2a3942e506
chore: bump k8s deps to v1.29.4 and controller-runtime to v0.17.3 ( #1292 )
...
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2024-05-02 16:44:37 -04:00
e5e3b2a8fa
feat: add graceful shutdown for proxy server ( #776 )
...
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2023-03-06 14:04:31 -05:00
48230a83e8
chore: complete migration to mlog and drop logrus ( #729 )
...
Signed-off-by: Monis Khan <mok@microsoft.com>
2023-02-04 08:46:59 +00:00
9ba3fff0a7
chore: move to mlog.New and drop klog and logr as direct deps ( #722 )
...
Signed-off-by: Monis Khan <mok@microsoft.com>
2023-01-27 14:25:39 -05:00
216db84ec4
chore: remove arc wiring and drop --arc-cluster flag from webhook ( #723 )
...
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2023-01-26 19:07:53 -05:00
305d10b193
feat: use cert ready checker for webhook readiness ( #721 )
...
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2023-01-26 17:11:00 +00:00
0befda9763
feat: migrate proxy and webhook to mlog ( #707 )
...
This is the minimal change required to migrate to mlog with a new
--log-level flag. A future change will migrate from logr.Logger to
mlog.Logger.
This change does not migrate azwi to mlog because many of the logrus
calls use the unstructured APIs. That will be a future change.
Signed-off-by: Monis Khan <mok@microsoft.com>
2023-01-24 15:11:07 -05:00
e2bba608a9
feat: add proxy --probe and enable lifecycle postStart hook ( #490 )
...
* feat: add proxy --probe and enable lifecycle postStart hook
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
* review feedback
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2022-07-19 21:56:25 +00:00
77d7216873
feat: add metrics ( #478 )
...
* feat: add metrics
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
* chore: make metrics port configurable with helm
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2022-06-29 16:25:50 +00:00
35bd704346
feat: add initial framework for azwi-cli ( #180 )
...
* feat: add azure-workload-identity CLI
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
feat: add service account and federated credential creation
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
* feat: add auth_method flag and cli option
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2021-10-08 10:24:04 -07:00
a0566b227a
feat: support console log encoding with klogr ( #175 )
...
Signed-off-by: GitHub <noreply@github.com>
2021-09-13 22:28:17 -07:00
f5f3cd8991
feat: rename module and annotations from aad-pod-managed-identity to azure-workload-identity ( #150 )
...
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
feat: update labels, image repo path and namespace prefix
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
feat: rename annotations to azure.workload.identity/*
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2021-08-24 11:46:00 -07:00
887abce66e
feat: implement proxy using msal-go ( #142 )
...
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
update token acquire logic
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
test: add e2e tests for proxy
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2021-08-12 13:43:14 -07:00
39cbca8e3c
fix: bypass cache and get from apiserver if serviceaccount not found ( #140 )
...
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2021-08-09 11:01:08 -07:00
1612851f50
chore: enable additional linters ( #118 )
...
* chore: enable additional linters
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
* chore: enable errcheck linter and fix errors
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
* chore: enable whitespace linter and fix errors
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2021-07-29 15:29:06 -07:00
7845d7087b
feat: use cert-controller rotator for server certs ( #93 )
...
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2021-07-19 22:32:46 +00:00
c052022b43
feat: add user agent to client ( #99 )
...
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2021-07-15 17:52:25 -04:00
1f4c734cfa
feat: add readiness and liveness probes to webhook ( #95 )
...
Signed-off-by: Ernest Wong <chuwon@microsoft.com>
2021-07-13 15:10:42 -07:00
bace9bea68
Set minimum TLS version in webhook ( #86 )
...
* min tls version
Signed-off-by: Sertac Ozercan <sozercan@gmail.com>
* update to v0.21.2
Signed-off-by: Sertac Ozercan <sozercan@gmail.com>
* fix merge conflicts
Signed-off-by: Sertac Ozercan <sozercan@gmail.com>
2021-07-12 15:19:29 -04:00
9670a9df4b
feat: add `-webhook-cert-dir` flag to allow overriding ( #84 )
...
* feat: add `-webhook-cert-dir` flag to allow overriding
* doc: note for {TempDir} behavior in Mac
2021-07-09 11:28:06 -07:00
4d39eb434a
feat: make audience configurable ( #35 )
...
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2021-05-18 11:45:07 -07:00
d857e00f71
feat: add support for arc clusters ( #25 )
...
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2021-05-12 09:11:11 -07:00
37777459e2
refactor: use pkg/errors instead of fmt ( #26 )
...
Signed-off-by: Ernest Wong <chuwon@microsoft.com>
2021-05-11 16:14:46 -07:00
29e00813a0
ci: enable linting and fix issues ( #23 )
...
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2021-05-10 16:21:01 -07:00
dc63675c64
chore: Makefile improvement and add e2e test case ( #19 )
...
Signed-off-by: Ernest Wong <chuwon@microsoft.com>
2021-05-10 14:28:14 -07:00
980d796e91
feat: implement mutating webhook ( #15 )
...
* feat: implement mutating webhook
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
* test: add unit tests for webhook handler
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2021-05-04 12:30:57 -07:00
d948ba2545
feat: implement proxy and init iptables ( #12 )
...
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2021-04-30 14:51:28 -07:00
Anish Ramasekar
Mo Khan
Ernest Wong
Sertaç Özercan
hbc