reporting an invalid length of 20 or 28 when the user input cookie-secret was not that length.   - Now we will only base64 decode a cookie-secret to raw bytes if it is 16, 24, or 32 bytes long. Otherwise, we will convert     the direct cookie-secret to bytes without silent padding added.+- [#412](https://github.com/oauth2-proxy/oauth2-proxy/pull/412)/[#559](https://github.com/oauth2-proxy/oauth2-proxy/pull/559) Allow multiple cookie domains to be specified

I'm not sure if this should be in the breaking changes since this feature hasn't been release yet. Just in the interest in keeping the breaking changes list as high signal to noise. But not strongly opinionated, so up to you..

JoelSpeed

comment created time in 2 months

delete branch oauth2-proxy/oauth2-proxy

delete branch : update-changelog

delete time in 2 months

push eventoauth2-proxy/oauth2-proxy

Joel Speed

commit sha a0085e9015de6b841c9589340eb24ad5921c1153

Add changelog entry for 489 (#572)

view details

push time in 2 months

PR merged oauth2-proxy/oauth2-proxy

Add changelog entry for 489

<!--- Provide a general summary of your changes in the Title above -->

Description

Update changelog

Motivation and Context

<!--- Why is this change required? What problem does it solve? --> <!--- If it fixes an open issue, please link to the issue here. --> Forgot to do it in the PR

How Has This Been Tested?

<!--- Please describe in detail how you tested your changes. --> <!--- Include details of your testing environment, and the tests you ran to --> <!--- see how your change affects other areas of the code, etc. --> N/A

Checklist:

<!--- Go over all the following points, and put an x in all the boxes that apply. --> <!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->

  • [x] My change requires a change to the documentation or CHANGELOG.
  • [x] I have updated the documentation/CHANGELOG accordingly.
  • [x] I have created a feature (non-master) branch for my PR.
+2 -0

0 comment

1 changed file

JoelSpeed

pr closed time in 2 months

Pull request review commentoauth2-proxy/oauth2-proxy

Move logging options out of main package

     the direct cookie-secret to bytes without silent padding added.  ## Changes since v5.1.1++- [#548](https://github.com/oauth2-proxy/oauth2-proxy/pull/548) Move logging options out of main package (@JoelSpeed)

This isn't quite correct. Shouldn't it be "Splitting logging options from global options structure"

JoelSpeed

comment created time in 2 months

Pull request review commentoauth2-proxy/oauth2-proxy

Move logging options out of main package

+package options++import (+	"github.com/oauth2-proxy/oauth2-proxy/pkg/logger"+	"github.com/spf13/pflag"+)++// LoggingOptions contains all options required for configuring the logging+type LoggingOptions struct {

Since this is in the options package, should this be named just Logging? Then it'll get refereed to as options.Logging. Currently it would stutter with options.LoggingOptions. But also this is consistent with SessionOptions and CookieOptions, so maybe it's better to leave it and be consistent for now :shrug:

JoelSpeed

comment created time in 2 months

pull request commentoauth2-proxy/oauth2-proxy

Move Options and Validation to packages

We moved some of the options (Cookie, Session) to this package a while ago. My motivation was that ideally, there should just be structure and interface definitions and very minimal code in this. I'm not sure that's entirely working out. But basically the logic was that structures that are public facing (the Session API, the configuraiton) should be considered APIs so end up in the apis folder.

If you have suggestions for moving either of these to a better location, totally happy to do so. As I say, not entirely sure this is correct correct, but I want to make some progress on refactoring the configuration and this is a big prerequisite to that. We may decide to rename/move things later, and that's fine

I think I'm probably a bit more traditional and tend to only keep things like protobufs in pkg/api folders. I think I would have put these packages straight in pkg/. But none the less, I'm happy to see this stuff being cleaned up, so happy with having what is merged.

JoelSpeed

comment created time in 2 months

Pull request review commentoauth2-proxy/oauth2-proxy

Improvements to Session State code

 func newRedisCmdable(opts options.RedisStoreOptions) (Client, error) { // Save takes a sessions.SessionState and stores the information from it // to redies, and adds a new ticket cookie on the HTTP response writer

It'd be nice to get some tests written for this code, but I don't think it should block this change.

JoelSpeed

comment created time in 2 months

Pull request review commentoauth2-proxy/oauth2-proxy

Move Options and Validation to packages

 import ( 	"strings" 	"time" +	"github.com/oauth2-proxy/oauth2-proxy/pkg/apis/options" 	"github.com/oauth2-proxy/oauth2-proxy/pkg/logger" )  // Server represents an HTTP server type Server struct { 	Handler http.Handler-	Opts    *Options+	Opts    *options.Options

options.Options is correct to me. I agree that stutter should be avoided, using Options is clearer than any alternative I can think of.

JoelSpeed

comment created time in 2 months

push eventsteakunderscore/charts

Henry Jenkins

commit sha e2aacbac6ab03c9485d1b598047076ebb65aaa3b

Update to new oauth2-proxy repo and tag - oauth2-proxy has it's own github org and with that a new quay container image repo - v5.1.1 has been released fixing a security issue. Signed-off-by: Henry Jenkins <henry@henryjenkins.name>

view details

Henry Jenkins

commit sha 86d53c6f7e4aa302cffb1645e4073d7fd046d0f5

Revert to using oauth2_proxy.cfg Signed-off-by: Henry Jenkins <henry@henryjenkins.name>

view details

Henry Jenkins

commit sha b98782f485331f064c517e546e0b8b31c7793a13

Bump version Signed-off-by: Henry Jenkins <henry@henryjenkins.name>

view details

push time in 2 months

push eventsteakunderscore/charts

Tuan Anh Nguyen

commit sha 196ce2fa73bd25ec2929be818cc71a0250dd4ec8

fix default non-ha state for alert-manager statefulset (#22350) Signed-off-by: Tuan Anh Nguyen <tuananh.nguyen-ext@commercetools.de>

view details

Erik Lund Jensen

commit sha 08f8e76680dd2aec41f92260791181a0d0dbce07

[Sealed secrets/optional] runAs and fsGroup have to be optional (#22369) * #22367 stable/sealed-secrets RunAs in securityContext must be optional (OpenShift related) Only set runAsUser and fsGroup if set. Thereby it is possible to clear those values and deploy at OpenShift without any extra SCC changes. Signed-off-by: Erik Lund Jensen <info@erikjensen.it> * #22367 stable/sealed-secrets RunAs in securityContext must be optional fixes #22367 Signed-off-by: Erik Lund Jensen <info@erikjensen.it> * Bump chart version fixes #22369 Signed-off-by: Erik Lund Jensen <info@erikjensen.it> * Using fsGroup value from supplied values fixes #22369 Signed-off-by: Erik Lund Jensen <info@erikjensen.it>

view details

Luke Channings

commit sha f8b609e6809d3708633320606bb18e6e4b4c8691

[stable/home-assistant]: ServiceMonitor bearerTokenSecret requires a SecretKeySelector (#22362) * ServiceMonitor bearerTokenSecret requires a map Prometheus ServiceMonitor Endpoint's `bearerTokenSecret` needs to be a [`SecretKeySelector`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#secretkeyselector-v1-core) not a string. Ref: [Endpoint](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint) Signed-off-by: Luke Channings <luke@channings.me> * Fix version Signed-off-by: Luke Channings <luke@channings.me>

view details

Lénaïc Huard

commit sha be326f47c92856a109358fb19337a33a326d6ed0

[stable/datadog] Update the example for `datadog.securityContext` (#22379) Signed-off-by: Lénaïc Huard <lenaic.huard@datadoghq.com>

view details

obeyler

commit sha eadb0d671ace0d705730dd188f4d2e0d1ec8b7e5

[stable/openebs] Add the opportunity to change docker registry (#22372) * Add the opportunity to change docker registry Signed-off-by: olivier beyler <olivier.beyler@orange.com> * Add parameter in README.md Signed-off-by: olivier beyler <olivier.beyler@orange.com> * fixup missing changement Signed-off-by: olivier beyler <olivier.beyler@orange.com> * fixup defaut value in readme Signed-off-by: olivier beyler <olivier.beyler@orange.com>

view details

David J. M. Karlsen

commit sha 15839f56385fdc22050c66aa19617b72d2d49a28

[stable/anchore-engine] use capabilities in order to support older in… (#22319) * [stable/anchore-engine] use capabilities in order to support older ingress api Signed-off-by: David Karlsen <david@davidkarlsen.com> * fix chomping Signed-off-by: David Karlsen <david@davidkarlsen.com>

view details

Tuan Anh Nguyen

commit sha 45336743574b901cc8eebe2d21abcaaaa3874cf0

[stable/aws-iam-authenticator] Add apps/v1 support (#22326) * add apps/v1 support Signed-off-by: Tuan Anh Nguyen <tuananh.nguyen-ext@commercetools.de> * add label selector Signed-off-by: Tuan Anh Nguyen <tuananh.nguyen-ext@commercetools.de>

view details

Fabrizio Fortino

commit sha 8e179aa307748b2877ba04fe632b00a72bd44773

[stable/cerebro] bump image (#22384) Signed-off-by: fabriziofortino <fabrizio.fortino@gmail.com>

view details

Kyle Michel

commit sha 217e4a9972ae73a25fc49c155ed3d97a30a5646e

[stable/jenkins] Jenkins default configuration options (#22318) * Add additional options to casc defaults Signed-off-by: Kyle Michel <kylermichel@gmail.com> * Bump chart version Signed-off-by: Kyle Michel <kylermichel@gmail.com> * Requested PR changes Signed-off-by: Kyle Michel <kylermichel@gmail.com> * Change how to override the markup formatter Signed-off-by: Kyle Michel <kylermichel@gmail.com>

view details

Igor Blackman

commit sha bb716dfaca2ee5ba107a68c805c6e8d777da7af3

Enable option to specify a different strategy than recreate (#22387) Signed-off-by: Igor Valente Blackman <igor.blackman@gmail.com>

view details

Vesa Laakso

commit sha 827127e4f3abfaea3260c5fadc9dc602725ef40c

[stable/prometheus] Fix default non-HA state for alertmanager statefulset (#22386) Since enableMeshPeer is false by default, cluster.listen-address should be empty. Commit 5b4f507 caused regression and it is passing string as a parameter which is wrong. Documentation https://github.com/prometheus/alertmanager/blob/master/README.md#high-availability explicitly says cluster listen address should be defined like --cluster.listen-address= without passing emptry string. Signed-off-by: Vesa Laakso <vesa.laakso@cfg.fi>

view details

Etienne

commit sha 84d4a14d0e4a0f5e2a56b97b1582f8a5cf26757d

Add pod security policy support and create service account by default (#21796) Signed-off-by: Etienne Tremel <etienne@kogusenn.com>

view details

Peter Wilson

commit sha 137c7d41475af2bec795c7b48f80b2fad9e627a4

[stable/oauth2-proxy] Add podSecurityContext (#22181) * [oauth2-proxy] Add podSecurityContext Signed-off-by: Peter Wilson <dearpete@gmail.com> * [oauth2-proxy] add podSecurityContext ci test Signed-off-by: Peter Wilson <dearpete@gmail.com>

view details

Jacob Stampe Mikkelsen

commit sha 1d4dda4fe7fdab56a95eccaeb0c747ce521a5fa7

Make web.allowedOrigins configurable using values file (#22224) Signed-off-by: Jacob Stampe Mikkelsen <jmn@systematic.com>

view details

LucasBoisserie

commit sha b71c8c665e7de2ef22e915cd2f173d680cd7636c

Add vars for liveness and readyness (#22201) Signed-off-by: LucasBoisserie <lucas.boisserie@gmail.com>

view details

Yong Wen Chua

commit sha 0dfb1191c9ff3118fccd0b0879cace1fc9ce29ac

[stable/prometheus] Fix incorrect rendering of enableServiceLinks (#22391) cf. https://github.com/helm/helm/issues/3308 Signed-off-by: Yong Wen Chua <lawliet89@users.noreply.github.com>

view details

Amit Thakkar

commit sha 17fdf750d64cd71bc13feb1cf22190109f0fb350

[stable/autoscaler] scale-down-delay parameter name (#22396) * [cluster-autoscaler] correcting scale-down-delay parameter. Signed-off-by: AmitThakkar <vigildbest@gmail.com> * [cluster-autoscaler] Chart Version bumped. Signed-off-by: AmitThakkar <vigildbest@gmail.com>

view details

Shubham Choudhary

commit sha 63f1d0bbbca72518b71760e07b63d77009cbf28f

Prometheus-operator README.md markup fix (#22398) Signed-off-by: Shubham Choudhary <shubham.choudhary@phenompeople.com> Co-authored-by: Shubham Choudhary <shubham.choudhary@phenompeople.com>

view details

Akhil Mohan

commit sha 4366bb0cbaacd7fadc3e43d2be472c6db399fc0d

[stable/openebs]: update openebs charts to 1.10.0 release (#22410) - Updated README - Updated Chart version - Updated values.yaml - Updated templates/clusterrole.yaml - Updated templates/daemonset-ndm.yaml - Updated templates/deployment-maya-apiserver.yaml - Updated templates/deployment-ndm-operator.yaml Signed-off-by: Akhil Mohan <akhil.mohan@mayadata.io> Signed-off-by: akhilerm <akhil.mohan@mayadata.io>

view details

Alex Voloshyn

commit sha c80f38d40ac768620e5e1712c59bb30094b233e8

[stable/docker-registry] Update apiVersion for Kubernetes 1.16 support (#22316) * Update apiVersion for Kubernetes 1.16 support Signed-off-by: Alex Voloshyn <alex@geeoz.com> * Add support for Kubernetes older than 1.16 Signed-off-by: Alex Voloshyn <alex@geeoz.com> * Update according to the review comment Signed-off-by: Alex Voloshyn <alex@geeoz.com> * Simplified check Signed-off-by: Alex Voloshyn <alex@geeoz.com>

view details

push time in 3 months

pull request commenthelm/charts

Update to new oauth2-proxy repo and tag

Just going through reverting the name change. I'm wondering if it would be a good idea to make this a breaking change, all be it minor, to line up with oauth2-proxy? The reason being is that the name "oauth2_proxy.cfg" is based off the example config file, which is now called "oauth2-proxy.cfg.example". I feel like this might catch a few newbies out if they copy paste from the oauth2-proxy docs. WDYT? I'll push up a new commit reverting it, but let me know which way you think would be best to proceed?

steakunderscore

comment created time in 3 months

startedgoodwithtech/dockle

started time in 3 months

pull request commenthelm/charts

Update to new oauth2-proxy repo and tag

Hmm let me revert changing the file name, that's not really important.

steakunderscore

comment created time in 3 months

issue commenthelm/charts

Should incubator/oauth-proxy be dropped

Take a look at the chart in incubator. It doesn't use pusher/oauth2_proxy: https://github.com/helm/charts/blob/master/incubator/oauth-proxy/Chart.yaml

steakunderscore

comment created time in 3 months

pull request commentgrafeas/grafeas

Update documentation on public key format

I assume you'll need to regenerate the committed go code and swagger output:

proto/v1beta1/common_go_proto/common.pb.go
proto/v1beta1/swagger/grafeas.swagger.json
alexcope

comment created time in 3 months

startedcylgom/ly

started time in 3 months

startedHummer12007/brightnessctl

started time in 3 months

startedminus7/redshift

started time in 3 months

pull request commentgrafeas/grafeas

Revert "Validate public key IDs use an RFC3986 conformant"

@aysylu Would it not be a good idea to keep the fixes to the tests (but swapping the logic to what @alexcope expects).

Also it looks like the docs haven't been fixed[1][2]. @alexcope Since you know and have spoken to the author would it make sense for you to push a patch fixing this?

[1] :https://github.com/grafeas/grafeas/blob/master/proto/v1/common.proto#L87 [2]: https://github.com/grafeas/grafeas/blob/master/proto/v1beta1/common.proto#L87

alexcope

comment created time in 3 months

startedcorona-warn-app/cwa-documentation

started time in 3 months

push eventsteakunderscore/charts

Henry Jenkins

commit sha ee2c5c1cc90602deab5d5e375694a02c208bef1b

Update to new oauth2-proxy repo and tag - oauth2-proxy has it's own github org and with that a new quay container image repo - v5.1.1 has been released fixing a security issue. Signed-off-by: Henry Jenkins <henry@henryjenkins.name>

view details

push time in 3 months

pull request commenthelm/charts

Update to new oauth2-proxy repo and tag

Unfortunately I don't actually use helm, and don't have the bandwidth to test this. If someone can that'd be great!

steakunderscore

comment created time in 3 months

Pull request review commenthelm/charts

Update to new oauth2-proxy repo and tag

 name: oauth2-proxy-version: 3.0.0+version: 3.1.0

I'm not sure if this is the correct version to bump to. Not sure if this is breaking or not.

steakunderscore

comment created time in 3 months

PR opened helm/charts

Drop incubator/oauth-proxy (#22370)

Is this a new chart

no

What this PR does / why we need it:

This chart duplicates stable/oauth2-proxy

Which issue this PR fixes

#22370

Special notes for your reviewer:

Checklist

[Place an '[x]' (no spaces) in all applicable fields. Please remove unrelated fields.]

  • [X] DCO signed
  • [ ] Chart Version bumped
  • [ ] Variables are documented in the README.md
  • [ ] Title of the PR starts with chart name (e.g. [stable/mychartname])
+0 -352

0 comment

10 changed files

pr created time in 3 months

create barnchsteakunderscore/charts

branch : drop-incubator

created branch time in 3 months

issue openedhelm/charts

Should incubator/oauth-proxy be dropped

Describe the bug

Currently there is two charts for oauth2-proxy:

  • incubator/oauth-proxy
  • stable/oauth2-proxy

The incubator chart is using the original upstream of oauth2-proxy which was archived by Bitly at the end of September 2018. The stable chart is using oauth2-proxy/oauth2-proxy. This was shifted from pusher/oauth2_proxy by the maintainers early 2020.

Since the incubator version is very out of date, and duplicates the stable copy. I would suggest that incubator/oauth-proxy be dropped.

Version of Helm and Kubernetes:

This is the case on master

Anything else we need to know:

created time in 3 months

push eventsteakunderscore/charts

Henry Jenkins

commit sha 3bc5ecb56da8378d41d03dfcd733ff845ea22a7c

Update more references

view details

push time in 3 months

PR opened helm/charts

Update to new oauth2-proxy repo and tag
  • oauth2-proxy has it's own github org and with that a new quay container image repo
  • v5.1.1 has been released fixing a security issue.

<!-- Thank you for contributing to helm/charts. Before you submit this PR we'd like to make sure you are aware of our technical requirements and best practices:

  • https://github.com/helm/charts/blob/master/CONTRIBUTING.md#technical-requirements
  • https://github.com/helm/helm/tree/master/docs/chart_best_practices

For a quick overview across what we will look at reviewing your PR, please read our review guidelines:

  • https://github.com/helm/charts/blob/master/REVIEW_GUIDELINES.md

Following our best practices right from the start will accelerate the review process and help get your PR merged quicker.

When updates to your PR are requested, please add new commits and do not squash the history. This will make it easier to identify new changes. The PR will be squashed anyways when it is merged. Thanks.

For fast feedback, please @-mention maintainers that are listed in the Chart.yaml file.

Please make sure you test your changes before you push them. Once pushed, a CircleCI will run across your changes and do some initial checks and linting. These checks run very quickly. Please check the results. We would like these checks to pass before we even continue reviewing your changes. -->

Is this a new chart

NOTE: We're experiencing a high volume of PRs to this repo and reviews will be delayed. Please host your own chart repository and submit your repository to the Helm Hub instead of this repo to make them discoverable to the community. Here is how to submit new chart repositories to the Helm Hub.

What this PR does / why we need it:

Which issue this PR fixes

(optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged)

  • fixes #

Special notes for your reviewer:

Checklist

[Place an '[x]' (no spaces) in all applicable fields. Please remove unrelated fields.]

  • [ ] DCO signed
  • [ ] Chart Version bumped
  • [ ] Variables are documented in the README.md
  • [ ] Title of the PR starts with chart name (e.g. [stable/mychartname])
+2 -2

0 comment

1 changed file

pr created time in 3 months

push eventsteakunderscore/charts

Henry Jenkins

commit sha 912fcf07f6e97e7ca5034a061a90bb48ad49318b

Update to new oauth2-proxy repo and tag - oauth2-proxy has it's own github org and with that a new quay container image repo - v5.1.1 has been released fixing a security issue.

view details

push time in 3 months

fork steakunderscore/charts

Curated applications for Kubernetes

fork in 3 months

startedlouketo/louketo-proxy

started time in 3 months

push eventIzzette/oauth2_proxy

John Clayton

commit sha 7cf685140bd096cbb33e00365bdb964c21422edc

Restrict access using Github collaborators (#497) * Allow access based on Github repository

view details

Henry Jenkins

commit sha f9db6f10e0d4d3e2a077341078db795d2a2fed7a

Merge branch 'master' into real-client-ip-header

view details

push time in 3 months

Pull request review commentthought-machine/dracon

pipsafety producer

+package main++import (+	"fmt"+	"log"++	v1 "api/proto/v1"++	"producers/pipsafety/types"++	"github.com/thought-machine/dracon/producers"

Should probably remove the prefix off this import too.. "producers"

northdpole

comment created time in 3 months

Pull request review commentthought-machine/dracon

pipsafety producer

+package types

Be nice to have tests for this.

northdpole

comment created time in 3 months

Pull request review commentthought-machine/dracon

pipsafety producer

+package types++import (+	"encoding/json"+)++type SafetyIssue struct {+	Name              string+	VersionConstraint string+	CurrentVersion    string+	Description       string+}++//read semi-unstructured safety json into struct

Comments need to start with the method name. Also should mention that you are implementing an interface. So something like:

// UnmarshalJSON reads semi-unstructured safety json into struct. Implements json.Unmarshaler interface.
northdpole

comment created time in 3 months

Pull request review commentthought-machine/dracon

pipsafety producer

+package types++import (+	"encoding/json"+)++type SafetyIssue struct {+	Name              string+	VersionConstraint string+	CurrentVersion    string+	Description       string+}++//read semi-unstructured safety json into struct+func (i *SafetyIssue) UnmarshalJSON(data []byte) error {++	var v []interface{}+	if err := json.Unmarshal(data, &v); err != nil {+		return err+	}+	i.Name, _ = v[0].(string)+	i.VersionConstraint, _ = v[1].(string)+	i.CurrentVersion = v[2].(string)

Should intentionally discard ok like you have done on the lines above. Same needs fixing on the next line too.

northdpole

comment created time in 3 months

push eventoauth2-proxy/oauth2-proxy

John Clayton

commit sha 7cf685140bd096cbb33e00365bdb964c21422edc

Restrict access using Github collaborators (#497) * Allow access based on Github repository

view details

push time in 3 months

PR merged oauth2-proxy/oauth2-proxy

Reviewers
Restrict access using Github collaborators

Description

This adds options that allows collaborators on a Github repository to be used to restrict access.

Motivation and Context

We'd like to be able to use a public repository to allow access through the proxy since you can add outside collaborators to a public repository and not have them cost anything to your organization. If you add a collaborator to an org, team, or private repository that counts as a user seat and you are charged for it.

This also satisfies the feature request in #129.

How Has This Been Tested?

Using only the -github-repo flag, we use the access token of the authenticated user to check what access, if any, they have to the target repo. Since anyone can implicitly pull from a public repo, they must either have write access to a public repo, or any access to a private repo.

Being able to check for read only access of a public repo requires an extra flag, -github-token, which is a personal access token for a user that has write access to the repository. That token needs to be created with the public_repo scope.

In addition to testing the various scenarios, I've added unit tests for the new functionality. It did require refactoring the http tests in the Github provider, but all tests continue to pass after the change.

Checklist:

  • [x] My change requires a change to the documentation or CHANGELOG.
  • [x] I have updated the documentation/CHANGELOG accordingly.
  • [x] I have created a feature (non-master) branch for my PR.
+263 -14

3 comments

8 changed files

jsclayton

pr closed time in 3 months

pull request commentoauth2-proxy/oauth2-proxy

Restrict access using Github collaborators

Not clear what to do about the code climate warning short of refactoring the Github API request bits for the whole file into a helper, which seems like it should be its own PR. I agree, this should be its own PR. We only just turned on code climate, so it's picking up a few thing that need refactoring. Most of which we already knew about to be fair.

jsclayton

comment created time in 3 months

Pull request review commentoauth2-proxy/oauth2-proxy

Restrict access using Github collaborators

 Note: When using the Azure Auth provider with nginx and the cookie session store 1.  Create a new project: https://github.com/settings/developers 2.  Under `Authorization callback URL` enter the correct url ie `https://internal.yourcompany.com/oauth2/callback` -The GitHub auth provider supports two additional parameters to restrict authentication to Organization or Team level access. Restricting by org and team is normally accompanied with `--email-domain=*`+The GitHub auth provider supports two additional ways to restrict authentication to either organization and optional team level access, or to collaborators of a repository. Restricting by these options is normally accompanied with `--email-domain=*`++To restrict by organization only, include the following flag:      -github-org="": restrict logins to members of this organisation++To restrict within an organization to specific teams, include the following flag in addition to `-github-org`:

FYI we are only supporting flags with double dashes (--) as of a few days ago. But it looks like I missed a few in this file when I updated the docs. We should put up a septate PR to fix this.

jsclayton

comment created time in 3 months

delete branch thought-machine/dracon

delete branch : update-defectdojo

delete time in 3 months

push eventthought-machine/dracon

Spyros

commit sha 56b0ebd56462262a217ed1c0ecdbfbcaf474a8c0

new hash for defectdojo api third party

view details

Henry Jenkins

commit sha 74b07a87ebde262715fac2c228cd3a4100a11157

Merge pull request #27 from thought-machine/update-defectdojo update hash for defectdojo api third party

view details

push time in 3 months

pull request commentthought-machine/dracon

new hash for defectdojo api third party

Spoke with @northdpole, we're not sure why this hash changed. We'll keep an eye on this happening again.

northdpole

comment created time in 3 months

Pull request review commentoauth2-proxy/oauth2-proxy

Always encrypt sessions regardless of configuration

 func (o *Options) Validate() error { 	}  	msgs := make([]string, 0)++	var cipher *encryption.Cipher 	if o.Cookie.Secret == "" { 		msgs = append(msgs, "missing setting: cookie-secret")+	} else {+		validCookieSecretSize := false+		for _, i := range []int{16, 24, 32} {+			if len(secretBytes(o.Cookie.Secret)) == i {+				validCookieSecretSize = true+			}+		}+		var decoded bool+		if string(secretBytes(o.Cookie.Secret)) != o.Cookie.Secret {+			decoded = true+		}+		if !validCookieSecretSize {+			var suffix string+			if decoded {+				suffix = fmt.Sprintf(" note: cookie secret was base64 decoded from %q", o.Cookie.Secret)

Although this was original code. Are we worried about logging a secret? I'd be tempted to add the message still, but just leave off appending the secret.

ti-mo

comment created time in 3 months

Pull request review commentoauth2-proxy/oauth2-proxy

Always encrypt sessions regardless of configuration

 func TestRobotsTxt(t *testing.T) { 	opts := NewOptions() 	opts.ClientID = "asdlkjx" 	opts.ClientSecret = "alkgks"-	opts.Cookie.Secret = "asdkugkj"+	opts.Cookie.Secret = "secretthirtytwobytes+abcdefghijk"

Looks like we aren't showing examples of using a base64 encoded 32 bit secret. Might be nice from a tests as documentation perspective. Also helps with coverage.

ti-mo

comment created time in 3 months

pull request commentoauth2-proxy/oauth2-proxy

Restrict access using Github collaborators

@jsclayton Mind merging master in to your branch to resolve the conflicts?

jsclayton

comment created time in 3 months

Pull request review commentoauth2-proxy/oauth2-proxy

Implements -real-client-ip-header option.

 type Logger struct { 	stdEnabled     bool 	authEnabled    bool 	reqEnabled     bool-	reverseProxy   bool+	getClientFunc  GetClientFunc

Normally I would be against stating the type in the variable name, but here I think it's worth it for the clarity it adds.

Izzette

comment created time in 3 months

PR closed oauth2-proxy/oauth2-proxy

Reviewers
Support context in providers

<!--- Provide a general summary of your changes in the Title above -->

Description

<!--- Describe your changes in detail --> Retry for https://github.com/oauth2-proxy/oauth2-proxy/pull/491. No changes other than context support are included.

Motivation and Context

<!--- Why is this change required? What problem does it solve? --> <!--- If it fixes an open issue, please link to the issue here. --> Need to be prepared to benefit from the context-based Go ecosystem.

How Has This Been Tested?

<!--- Please describe in detail how you tested your changes. --> <!--- Include details of your testing environment, and the tests you ran to --> <!--- see how your change affects other areas of the code, etc. -->

make test Added a snippet that confirms the implementation of the interface to each provider.

Checklist:

<!--- Go over all the following points, and put an x in all the boxes that apply. --> <!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->

  • [x] My change requires a change to the documentation or CHANGELOG.
  • [x] I have updated the documentation/CHANGELOG accordingly.
  • [x] I have created a feature (non-master) branch for my PR.
+223 -173

1 comment

33 changed files

johejo

pr closed time in 3 months

pull request commentoauth2-proxy/oauth2-proxy

Support context in providers

Manually merged this since we can't update the author's repo.

johejo

comment created time in 3 months

push eventoauth2-proxy/oauth2-proxy

Mitsuo Heijo

commit sha e642daef4efcf5199466ef9abe3b0f00ff7c614c

Support context in providers (#519) Co-authored-by: Henry Jenkins <henry@henryjenkins.name>

view details

push time in 3 months

delete branch oauth2-proxy/oauth2-proxy

delete branch : drop-syscll

delete time in 3 months

push eventoauth2-proxy/oauth2-proxy

Joel Speed

commit sha 53d8e99f05cf416fd69cc3cc0ba3eb0ed21ce2f8

Remove Syscll as a maintainer (#540)

view details

push time in 3 months

PR merged oauth2-proxy/oauth2-proxy

Remove Syscll as a maintainer

<!--- Provide a general summary of your changes in the Title above -->

Description

<!--- Describe your changes in detail --> Syscll has asked to take a break from the project for a few months. Removing him from the maintainers and codeowners list for now to reduce the number of notifications that he will be getting.

Motivation and Context

<!--- Why is this change required? What problem does it solve? --> <!--- If it fixes an open issue, please link to the issue here. -->

How Has This Been Tested?

<!--- Please describe in detail how you tested your changes. --> <!--- Include details of your testing environment, and the tests you ran to --> <!--- see how your change affects other areas of the code, etc. -->

Checklist:

<!--- Go over all the following points, and put an x in all the boxes that apply. --> <!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->

  • [ ] My change requires a change to the documentation or CHANGELOG.
  • [ ] I have updated the documentation/CHANGELOG accordingly.
  • [x] I have created a feature (non-master) branch for my PR.
+1 -2

0 comment

2 changed files

JoelSpeed

pr closed time in 3 months

push eventoauth2-proxy/oauth2-proxy

n-i-x

commit sha be9eaaeb48132a34748fa474eb2077a8d270dfdc

Add basic string functions to templates (#514) * Add basic string functions to templates Co-authored-by: Oliver <oliver006@users.noreply.github.com> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> Co-authored-by: Henry Jenkins <henry@henryjenkins.name>

view details

Joel Speed

commit sha 24cdfa68b6338aad89348b7fc26a1d23b5518fd1

Set up code coverage within Travis for Code Climate (#533) * Set up code coverage within Travis for Code Climate * Include CodeClimate badges on ReadMe

view details

Henry Jenkins

commit sha ad2cdd9aaf41ddb5326e4470e2c8a2c81bcbc319

Merge branch 'master' into drop-old-sessions

view details

push time in 3 months

delete branch oauth2-proxy/oauth2-proxy

delete branch : code-coverage

delete time in 3 months

push eventoauth2-proxy/oauth2-proxy

Joel Speed

commit sha 24cdfa68b6338aad89348b7fc26a1d23b5518fd1

Set up code coverage within Travis for Code Climate (#533) * Set up code coverage within Travis for Code Climate * Include CodeClimate badges on ReadMe

view details

push time in 3 months

PR merged oauth2-proxy/oauth2-proxy

Reviewers
Set up code coverage within Travis for Code Climate enhancement

<!--- Provide a general summary of your changes in the Title above -->

Description

<!--- Describe your changes in detail --> Set up code coverage reporting to Code Climate.

Motivation and Context

<!--- Why is this change required? What problem does it solve? --> <!--- If it fixes an open issue, please link to the issue here. --> This will allow us to track code coverage and hopefully encourage contributors to increase the code coverage as they are contributing new code

How Has This Been Tested?

<!--- Please describe in detail how you tested your changes. --> <!--- Include details of your testing environment, and the tests you ran to --> <!--- see how your change affects other areas of the code, etc. --> Hopefully we get a report for this PR

Checklist:

<!--- Go over all the following points, and put an x in all the boxes that apply. --> <!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->

  • [x] My change requires a change to the documentation or CHANGELOG.
  • [x] I have updated the documentation/CHANGELOG accordingly.
  • [x] I have created a feature (non-master) branch for my PR.
+17 -1

1 comment

5 changed files

JoelSpeed

pr closed time in 3 months

push eventoauth2-proxy/oauth2-proxy

n-i-x

commit sha be9eaaeb48132a34748fa474eb2077a8d270dfdc

Add basic string functions to templates (#514) * Add basic string functions to templates Co-authored-by: Oliver <oliver006@users.noreply.github.com> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> Co-authored-by: Henry Jenkins <henry@henryjenkins.name>

view details

push time in 3 months

PR merged oauth2-proxy/oauth2-proxy

Reviewers
Add basic string functions to templates enhancement

<!--- Provide a general summary of your changes in the Title above -->

Description

Adds the ability to add functions to templates. Currently supports modifying a variable to all uppercase or all lowercase.

Usage:

{{.ProviderName | ToLower}} {{.ProviderName | ToUpper}}

Motivation and Context

I designed a template for oauth2-proxy which dynamically displays the provider login button based on the provider name using standard external CSS libraries. The required class names are btn-{{lowercaseProvider}}. Rather than create new variables to pass in to the template, the better solution seemed to be to allow the template engine to use basic string functions like ToUpper and ToLower.

<!--- Why is this change required? What problem does it solve? --> <!--- If it fixes an open issue, please link to the issue here. -->

HTML templates using external libraries may need to use the provider name in a class. As classes generally cannot be renamed unless a pre-processor like SASS or LESS is used, modifying the variable in the template is the best option.

How Has This Been Tested?

A template has been created which requires lowercase class names for the provider to display the provider logo using font-awesome.

<!--- Please describe in detail how you tested your changes. --> <!--- Include details of your testing environment, and the tests you ran to --> <!--- see how your change affects other areas of the code, etc. -->

Checklist:

<!--- Go over all the following points, and put an x in all the boxes that apply. --> <!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->

  • [x] My change requires a change to the documentation or CHANGELOG.
  • [ ] I have updated the documentation/CHANGELOG accordingly.
  • [ ] I have created a feature (non-master) branch for my PR.
+57 -1

0 comment

3 changed files

n-i-x

pr closed time in 3 months

push eventn-i-x/oauth2-proxy

Henry Jenkins

commit sha 9ed5a4351609c3e57b22f31881f64600b3688b80

Use double dashes in docs (#530) We only supports double dash (`--`) now, so update docs to reflect this.

view details

Joel Speed

commit sha 07df29db37a89e4301b8a5f810ed293765f13e48

Drop configure script in favour of native Makefile env and checks (#515) Co-authored-by: Henry Jenkins <henry@henryjenkins.name>

view details

Nick Meves

commit sha 9d626265e8c2cef0917702f653047f486040a018

Migrate cookie signing to SHA256 from SHA1 (#524) Also, cleanup the code & make the specific hashing algorithm chosen a function variable. Co-authored-by: Henry Jenkins <henry@henryjenkins.name>

view details

Henry Jenkins

commit sha 516a59d65ff771ef8154f363d105317034ea5204

Merge branch 'master' into master

view details

push time in 3 months

more