3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 02:16:28 +02:00
Code Issues Projects Releases Packages Wiki Activity
3583 commits 156 branches 125 tags 103 MiB
Commit graph

3583 commits

This branch
This branch
All branches
Author SHA1 Message Date
Denis Mishin
d20e99ca8c
zero: fix bootstrap config path (#5035) 2024-03-21 20:39:52 -04:00
Denis Mishin
4193583301
zero: add service accounts support (#5031) 
* zero: add service accounts support

* quit on terminal errors
 2024-03-20 17:03:03 -04:00
dependabot[bot]
715fd75994
chore(deps): bump github.com/docker/docker from 25.0.4+incompatible to 25.0.5+incompatible (#5032) 
chore(deps): bump github.com/docker/docker

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 25.0.4+incompatible to 25.0.5+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v25.0.4...v25.0.5)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-20 14:58:24 -06:00
Denis Mishin
181d5b171d
cluster api: add shared secret to the cluster bootstrap params (#5030) 2024-03-18 16:30:39 -04:00
Kenneth Jenkins
79d5657742
envoy: set explicit hostname on cluster endpoints (#5018) 
Envoy has an option 'auto_host_rewrite' that rewrites the Host header of
an incoming request to match the upstream domain that the proxied
request is sent to. Pomerium sets the 'auto_host_rewrite' option for all
Pomerium routes that do not set one of the "Host Rewrite options" (see
https://www.pomerium.com/docs/reference/routes/headers#host-rewrite-options).

When Envoy rewrites the Host header, it does not include the upstream
port, even when it is a non-standard port for the scheme (i.e. a port
other than 80 for http or a port other than 443 for https).

I think this behavior does not conform to RFC 9110. The nearest thing I
can find in the text is this statement about http and https URIs:
"If the port is equal to the default port for a scheme, the normal form
is to omit the port subcomponent."
(from https://datatracker.ietf.org/doc/html/rfc9110#section-4.2.3)

I take this to mean that the port should be specified in other cases.

There is a work-around: we can set an explicit hostname on each cluster
endpoint. Let's set this hostname based on the 'to' URL(s) from the
Pomerium route.

This should change the current behavior in two cases:

 - When a route has a 'to' URL with a port number, this port number will
   now be included in the Host header in the requests made by Pomerium.

 - When a route has a 'to' URL with 'localhost' or an IP address as the
   host, Pomerium will now rewrite the Host header to match the 'to'
   URL.

There should be no change in behavior for routes where one of the "Host
Rewrite options" is set.
 2024-03-14 14:00:32 -07:00
dependabot[bot]
9d305248b9
chore(deps): bump the docker group in /.github with 2 updates (#5023) 
Bumps the docker group in /.github with 2 updates: busybox and distroless/base-debian12.


Updates `busybox` from `6d9ac92` to `650fd57`

Updates `distroless/base-debian12` from `5eae9ef` to `5eae9ef`

---
updated-dependencies:
- dependency-name: busybox
  dependency-type: direct:production
  dependency-group: docker
- dependency-name: distroless/base-debian12
  dependency-type: direct:production
  dependency-group: docker
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-08 16:04:25 -07:00
dependabot[bot]
57a84f6066
chore(deps): bump the github-actions group with 1 update (#5025) 
Bumps the github-actions group with 1 update: [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `docker/build-push-action` from 5.1.0 to 5.2.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](4a13e500e5...af5a7ed5ba)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-08 16:03:52 -07:00
dependabot[bot]
91413bdaae
chore(deps): bump the go group with 10 updates (#5026) 
Bumps the go group with 10 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.25.2` | `1.25.3` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.27.6` | `1.27.7` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.51.3` | `1.51.4` |
| [github.com/docker/docker](https://github.com/docker/docker) | `25.0.3+incompatible` | `25.0.4+incompatible` |
| [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) | `3.0.2` | `3.0.3` |
| [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) | `5.5.3` | `5.5.4` |
| [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) | `7.0.67` | `7.0.68` |
| [github.com/prometheus/common](https://github.com/prometheus/common) | `0.49.0` | `0.50.0` |
| [github.com/prometheus/procfs](https://github.com/prometheus/procfs) | `0.12.0` | `0.13.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.168.0` | `0.169.0` |


Updates `github.com/aws/aws-sdk-go-v2` from 1.25.2 to 1.25.3
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.25.2...v1.25.3)

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.27.6 to 1.27.7
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.6...config/v1.27.7)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.51.3 to 1.51.4
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.51.3...service/s3/v1.51.4)

Updates `github.com/docker/docker` from 25.0.3+incompatible to 25.0.4+incompatible
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v25.0.3...v25.0.4)

Updates `github.com/go-jose/go-jose/v3` from 3.0.2 to 3.0.3
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.2...v3.0.3)

Updates `github.com/jackc/pgx/v5` from 5.5.3 to 5.5.4
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v5.5.3...v5.5.4)

Updates `github.com/minio/minio-go/v7` from 7.0.67 to 7.0.68
- [Release notes](https://github.com/minio/minio-go/releases)
- [Commits](https://github.com/minio/minio-go/compare/v7.0.67...v7.0.68)

Updates `github.com/prometheus/common` from 0.49.0 to 0.50.0
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](https://github.com/prometheus/common/compare/v0.49.0...v0.50.0)

Updates `github.com/prometheus/procfs` from 0.12.0 to 0.13.0
- [Release notes](https://github.com/prometheus/procfs/releases)
- [Commits](https://github.com/prometheus/procfs/compare/v0.12.0...v0.13.0)

Updates `google.golang.org/api` from 0.168.0 to 0.169.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.168.0...v0.169.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/jackc/pgx/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/minio/minio-go/v7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/prometheus/procfs
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-08 16:01:37 -07:00
dependabot[bot]
c5b04c2b4f
chore(deps): bump the docker group with 2 updates (#5024) 2024-03-08 16:55:07 -05:00
Caleb Doxsey
e352b277c6
ci: group dependabot updates (#5022) 2024-03-08 14:49:08 -07:00
dependabot[bot]
f6eecff2ee
chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#4990) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 15:45:01 -07:00
dependabot[bot]
ca0c1dbde7
chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc from 0.45.0 to 1.24.0 (#4983) 
chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc

Bumps [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc](https://github.com/open-telemetry/opentelemetry-go) from 0.45.0 to 1.24.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/bridge/opencensus/v0.45.0...v1.24.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 15:44:42 -07:00
dependabot[bot]
8c154a778f
chore(deps): bump github.com/klauspost/compress from 1.17.5 to 1.17.7 (#4995) 
Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.5 to 1.17.7.
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](https://github.com/klauspost/compress/compare/v1.17.5...v1.17.7)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 15:44:23 -07:00
dependabot[bot]
6b6bdaa5fe
chore(deps): bump pre-commit/action from 3.0.0 to 3.0.1 (#4973) 
Bumps [pre-commit/action](https://github.com/pre-commit/action) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/pre-commit/action/releases)
- [Commits](646c83fcd0...2c7b3805fd)

---
updated-dependencies:
- dependency-name: pre-commit/action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 15:43:55 -07:00
Caleb Doxsey
67d1362a90
core/zero: fix ticker usage (#4969) 2024-03-06 14:28:21 -07:00
dependabot[bot]
0d2705bebd
chore(deps): bump cloud.google.com/go/storage from 1.37.0 to 1.39.0 (#4989) 
Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.37.0 to 1.39.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.37.0...spanner/v1.39.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 13:42:13 -07:00
dependabot[bot]
7092ec4273
chore(deps): bump go.opentelemetry.io/otel/sdk/metric from 1.22.0 to 1.24.0 (#5003) 
chore(deps): bump go.opentelemetry.io/otel/sdk/metric

Bumps [go.opentelemetry.io/otel/sdk/metric](https://github.com/open-telemetry/opentelemetry-go) from 1.22.0 to 1.24.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.22.0...v1.24.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk/metric
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 13:41:59 -07:00
dependabot[bot]
51e00a216b
chore(deps): bump github.com/prometheus/common from 0.46.0 to 0.49.0 (#4998) 
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.46.0 to 0.49.0.
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](https://github.com/prometheus/common/compare/v0.46.0...v0.49.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 13:11:18 -07:00
dependabot[bot]
c3fc1da9b1
chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.2 (#4984) 
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.1...v3.0.2)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 13:06:39 -07:00
dependabot[bot]
eb2c38bc30
chore(deps): bump google.golang.org/api from 0.161.0 to 0.168.0 (#5010) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.161.0 to 0.168.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.161.0...v0.168.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 13:05:57 -07:00
dependabot[bot]
26f29f92c3
chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.26.6 to 1.27.6 (#5015) 
chore(deps): bump github.com/aws/aws-sdk-go-v2/config

Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.26.6 to 1.27.6.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.26.6...config/v1.27.6)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 13:04:38 -07:00
dependabot[bot]
8e4cf81e1a
chore(deps): bump github.com/open-policy-agent/opa from 0.61.0 to 0.62.1 (#5017) 
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.61.0 to 0.62.1.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.61.0...v0.62.1)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 13:04:17 -07:00
dependabot[bot]
c16456202c
chore(deps): bump golang.org/x/oauth2 from 0.16.0 to 0.18.0 (#5012) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.16.0 to 0.18.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.16.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 11:46:59 -07:00
dependabot[bot]
1eb6c7b47a
chore(deps): bump golang.org/x/crypto from 0.18.0 to 0.21.0 (#5013) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.18.0 to 0.21.0.
- [Commits](https://github.com/golang/crypto/compare/v0.18.0...v0.21.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 10:37:09 -07:00
dependabot[bot]
cd2336794e
chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.48.1 to 1.51.3 (#5016) 
chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3

Bumps [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) from 1.48.1 to 1.51.3.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.48.1...service/s3/v1.51.3)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 10:36:48 -07:00
dependabot[bot]
5920b920f2
chore(deps): bump github.com/minio/minio-go/v7 from 7.0.66 to 7.0.67 (#4996) 
Bumps [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) from 7.0.66 to 7.0.67.
- [Release notes](https://github.com/minio/minio-go/releases)
- [Commits](https://github.com/minio/minio-go/compare/v7.0.66...v7.0.67)

---
updated-dependencies:
- dependency-name: github.com/minio/minio-go/v7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:14:31 -07:00
dependabot[bot]
5fb44a4c2c
chore(deps): bump github.com/go-chi/chi/v5 from 5.0.11 to 5.0.12 (#4986) 
Bumps [github.com/go-chi/chi/v5](https://github.com/go-chi/chi) from 5.0.11 to 5.0.12.
- [Release notes](https://github.com/go-chi/chi/releases)
- [Changelog](https://github.com/go-chi/chi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-chi/chi/compare/v5.0.11...v5.0.12)

---
updated-dependencies:
- dependency-name: github.com/go-chi/chi/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:13:48 -07:00
dependabot[bot]
8a845c3168
chore(deps): bump mikefarah/yq from 4.40.5 to 4.42.1 (#4977) 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.40.5 to 4.42.1.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](dd64899434...9adde1ac14)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:13:26 -07:00
dependabot[bot]
082f4cc0dc
chore(deps): bump github.com/aws/aws-sdk-go-v2 from 1.24.1 to 1.25.2 (#4992) 
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) from 1.24.1 to 1.25.2.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.24.1...v1.25.2)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:13:01 -07:00
dependabot[bot]
33bc62c422
chore(deps): bump github.com/rs/zerolog from 1.31.0 to 1.32.0 (#5004) 
Bumps [github.com/rs/zerolog](https://github.com/rs/zerolog) from 1.31.0 to 1.32.0.
- [Release notes](https://github.com/rs/zerolog/releases)
- [Commits](https://github.com/rs/zerolog/compare/v1.31.0...v1.32.0)

---
updated-dependencies:
- dependency-name: github.com/rs/zerolog
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:12:32 -07:00
dependabot[bot]
d417be1ece
chore(deps): bump go.uber.org/zap from 1.26.0 to 1.27.0 (#4987) 
Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.26.0 to 1.27.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uber-go/zap/compare/v1.26.0...v1.27.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:12:10 -07:00
dependabot[bot]
29af0a0ceb
chore(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 (#4975) 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 3.7.0 to 4.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](3a91952989...3cfe3a4abb)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:11:43 -07:00
dependabot[bot]
bbf580f161
chore(deps): bump node from fd01154 to f3299f1 (#4981) 
Bumps node from `fd01154` to `f3299f1`.

---
updated-dependencies:
- dependency-name: node
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:11:25 -07:00
dependabot[bot]
e1e4084856
chore(deps): bump docker/setup-buildx-action from 3.0.0 to 3.1.0 (#4978) 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](f95db51fdd...0d103c3126)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:11:08 -07:00
dependabot[bot]
0eb9f2b458
chore(deps): bump github.com/jackc/pgx/v5 from 5.5.2 to 5.5.3 (#5000) 
Bumps [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) from 5.5.2 to 5.5.3.
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v5.5.2...v5.5.3)

---
updated-dependencies:
- dependency-name: github.com/jackc/pgx/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:10:49 -07:00
dependabot[bot]
5f9b73a0a7
chore(deps): bump github.com/shirou/gopsutil/v3 from 3.24.1 to 3.24.2 (#5001) 
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil) from 3.24.1 to 3.24.2.
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](https://github.com/shirou/gopsutil/compare/v3.24.1...v3.24.2)

---
updated-dependencies:
- dependency-name: github.com/shirou/gopsutil/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:10:30 -07:00
dependabot[bot]
4c6c953b07
chore(deps): bump google.golang.org/grpc from 1.61.0 to 1.62.1 (#5011) 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.61.0 to 1.62.1.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.61.0...v1.62.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:10:13 -07:00
dependabot[bot]
2eb67ab155
chore(deps): bump google-github-actions/auth from 2.1.0 to 2.1.2 (#4976) 
Bumps [google-github-actions/auth](https://github.com/google-github-actions/auth) from 2.1.0 to 2.1.2.
- [Release notes](https://github.com/google-github-actions/auth/releases)
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md)
- [Commits](5a50e58116...55bd3a7c6e)

---
updated-dependencies:
- dependency-name: google-github-actions/auth
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:09:57 -07:00
dependabot[bot]
2907bbca0e
chore(deps): bump actions/setup-node from 4.0.1 to 4.0.2 (#4974) 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](b39b52d121...60edb5dd54)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:09:34 -07:00
dependabot[bot]
bd8aac444c
chore(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 (#4972) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.0 to 4.3.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](26f96dfa69...5d5d22a312)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:09:16 -07:00
dependabot[bot]
c427dd820f
chore(deps): bump github.com/prometheus/client_golang from 1.18.0 to 1.19.0 (#4999) 
chore(deps): bump github.com/prometheus/client_golang

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.18.0 to 1.19.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/v1.19.0/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.18.0...v1.19.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:08:53 -07:00
dependabot[bot]
af5aff001c
chore(deps): bump distroless/base-debian12 from 996c583 to 1d91d5f (#4980) 
Bumps distroless/base-debian12 from `996c583` to `1d91d5f`.

---
updated-dependencies:
- dependency-name: distroless/base-debian12
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:08:36 -07:00
dependabot[bot]
fe8246e380
chore(deps): bump distroless/base from 6c1e34e to 9d4e568 in /.github (#4971) 
chore(deps): bump distroless/base in /.github

Bumps distroless/base from `6c1e34e` to `9d4e568`.

---
updated-dependencies:
- dependency-name: distroless/base
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 14:08:18 -07:00
Kenneth Jenkins
be46c2e28b
chore(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#5009) 
This includes a fix for CVE-2024-24786.

See https://pkg.go.dev/vuln/GO-2024-2611 for more details.
 2024-03-05 12:58:15 -08:00
Denis Mishin
d405a53b90
zero: simplify control loop lease retry code (#4979) 
zero: simplify lease control loop
 2024-03-01 11:36:08 -05:00
dependabot[bot]
a2bf995642
chore(deps): bump distroless/base-debian12 from 0a93daa to 5eae9ef in /.github (#4970) 
chore(deps): bump distroless/base-debian12 in /.github

Bumps distroless/base-debian12 from `0a93daa` to `5eae9ef`.

---
updated-dependencies:
- dependency-name: distroless/base-debian12
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-01 09:14:33 -07:00
Denis Mishin
61360b7bbf
ci: upgrade to Go 1.22 (#4967) 2024-02-28 14:58:31 -05:00
Kenneth Jenkins
b182ef350e
authorize: log service account user ID (#4964) 
Currently the 'user-id' field of the authorize logs is empty for
requests authenticated via a service account, as there is no associated
User object. Instead, populate this log field directly from the the
sessionOrServiceAccount value, to handle both types of user.
 2024-02-27 14:01:19 -08:00
Denis Mishin
b6c100d880
validate: fix typo (#4963) 2024-02-16 15:49:37 -05:00
Caleb Doxsey
513d8bf615
core/config: implement direct response (#4960) 
* implement direct response

* proto

* fix tests

* update
 2024-02-15 14:33:56 -07:00