Denis Mishin
2b1dcf7355
telemetry: add prometheus streaming converter to OTLP ( #5132 )
2024-06-10 15:39:09 -04:00
dependabot[bot]
3fcce1d9ef
chore(deps): bump the go group with 27 updates ( #5122 )
...
* chore(deps): bump the go group with 27 updates
Bumps the go group with 27 updates:
| Package | From | To |
| --- | --- | --- |
| [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go ) | `1.40.0` | `1.41.0` |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2 ) | `1.26.1` | `1.27.0` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2 ) | `1.27.11` | `1.27.16` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2 ) | `1.53.1` | `1.54.3` |
| [github.com/caddyserver/certmagic](https://github.com/caddyserver/certmagic ) | `0.20.0` | `0.21.2` |
| [github.com/docker/docker](https://github.com/docker/docker ) | `26.1.1+incompatible` | `26.1.3+incompatible` |
| [github.com/jackc/pgx/v5](https://github.com/jackc/pgx ) | `5.5.5` | `5.6.0` |
| [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa ) | `0.64.1` | `0.65.0` |
| [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang ) | `1.19.0` | `1.19.1` |
| [github.com/prometheus/procfs](https://github.com/prometheus/procfs ) | `0.14.0` | `0.15.1` |
| [github.com/rs/zerolog](https://github.com/rs/zerolog ) | `1.32.0` | `1.33.0` |
| [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil ) | `3.24.4` | `3.24.5` |
| [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go ) | `1.26.0` | `1.27.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc](https://github.com/open-telemetry/opentelemetry-go ) | `1.26.0` | `1.27.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go ) | `1.26.0` | `1.27.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go ) | `1.26.0` | `1.27.0` |
| [go.opentelemetry.io/otel/metric](https://github.com/open-telemetry/opentelemetry-go ) | `1.26.0` | `1.27.0` |
| [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go ) | `1.26.0` | `1.27.0` |
| [go.opentelemetry.io/otel/sdk/metric](https://github.com/open-telemetry/opentelemetry-go ) | `1.26.0` | `1.27.0` |
| [go.opentelemetry.io/otel/trace](https://github.com/open-telemetry/opentelemetry-go ) | `1.26.0` | `1.27.0` |
| [golang.org/x/crypto](https://github.com/golang/crypto ) | `0.22.0` | `0.23.0` |
| [golang.org/x/net](https://github.com/golang/net ) | `0.24.0` | `0.25.0` |
| [golang.org/x/oauth2](https://github.com/golang/oauth2 ) | `0.19.0` | `0.20.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) | `0.177.0` | `0.178.0` |
| [google.golang.org/genproto/googleapis/rpc](https://github.com/googleapis/go-genproto ) | `0.0.0-20240429193739-8cf5692501f6` | `0.0.0-20240515191416-fc5f0ca64291` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go ) | `1.63.2` | `1.64.0` |
| google.golang.org/protobuf | `1.34.0` | `1.34.1` |
Updates `cloud.google.com/go/storage` from 1.40.0 to 1.41.0
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.40.0...spanner/v1.41.0 )
Updates `github.com/aws/aws-sdk-go-v2` from 1.26.1 to 1.27.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.26.1...v1.27.0 )
Updates `github.com/aws/aws-sdk-go-v2/config` from 1.27.11 to 1.27.16
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.11...config/v1.27.16 )
Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.53.1 to 1.54.3
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.53.1...service/s3/v1.54.3 )
Updates `github.com/caddyserver/certmagic` from 0.20.0 to 0.21.2
- [Release notes](https://github.com/caddyserver/certmagic/releases )
- [Commits](https://github.com/caddyserver/certmagic/compare/v0.20.0...v0.21.2 )
Updates `github.com/docker/docker` from 26.1.1+incompatible to 26.1.3+incompatible
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v26.1.1...v26.1.3 )
Updates `github.com/jackc/pgx/v5` from 5.5.5 to 5.6.0
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md )
- [Commits](https://github.com/jackc/pgx/compare/v5.5.5...v5.6.0 )
Updates `github.com/open-policy-agent/opa` from 0.64.1 to 0.65.0
- [Release notes](https://github.com/open-policy-agent/opa/releases )
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.64.1...v0.65.0 )
Updates `github.com/prometheus/client_golang` from 1.19.0 to 1.19.1
- [Release notes](https://github.com/prometheus/client_golang/releases )
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prometheus/client_golang/compare/v1.19.0...v1.19.1 )
Updates `github.com/prometheus/procfs` from 0.14.0 to 0.15.1
- [Release notes](https://github.com/prometheus/procfs/releases )
- [Commits](https://github.com/prometheus/procfs/compare/v0.14.0...v0.15.1 )
Updates `github.com/rs/zerolog` from 1.32.0 to 1.33.0
- [Commits](https://github.com/rs/zerolog/compare/v1.32.0...v1.33.0 )
Updates `github.com/shirou/gopsutil/v3` from 3.24.4 to 3.24.5
- [Release notes](https://github.com/shirou/gopsutil/releases )
- [Commits](https://github.com/shirou/gopsutil/compare/v3.24.4...v3.24.5 )
Updates `go.opentelemetry.io/otel` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0 )
Updates `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0 )
Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0 )
Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0 )
Updates `go.opentelemetry.io/otel/metric` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0 )
Updates `go.opentelemetry.io/otel/sdk` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0 )
Updates `go.opentelemetry.io/otel/sdk/metric` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0 )
Updates `go.opentelemetry.io/otel/trace` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0 )
Updates `golang.org/x/crypto` from 0.22.0 to 0.23.0
- [Commits](https://github.com/golang/crypto/compare/v0.22.0...v0.23.0 )
Updates `golang.org/x/net` from 0.24.0 to 0.25.0
- [Commits](https://github.com/golang/net/compare/v0.24.0...v0.25.0 )
Updates `golang.org/x/oauth2` from 0.19.0 to 0.20.0
- [Commits](https://github.com/golang/oauth2/compare/v0.19.0...v0.20.0 )
Updates `google.golang.org/api` from 0.177.0 to 0.178.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.177.0...v0.178.0 )
Updates `google.golang.org/genproto/googleapis/rpc` from 0.0.0-20240429193739-8cf5692501f6 to 0.0.0-20240515191416-fc5f0ca64291
- [Commits](https://github.com/googleapis/go-genproto/commits )
Updates `google.golang.org/grpc` from 1.63.2 to 1.64.0
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.63.2...v1.64.0 )
Updates `google.golang.org/protobuf` from 1.34.0 to 1.34.1
---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/config
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/caddyserver/certmagic
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go
- dependency-name: github.com/jackc/pgx/v5
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/open-policy-agent/opa
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/prometheus/client_golang
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go
- dependency-name: github.com/prometheus/procfs
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/rs/zerolog
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/shirou/gopsutil/v3
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go
- dependency-name: go.opentelemetry.io/otel
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: go.opentelemetry.io/otel/metric
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: go.opentelemetry.io/otel/sdk
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: go.opentelemetry.io/otel/sdk/metric
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: go.opentelemetry.io/otel/trace
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: google.golang.org/genproto/googleapis/rpc
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: google.golang.org/protobuf
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go
...
Signed-off-by: dependabot[bot] <support@github.com>
* change acme pkg
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Denis Mishin <dmishin@pomerium.com>
2024-06-03 14:35:29 -04:00
Joe Kralicky
d859e884c0
Add support for using the standard grpc env vars to control log severity and verbosity ( #5120 )
2024-05-31 14:06:38 -04:00
Joe Kralicky
de603f87de
Add new configurable bootstrap writers ( #2405 ) ( #5114 )
...
* Add new configurable bootstrap writers (#2405 )
This PR adds the ability to configure different backends to use for
storing modifications to the zero bootstrap config. The two currently
implemented backends allow writing changes to a file or to a Kubernetes
secret. Backend selection is determined by the scheme in a URI passed to
the flag '--config-writeback-uri'.
In a Kubernetes environment, where the bootstrap config is mounted into
the pod from a secret, this option allows Pomerium to write changes back
to the secret, as writes to the mounted secret file on disk are not
persisted.
* Use env vars for bootstrap config filepath/writeback uri
* linter pass and code cleanup
* Add new config writer options mechanism
This moves the encryption cipher parameter out of the WriteConfig()
method in the ConfigWriter interface and into a new ConfigWriterOptions
struct. Options (e.g. cipher) can be applied to an existing ConfigWriter
to allow customizing implementation-specific behavior.
* Code cleanup/lint fixes
* Move vendored k8s code into separate package, and add license header and package comment
2024-05-31 12:26:17 -04:00
Joe Kralicky
927f24e1ff
Envoy resource monitoring & overload manager configuration ( #5106 )
...
* Initial envoy cgroup resource monitor implementation
* Add cgroupv1 support; add metrics instrumentation
* Slight refactor for more efficient memory limit detection
Instead of reading memory.max/limit_in_bytes on every tick, we
read it once, then again only when it is modified.
To support this change, logic for computing the saturation was moved out
of the cgroup driver and into the resource monitor, and the driver
interface now has separate methods for reading memory usage and limit.
* Code cleanup/lint fixes
* Add platform build tags
* Add unit tests
* Fix lint issues
* Add runtime flag to allow disabling resource monitor
* Clamp saturation values to the range [0.0, 1.0]
* Switch to x/sys/unix; handle inotify IN_IGNORED events
2024-05-28 16:57:09 -04:00
Denis Mishin
8269a723ec
health-checks: zero route availability improvements ( #5111 )
2024-05-17 16:47:27 -04:00
Caleb Doxsey
d225288ab3
core/identity: dynamic authenticator registration ( #5105 )
2024-05-07 16:45:39 -06:00
Denis Mishin
4031f4a962
health-check: building config from databroker source ( #5104 )
2024-05-06 14:47:20 -04:00
Caleb Doxsey
1a5b8b606f
core/lint: upgrade golangci-lint, replace interface{} with any ( #5099 )
...
* core/lint: upgrade golangci-lint, replace interface{} with any
* regen proto
2024-05-02 14:33:52 -06:00
Denis Mishin
614048ae9c
health-checks: add route reachability ( #5093 )
...
* health-checks: add route reachability
* rm tls check bypass
2024-05-02 13:31:48 -04:00
Caleb Doxsey
a95423b310
core/identity: refactor identity manager ( #5091 )
...
* core/identity: add data store for thread-safe storage of sessions and users
* wip
* add test
* wip
* clean up context
* fix nil session error
* add stop message
* remove log
* use origin context
* use base context for manager calls
* use manager context for syncers too
* add runtime flag
* rename legacy lease
* add comment
* use NotSame
* add comment
* Update internal/identity/manager/manager.go
Co-authored-by: Kenneth Jenkins <51246568+kenjenkins@users.noreply.github.com>
* lint
---------
Co-authored-by: Kenneth Jenkins <51246568+kenjenkins@users.noreply.github.com>
2024-05-02 10:27:06 -06:00
Denis Mishin
e30d90206d
log/grpc: use standard logger ( #5096 )
...
* log/grpc: use standard logger
* fix levels and tests
* set default info level in main.go
* fix level check
2024-05-01 15:01:22 -04:00
Caleb Doxsey
99a5dbd65b
core/identity: add enabler ( #5084 )
...
* core/identity: add disabler
* enable by default
* add name
* rename to enabler, use mutex instead of goroutine
* rename method, add comments
2024-04-26 15:05:22 -06:00
Denis Mishin
df67fb7086
connect: add health check ( #5086 )
2024-04-26 11:56:36 -04:00
Caleb Doxsey
5373e25ac4
core/config: add support for stripping the port for matching routes ( #5085 )
...
* core/config: add support for stripping the port for matching routes
* fix test
* rename option, improve port detection
* add more test cases
2024-04-26 08:24:46 -06:00
Denis Mishin
2da4801d3a
zero: add user-agent to requests ( #5078 )
2024-04-19 11:33:43 -04:00
Caleb Doxsey
fab2181be4
core/mock: switch to uber mock ( #5073 )
...
* core/mock: switch to uber mock
* merge main
2024-04-16 12:23:00 -06:00
Denis Mishin
deb6f67094
healthcheck: only report transitions ( #5068 )
2024-04-16 13:15:18 -04:00
Caleb Doxsey
ed378af744
core/zero: lower log level ( #5065 )
2024-04-11 15:31:25 -06:00
Denis Mishin
dc7820ea3e
zero/healthchecks: add checks for ability to save bootstrap parameter and bundle status reporting ( #5064 )
2024-04-11 10:47:52 -04:00
Caleb Doxsey
322e11e60d
core/config: disable gRPC ingress when address is the empty string ( #5058 )
...
* core/config: disable gRPC ingress when address is the empty string
* add test
* typo
2024-04-10 13:53:08 -06:00
Denis Mishin
991fca496c
healthcheck: add common package, zero reporter and first xds check ( #5059 )
2024-04-10 15:21:39 -04:00
Kenneth Jenkins
e8edb465f4
authenticate: apply branding to sign out pages ( #5044 )
...
Add support for the Enterprise branding options to the sign_out and
signed_out page handlers.
2024-04-01 11:32:29 -07:00
Caleb Doxsey
4ac06d3bbd
core/logging: less verbose logs ( #5040 )
2024-03-29 15:26:20 -06:00
Denis Mishin
d20e99ca8c
zero: fix bootstrap config path ( #5035 )
2024-03-21 20:39:52 -04:00
Denis Mishin
4193583301
zero: add service accounts support ( #5031 )
...
* zero: add service accounts support
* quit on terminal errors
2024-03-20 17:03:03 -04:00
Caleb Doxsey
67d1362a90
core/zero: fix ticker usage ( #4969 )
2024-03-06 14:28:21 -07:00
Denis Mishin
d405a53b90
zero: simplify control loop lease retry code ( #4979 )
...
zero: simplify lease control loop
2024-03-01 11:36:08 -05:00
Denis Mishin
b6c100d880
validate: fix typo ( #4963 )
2024-02-16 15:49:37 -05:00
Denis Mishin
2db2bd09a1
connect: add gRPC keep-alive ( #4961 )
2024-02-13 18:26:14 -05:00
Caleb Doxsey
c6d1f17100
core/ui: fix page title ( #4957 )
...
* core/ui: fix page title
* cache template
2024-02-12 14:05:18 -07:00
Denis Mishin
7edd538be7
zero/bootstrap: reset back to inmem databroker if connection string is empty ( #4955 )
2024-02-05 20:15:33 -05:00
Denis Mishin
3ca2f2462d
zero/reconciler: remove unused changeset code ( #4915 )
2024-01-24 19:21:34 -05:00
Caleb Doxsey
4301da3648
core/telemetry: move requestid to pkg directory ( #4911 )
2024-01-19 13:18:16 -07:00
Kenneth Jenkins
c7c2087483
envoy: enable TCP keepalive for internal clusters ( #4902 )
...
In split service mode, and during periods of inactivity, the gRPC
connections to the databroker may fall idle. Some network firewalls may
eventually time out an idle TCP connection and even start dropping
subsequent packets once connection traffic resumes. Combined with Linux
default TCP retransmission settings, this could cause a broken
connection to persist for over 15 minutes.
In an attempt to avoid this scenario, enable TCP keepalive for outbound
gRPC connections, matching the Go standard library default settings for
time & interval: 15 seconds for both. (The probe count does not appear
to be set, so it will remain at the OS default.)
Add a test case exercising the BuildClusters() method with the default
configuration options, comparing the results with a reference "golden"
file in the testdata directory. Also add an '-update' flag to make it
easier to update the reference golden when needed:
go test ./config/envoyconfig -update
2024-01-11 09:12:45 -08:00
Caleb Doxsey
b3cb21e13c
core/autocert: fix flaky test ( #4899 )
...
* core/autocert: fix flaky test
* add comment
2024-01-05 12:31:22 -07:00
Kenneth Jenkins
915c230d8d
authenticateflow: verify redirect in Callback test ( #4894 )
...
Add assertions for the redirect URL in the unit test for the stateful
authentication flow Callback() method. Remove a commented-out line of
debug logging.
2024-01-03 17:18:18 -08:00
Kenneth Jenkins
fb9eb31be9
authenticateflow: change how sessions are deleted ( #4893 )
...
The identity manager expects to be able to read session ID and user ID
from any deleted databroker session records. The session.Delete()
wrapper method is not compatible with this expectation, as it calls
Put() with a record containing an empty session. The stateful
authentication flow currently calls session.Delete() from its
RevokeSession() method.
The result is that the identity manager will not correctly track
sessions deleted by the the stateful authentication flow, and will still
try to use them during session refresh and user info refresh.
Instead, let's change the stateful authentication flow RevokeSession()
method to perform deletions in a way that is compatible with the current
identity manager code. That is, include the existing session data in the
Put() call to delete the revoked session.
2024-01-03 09:48:11 -08:00
Caleb Doxsey
7eb7861f2c
core: fix graceful stop ( #4865 )
...
* core/grpc: fix graceful stop
* core/http: add graceful stop serve
2023-12-29 10:18:08 -07:00
dependabot[bot]
c9df5156d4
chore(deps): bump github.com/aws/aws-sdk-go-v2 from 1.22.2 to 1.24.0 ( #4840 )
...
* chore(deps): bump github.com/aws/aws-sdk-go-v2 from 1.22.2 to 1.24.0
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2 ) from 1.22.2 to 1.24.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.22.2...v1.24.0 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* upgrade all aws deps
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
2023-12-28 08:40:54 -07:00
dependabot[bot]
615c6257e6
chore(deps): bump github.com/spf13/viper from 1.16.0 to 1.18.2 ( #4861 )
...
* chore(deps): bump github.com/spf13/viper from 1.16.0 to 1.18.2
Bumps [github.com/spf13/viper](https://github.com/spf13/viper ) from 1.16.0 to 1.18.2.
- [Release notes](https://github.com/spf13/viper/releases )
- [Commits](https://github.com/spf13/viper/compare/v1.16.0...v1.18.2 )
---
updated-dependencies:
- dependency-name: github.com/spf13/viper
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* fix race
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
2023-12-27 16:16:38 -07:00
Denis Mishin
07d608792f
zero: group funcs that need run within a lease ( #4862 )
2023-12-21 11:41:41 -05:00
Denis Mishin
faa2a8652b
zero/telemetry: add reporter ( #4855 )
2023-12-20 14:53:06 -05:00
Caleb Doxsey
3adbc65d37
core/authenticate: refactor identity authenticators to initiate redirect ( #4858 )
...
* core/authenticate: refactor identity authenticators to initiate redirect, use cookie for redirect url for cognito
* set secure and http only, update test
2023-12-19 12:04:23 -07:00
Caleb Doxsey
d6221c07ce
core/config: remove debug option, always use json logs ( #4857 )
...
* core/config: remove debug option, always use json logs
* go mod tidy
2023-12-15 11:29:05 -07:00
Caleb Doxsey
ddc9d957ba
core/ci: fix linting issues ( #4856 )
2023-12-14 10:47:13 -07:00
Caleb Doxsey
a2fd95aae6
core/ci: update linting ( #4844 )
...
* core/ci: update linting
* re-add exportloopref
* re-add gocheckcompilerdirectives
* re-add stylecheck
* re-add usestdlibvars
* upgrade lint
---------
Co-authored-by: Denis Mishin <dmishin@pomerium.com>
2023-12-14 09:07:54 -08:00
Denis Mishin
b66634d1e6
zero: only leave public packages in pkg/zero ( #4854 )
2023-12-12 14:24:37 -05:00
Kenneth Jenkins
1dbe4410d7
move events.go out of internal/authenticateflow ( #4852 )
...
Commit b7896b3153
2023-12-11 19:42:56 -08:00
Denis Mishin
ea64902a73
zero: merge pomerium/zero-sdk ( #4848 )
2023-12-11 17:31:39 -05:00
