max furman
|
f92bb06b6c
|
change func def for getSSHHosts
* continue to return all hosts if injection method not specified
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
11c8639782
|
Add identity certificate in ssh response.
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
d940ab7c20
|
Add getSSHHosts injection func
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
414a94b210
|
Instrument getIdentity func for OIDC ssh provisioner
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
3d970b45c8
|
remove printfs
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
f74cd04a6a
|
Add WithGetIdentityFunc option and attr to authority
* Add Identity type to provisioner
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
8bf3bf701e
|
Add support for /ssh/bastion method.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
a6edcd0a3d
|
Make test to compile, they still fail.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
000885dea7
|
Move Option type to a new file.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
a86dc78b5d
|
Add missing comment.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
7db7b1ee4c
|
Fix some provisioner tests
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
29be322b1c
|
Make audiences compatible with the old version.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
39ae5636fe
|
Complete AuthDB interface.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
d4627d1282
|
Make provisioner tests compile, they are still failing.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
a8a6d0ada3
|
Fix indentation.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
cf592fa0e1
|
Remove global check for number of k8sSA provisioners.
This was causing a bug in the reload of the ca.
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
5788ac3f4f
|
sshpop token should not allow renew/rekey of user ssh certs
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
54e3cf7322
|
Add multiuse capability to k8ssa provisioners
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
29853ae016
|
sshpop provisioner + ssh renew | revoke | rekey first pass
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
c04f1e1bd4
|
sshpop first pass
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
5616386eed
|
Add SSH getHosts api
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
c7e4cc96a4
|
Change default user duration to 16h.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
c729c5f925
|
Fix list of user ssh public keys.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
ee22778264
|
Fix lint error.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
8939caace4
|
Add tests for ssh authority methods.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
4f06f3901e
|
Add some ssh related tests.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
08850d5334
|
Add support for federated keys.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
37f17213bb
|
Add initial support for check-host endpoint.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
d08db4df23
|
Rename SSH methods.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
b5bc249e1c
|
Add support for multiple ssh roots.
Fixes #125
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
91130b9c3f
|
Add support for user data in templates.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
a35988ff08
|
Add initial support for ssh config.
Related to smallstep/cli#170
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
d4c47cf3e1
|
Fix tests.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
961be1fbc7
|
Add endpoint to return the SSH public keys.
Related to smallstep/ca-component#195
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
a197158426
|
Add initial implementation of ssh config.
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
8f07ff6a39
|
Add kubernetes service account provisioner
|
2019-10-29 17:42:50 -07:00 |
|
Max
|
0a96062b76
|
Merge pull request #128 from jkralik/returnCertChain
Change api of functions Authority.Sign, Authority.Renew
|
2019-10-18 14:00:18 -07:00 |
|
max furman
|
d368791606
|
Add x5c provisioner capabilities
|
2019-10-14 14:51:37 -07:00 |
|
Jozef Kralik
|
bc6074f596
|
Change api of functions Authority.Sign, Authority.Renew
Returns certificate chain instead of 2 members.
Implements #126
|
2019-10-09 22:23:00 +02:00 |
|
Mariano Cano
|
59526d3225
|
Merge pull request #105 from smallstep/okta-support
Address support on OIDC provisioners
|
2019-09-20 15:33:11 -07:00 |
|
Mariano Cano
|
39b41b5e83
|
Merge pull request #107 from smallstep/ssh-valid-after
Truncate to seconds ValidAfter
|
2019-09-19 15:27:28 -07:00 |
|
Mariano Cano
|
d59a5b222f
|
Truncate to seconds to avoid rounding up times.
It can cause that certs are not valid yet, if they are used right away.
|
2019-09-19 13:42:24 -07:00 |
|
max furman
|
fe7973c060
|
wip
|
2019-09-19 13:17:45 -07:00 |
|
Mariano Cano
|
adc1d54b0d
|
Define valid after as 1m before now.
It avoids errors with immediate use of cert.
|
2019-09-19 12:37:41 -07:00 |
|
Mariano Cano
|
72f1a61f06
|
Increase coverage.
|
2019-09-18 18:08:26 -07:00 |
|
Mariano Cano
|
b7045f27a9
|
Increase coverage.
|
2019-09-18 17:13:58 -07:00 |
|
Mariano Cano
|
a16b2125bc
|
Fix tests.
|
2019-09-18 16:04:43 -07:00 |
|
Mariano Cano
|
6c4abfabbb
|
Make /.well-known/openid-configuration optional
|
2019-09-18 15:54:10 -07:00 |
|
Mariano Cano
|
3527ee6940
|
Add support for listenAddress parameter if OIDC provisioners.
Fixes smallstep/cli#150
|
2019-09-18 15:25:28 -07:00 |
|
max furman
|
44e864030d
|
Remove debug logging
|
2019-09-16 10:45:33 -07:00 |
|