3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-28 18:06:34 +02:00
Code Issues Projects Releases Packages Wiki Activity
2048 commits 159 branches 125 tags 103 MiB
Commit graph

2048 commits

This branch
This branch
All branches
Author SHA1 Message Date
Caleb Doxsey
2824faecbf
frontend: react+mui (#3004) 
* mui v5 wip

* wip

* wip

* wip

* use compressor for all controlplane endpoints

* wip

* wip

* add deps

* fix authenticate URL

* fix test

* fix test

* fix build

* maybe fix build

* fix integration test

* remove image asset test

* add yarn.lock
 2022-02-07 08:47:58 -07:00
Alex Fornuto
64d8748251
document enterprise enrollment option (#2994) 2022-02-04 10:27:27 -06:00
Caleb Doxsey
7757988015
controlplane: add compression middleware (#3000) 2022-02-03 16:33:49 -07:00
Travis Groth
ec03a9ffcb
deployment: add nonroot release docker images (#2997) 2022-02-03 15:54:39 -05:00
Yarden Shoham
3150479f07
Update nginx example with verify port (#2995) 
80->8000
 2022-02-02 15:29:18 -07:00
Alex
62c55df1dc
DOCS: Clarify renaming of claims with underscores (#2971) 
* Clarify renaming of claims with underscores

* copy edits

One to the proposed change, one to existing language

Co-authored-by: alexfornuto <afornuto@pomerium.com>
 2022-02-02 12:27:33 -08:00
Caleb Doxsey
d1c4c55fd9
auth0: support explicit domains in the service account (#2980) 
* auth0: support explicit domains in the service account

* also handle FromOptions
 2022-02-02 08:58:05 -07:00
dependabot[bot]
72dc9413cc
chore(deps): bump google.golang.org/api from 0.65.0 to 0.66.0 (#2986) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.65.0 to 0.66.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.65.0...v0.66.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-01 10:58:23 -07:00
Alex Fornuto
710ce311dd
demo git over TCP tunnel (#2901) 
* demo git over TCP tunnel

* add tip

* Apply suggestions from code review

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2022-02-01 11:50:51 -06:00
dependabot[bot]
39eec902bc
chore(deps): bump github.com/golangci/golangci-lint (#2987) 
Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint) from 1.43.0 to 1.44.0.
- [Release notes](https://github.com/golangci/golangci-lint/releases)
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/golangci/golangci-lint/compare/v1.43.0...v1.44.0)

---
updated-dependencies:
- dependency-name: github.com/golangci/golangci-lint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-01 10:15:00 -07:00
dependabot[bot]
57d82785e3
chore(deps): bump github.com/prometheus/client_golang (#2985) 
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.12.0 to 1.12.1.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.12.0...v1.12.1)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-01 10:14:15 -07:00
dependabot[bot]
876d919d56
chore(deps): bump google.golang.org/grpc from 1.43.0 to 1.44.0 (#2988) 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.43.0 to 1.44.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.43.0...v1.44.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-01 10:13:07 -07:00
dependabot[bot]
3437f46a1c
chore(deps): bump mikefarah/yq from 4.17.2 to 4.18.1 (#2989) 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.17.2 to 4.18.1.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](https://github.com/mikefarah/yq/compare/v4.17.2...v4.18.1)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-01 10:12:40 -07:00
daethnir
af7bb21af5
Fix minor typo in gitlab.md (#2984) 2022-01-31 20:17:31 -08:00
Denis Mishin
ac9e086691
last known metric error (#2974) 2022-01-31 12:35:51 -05:00
bobby
8b755a36b3
Update enterprise changelog for v0.16.0 (#2977) 
* Update enterprise changelog for v0.16.0

* fmt

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

* Update upgrading.md

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2022-01-28 15:23:22 -08:00
Caleb Doxsey
64ee7eca5c
directory: save IDP errors to databroker, put event handling in dedicated package (#2957) 2022-01-28 15:15:32 -07:00
Caleb Doxsey
2f328e7de0
authenticate: fix expiring user info endpoint (#2976) 
* authenticate: fix expiring user info endpoint

* add test
 2022-01-27 16:10:47 -07:00
Caleb Doxsey
fbdbe9c86f
config: fix TLS config when address and grpc_address are the same (#2975) 2022-01-27 09:18:07 -07:00
Alex Fornuto
7fbf0e522c
Docs: Rewrite Istio Guide for Ingress Controller (#2943) 
* istio rewrite, 90%

* complete istio rewrite

* Apply suggestions from code review

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* fix indentation

* precommit

* Apply suggestions from code review

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* add & fix glossary links

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2022-01-26 14:35:56 -06:00
Alex Fornuto
d1b9b29c85
DOCS: New page: Glossary (#2897) 
* first draft of glossary

* Apply suggestions from code review

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

* add crosslinks and external references

* Apply suggestions from code review

Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>

* adjust id-aware proxy link

* rm hyphen

* replace id-aware with context-aware proxy

* update keywords

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>
 2022-01-25 16:41:48 -06:00
Caleb Doxsey
ace5bbb89a
config: fix policy matching for regular expressions (#2966) 
* config: fix policy matching for regular expressions

* compile regex in validate, add test

* fix test
 2022-01-25 08:48:40 -07:00
Travis Groth
8e8c9c2f16
deployment: enable goreleaser buildx (#2968) 2022-01-25 10:21:43 -05:00
dependabot[bot]
bf287bf4c1
chore(deps): bump github.com/google/go-cmp from 0.5.6 to 0.5.7 (#2962) 
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.6 to 0.5.7.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](https://github.com/google/go-cmp/compare/v0.5.6...v0.5.7)

---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-24 20:19:41 -05:00
cfanbo
e83c7f971b
fix: frontend html tag mismatch (#2954) 2022-01-24 20:18:35 -05:00
Alex Fornuto
eead7cf620
clarify base path for idp_provider_url (#2956) 2022-01-24 13:01:57 -05:00
Alex Fornuto
b35c9d3048
copy refresh (#2933) 2022-01-24 12:47:50 -05:00
dependabot[bot]
5ba95c41a4
chore(deps): bump mikefarah/yq from 4.16.2 to 4.17.2 (#2963) 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.16.2 to 4.17.2.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](https://github.com/mikefarah/yq/compare/v4.16.2...v4.17.2)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-24 09:15:46 -07:00
dependabot[bot]
24ea711162
chore(deps): bump github.com/prometheus/client_golang (#2961) 
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.11.0...v1.12.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-24 09:13:44 -07:00
bobby
20902a715e
Update security.md (#2959) 
Unfortunately, it looks like all the low-effort security reports we get are coming from this list. Many times, the "researcher" is actually reporting a vulnerability on their own machine (foo.localhost.pomerium.io). 

https://github.com/sushiwushi/bug-bounty-dorks/blob/master/dorks.txt#L70
 2022-01-23 17:26:09 -08:00
Travis Groth
9c606db1ef
deployment: remove DST cert workaround from debug image (#2958) 2022-01-21 17:09:42 -05:00
Caleb Doxsey
ed6c3e5087
google: support groups for users outside of the organization (#2950) 
* google: support groups for users outside of the organization

* wrap error
 2022-01-21 09:36:32 -07:00
Caleb Doxsey
9f4fc986ee
devices: shrink credentials by removing unnecessary data (#2951) 2022-01-21 09:32:33 -07:00
Sylvain Rabot
6574926c42
Remove spurious </ul> tags (#2946) 
Signed-off-by: Sylvain Rabot <sylvain@abstraction.fr>
 2022-01-20 10:01:44 -07:00
dependabot[bot]
6da57c4499
chore(deps): bump github.com/open-policy-agent/opa from 0.36.0 to 0.36.1 (#2939) 
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.36.0 to 0.36.1.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.36.0...v0.36.1)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-20 10:01:00 -07:00
Caleb Doxsey
95d6d97143
authenticate: support webauthn redirects to non-pomerium domains (#2936) 
* authenticate: support webauthn redirects to non-pomerium domains

* add test

* remove dead code
 2022-01-19 15:10:57 -07:00
Denis Mishin
6b26f58e4f
return explicit error when directory sync is disabled (#2949) 2022-01-19 17:02:49 -05:00
Alex Fornuto
5bf912cf55
add More Resources section (#2947) 2022-01-19 07:13:02 -08:00
Alex Fornuto
fa8e68260b
Update cache to databroker (#2932) 2022-01-18 13:03:41 -06:00
dependabot[bot]
4040a12798
chore(deps): bump github.com/openzipkin/zipkin-go from 0.3.0 to 0.4.0 (#2942) 
Bumps [github.com/openzipkin/zipkin-go](https://github.com/openzipkin/zipkin-go) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/openzipkin/zipkin-go/releases)
- [Commits](https://github.com/openzipkin/zipkin-go/compare/v0.3.0...v0.4.0)

---
updated-dependencies:
- dependency-name: github.com/openzipkin/zipkin-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-18 09:46:33 -07:00
dependabot[bot]
746b278eca
chore(deps): bump github.com/envoyproxy/protoc-gen-validate (#2940) 
Bumps [github.com/envoyproxy/protoc-gen-validate](https://github.com/envoyproxy/protoc-gen-validate) from 0.6.2 to 0.6.3.
- [Release notes](https://github.com/envoyproxy/protoc-gen-validate/releases)
- [Commits](https://github.com/envoyproxy/protoc-gen-validate/compare/v0.6.2...v0.6.3)

---
updated-dependencies:
- dependency-name: github.com/envoyproxy/protoc-gen-validate
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-17 11:32:42 -05:00
dependabot[bot]
2b2d65086c
chore(deps): bump google.golang.org/api from 0.64.0 to 0.65.0 (#2941) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.64.0 to 0.65.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.64.0...v0.65.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-17 11:32:05 -05:00
dependabot[bot]
9916db2ed7
chore(deps): bump github.com/open-policy-agent/opa from 0.35.0 to 0.36.0 (#2911) 
* chore(deps): bump github.com/open-policy-agent/opa from 0.35.0 to 0.36.0

Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.35.0 to 0.36.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.35.0...v0.36.0)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix tests

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2022-01-14 12:13:33 -07:00
Caleb Doxsey
8d882ce9c9
webauthn: use absolute URL for delete redirect (#2935) 
* authenticate: add callback endpoint

* webauthn: use absolute URL for delete redirect
 2022-01-14 10:23:27 -07:00
Caleb Doxsey
b019b61ccb
authenticate: add callback endpoint (#2931) 2022-01-14 10:22:46 -07:00
Caleb Doxsey
4583ecc730
devices: treat undefined device types as any (#2927) 2022-01-12 11:04:35 -07:00
Travis Groth
73dd6b93c2
deployment: fix distroless base arch (#2925) 2022-01-12 12:51:47 -05:00
Denis Mishin
1b80aa6c52
document service_proxy_upstream ingress annotation (#2915) 2022-01-12 10:15:55 -06:00
Caleb Doxsey
5b9a981191
handle device states in deny block, fix default device type (#2919) 
* handle device states in deny block, fix default device type

* fix tests
 2022-01-11 11:56:54 -07:00
Alex Fornuto
64d50613af
DOCS: keyword tag updates (#2922) 
* replace "zero-trust" with "zero trust"

* fix and update all keyword tags
 2022-01-11 12:36:47 -06:00