github/capsule
1
0
Fork 0
mirror of https://github.com/projectcapsule/capsule.git synced 2026-02-14 09:59:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,526 Commits 22 Branches 103 Tags
730151cb44e3dd364390ac476d02c039ee361863
Commit Graph

34 Commits

Author SHA1 Message Date
Oliver Bähler
730151cb44 feat: add dynamic capsule user evaluation (#1811) 
* chore: improve dev targets

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(controller): implement deterministic rolebinding reflection

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(controller): capsule users are determined from configuration status

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(tenantowners): added agreggate option - tenantowners are always considered capsule users

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(tenantowner): add implicit aggregation for tenants

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: remove helm flags

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* fix(config): remove usergroups default

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-12-31 11:37:30 +01:00
Oliver Bähler
d812a0c722 feat(tenant): add dedicated tenantowner crd (#1764) 
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-12-02 15:21:46 +01:00
Oliver Bähler
5899e6d9a1 feat(tenant): add available classes as status fields (#1751) 
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-11-21 10:31:45 +01:00
Oliver Bähler
581a8fe60e feat(controller): administration persona (#1739) 
* chore(refactor): project and api refactoring

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore(refactor): project and api refactoring

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-11-18 16:27:16 +01:00
Oliver Bähler
074eb40734 feat(config): add ignore user groups property (#1586) 
* feat(config): add ignore user groups property

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(config): add ignore user groups property

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(config): add ignore user groups property

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(config): add ignore user groups property

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(config): add ignore user groups property

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(config): add ignore user groups property

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-08-15 00:23:33 +02:00
Oliver Bähler
c7237f802b feat(api): add resourcepools and claims (#1333) 
* feat: functional appsets

* feat(api): add resourcepools api

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: fix gomod

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: correct webhooks

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: fix harpoon image

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: improve e2e

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: add labels to e2e test

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: fix status handling

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: fix racing conditions

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: make values compatible

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: fix custom resources test

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: correct metrics

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-05-22 09:07:13 +02:00
Oliver Bähler
d15ef08576 chore(e2e): remove build instructions (#1428) 
* chore(e2e): add parallel execution and remove build instructions

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: change test targets

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-05-01 11:46:05 +02:00
Hristo Hristov
5a32195091 fix(ci): switch to large runner for e2e tests (#1429) 
fix(ci): switch to large runner for e2e tests

Signed-off-by: Hristo Hristov <me@hhristov.info>
 2025-04-30 13:21:43 +02:00
Samir Tahir
da66f40462 feat(api): Add forceTenantPrefix option to Tenant spec (#1244) 
Signed-off-by: samir-tahir <samirtahir91@gmail.com>
 2024-12-04 06:45:05 +01:00
Siarhei Rasiukevich
b27780d74c feat(manager): add forbidden annotations, forbidden labels to service options 
Signed-off-by: Siarhei Rasiukevich <s.rasiukevich@gmail.com>
 2023-11-24 12:30:59 +01:00
Dario Tranchitella
3b0b6cf5ad test: removing unquired sleep 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2023-11-20 14:50:18 +01:00
Dario Tranchitella
0830b3629e chore(header): moving to new neutral organization 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2023-10-16 21:29:23 +02:00
Dario Tranchitella
d7a48d771f refactor: moving to new neutral organization 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2023-10-16 21:29:23 +02:00
Dario Tranchitella
791dde5bf6 refactor(e2e): switching to v1beta2 as storage version 2022-12-27 17:53:17 +01:00
Dario Tranchitella
6403b60590 refactor(test): generating namespace names avoiding collision 2022-12-26 14:27:26 +01:00
Dario Tranchitella
a3495cf614 chore: go 1.18 support 2022-04-14 15:21:49 +00:00
Dario Tranchitella
137b0f083b test: aligning to new rolebindings sync policies 2022-04-14 14:35:59 +00:00
Maxim Fedotov
14f9686bbb Forbidden node labels and annotations (#464) 
* feat: forbidden node labels and annotations

* test(e2e): forbidden node labels and annotations

* build(kustomize): forbidden node labels and annotations

* build(helm): forbidden node labels and annotations

* build(installer): forbidden node labels and annotations

* chore(make): forbidden node labels and annotations

* docs: forbidden node labels and annotations

* test(e2e): forbidden node labels and annotations. Use EventuallyCreation func

* feat: forbidden node labels and annotations. Check kubernetes version

* test(e2e): forbidden node labels and annotations. Check kubernetes version

* docs: forbidden node labels and annotations. Version restrictions

* feat: forbidden node labels and annotations. Do not update deepcopy functions

* docs: forbidden node labels and annotations. Use blockquotes for notes

Co-authored-by: Maksim Fedotov <m_fedotov@wargaming.net>
 2021-11-02 20:01:53 +03:00
Maksim Fedotov
db8b8ac1d9 test(e2e): support multiple tenant owners(add applications to act as tenant owners) 2021-07-12 11:27:13 +02:00
Maksim Fedotov
44bf846260 test(e2e): update tests to use v1beta1 version 2021-07-02 10:14:06 +02:00
Dario Tranchitella
7c1592e739 chore(license): switching over SPDX license header (#280) 2021-06-03 19:46:20 +02:00
Dario Tranchitella
61034947fd test(e2e): modifying CapsuleConfiguration at runtime 2021-05-31 16:15:44 +02:00
Maksim Fedotov
3c9895e498 feat: use multiple groups as capsule-user-group 2021-05-25 14:46:05 +02:00
Dario Tranchitella
d2700556dd Adding linters and aligning code (#169) 
* Adding linters and aligning code

* Aligning ingressHostnames to AllowedListSpec
 2021-01-13 23:49:11 +01:00
Dario Tranchitella
007bdff512 Only owner Tenant specification key is mandatory (#153) 
* Only Tenant owner specification key is mandatory

* Increasing default timeout to avoid e2e flakiness on GH Actions

* Ensuring also empty Namespace annotations and labels
 2020-12-11 15:47:29 +01:00
Dario Tranchitella
f6fd0cfe3f Helm Charts are now inside of the repository (#147) 
* Adding Helm chart source

* Pointing to new Chart location

* Setting GitHub Action for remote Helm Chart release

* Updating Go dependencies

* Using Helm as default installation tool

* Separating diff and e2e jobs

* Aligning tests to Helm labels

* Checking fmt and vet, and fixing it

* We don't need limits on E2E
 2020-12-01 23:30:31 +01:00
Dario Tranchitella
2c54d91306 Enforcing back tenant selection using closest match (#129) 2020-11-05 11:20:48 +01:00
Dario Tranchitella
2af568f0ed Making e2e tests less flaky (#121) 2020-10-31 12:28:17 +01:00
Dario Tranchitella
ee6e3aa0df Using matrix strategy for e2e on multiple k8s versions (#111) 
* Using matrix strategy for e2e on multiple k8s versions

* EndpointSlice version support according to Kubernetes release

* Utility helper for testing various Kubernetes versions
 2020-10-29 09:39:22 +01:00
Dario Tranchitella
9d0a7a78c1 Making CR/CRB names conforming to Kubernetes naming requirements (#91) 2020-09-12 12:14:52 +02:00
Maxim Fedotov
303fc4d69c Support Groups as Subject Kind for Tenant Namespace RoleBindings created by Capsule (#71) 
Modified CRD to support Owner struct.

Added Tenant name validation webhook.

Rewrote owner_reference hook logic.

Updated and added new e2e tests.

Co-authored-by: Maksim Fedotov <m_fedotov@wargaming.net>
 2020-09-10 17:02:22 +02:00
Maxim Fedotov
a99153cbe7 Add protected-namespace-regex (#73) 2020-09-02 12:43:02 +02:00
Maxim Fedotov
164431959c Add capsule-user-group CLI flag (#67) 
* add capsule-user-group param

* Implementing RBAC controller

Co-authored-by: Maksim Fedotov <m_fedotov@wargaming.net>
Co-authored-by: Dario Tranchitella <dario@tranchitella.eu>
 2020-09-01 12:15:48 +02:00
Dario Tranchitella
9969864141 Scaffolding e2e testing (#56) 
* Implementing generic e2e features

* Adding changes upon e2e benchmarking
 2020-08-21 14:55:48 +02:00