pomerium

mirror of https://github.com/pomerium/pomerium.git synced 2025-05-24 06:27:17 +02:00

Author	SHA1	Message	Date
Caleb Doxsey	5d60cff21e	databroker: refactor databroker to sync all changes (#1879 ) * refactor backend, implement encrypted store * refactor in-memory store * wip * wip * wip * add syncer test * fix redis expiry * fix linting issues * fix test by skipping non-config records * fix backoff import * fix init issues * fix query * wait for initial sync before starting directory sync * add type to SyncLatest * add more log messages, fix deadlock in in-memory store, always return server version from SyncLatest * update sync types and tests * add redis tests * skip macos in github actions * add comments to proto * split getBackend into separate methods * handle errors in initVersion * return different error for not found vs other errors in get * use exponential backoff for redis transaction retry * rename raw to result * use context instead of close channel * store type urls as constants in databroker * use timestampb instead of ptypes * fix group merging not waiting * change locked names * update GetAll to return latest record version * add method to grpcutil to get the type url for a protobuf type	2021-02-18 15:24:33 -07:00
Caleb Doxsey	b1871b0f2e	envoy: validate binary checksum (#1908 ) * envoy: validate binary checksum * address comments * change to info * fix order	2021-02-18 15:22:46 -07:00
Travis Groth	cc5335bd7f	docs: add v0.13 to docs site menu (#1913 )	2021-02-18 17:00:22 -05:00
wasaga	c02223a8f0	fix flaky registry test (#1911 )	2021-02-17 20:17:42 -05:00
bobby	b1baa5ac6d	docs: update changelog for v0.13.0 (#1909 ) Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>	2021-02-17 16:08:29 -08:00
Caleb Doxsey	1a1cc30c67	config: support map of jwt claim headers (#1906 ) * config: support map of jwt claim headers * fix array handling, add test * update docs * use separate hook, add tests	2021-02-17 13:43:18 -07:00
wasaga	d04416a5fd	in-memory service registry (#1892 )	2021-02-17 14:28:54 -05:00
Travis Groth	ee28f008b5	docs: add load balancing weight documentation (#1883 )	2021-02-17 09:36:47 -08:00
Travis Groth	5dac6ec671	docs: misc upgrade notes and changelog (#1884 )	2021-02-17 12:23:38 -05:00
Travis Groth	20be9288ba	ci: pin goreleaser ahead of go 1.16 (#1900 )	2021-02-17 11:55:09 -05:00
bobby	97d561865a	docs: update security policy (#1897 ) Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>	2021-02-17 08:52:50 -08:00
Caleb Doxsey	64d247cfeb	onelogin: fix default scopes for v2 (#1896 )	2021-02-17 08:51:13 -07:00
Caleb Doxsey	5be71b8e07	xds: fix misdirected script (#1895 )	2021-02-16 14:57:21 -07:00
Yuchen Ying	51be8ffd76	remove unused internal/protoutil (#1893 )	2021-02-16 13:54:38 -08:00
Caleb Doxsey	eb08658cfc	logs: strip query string (#1894 )	2021-02-16 14:23:52 -07:00
Renovate Bot	e9792bdca6	chore(deps): update vuepress monorepo to v1.8.1	2021-02-15 10:53:16 +00:00
Renovate Bot	da3ea6db72	chore(deps): update module spf13/cobra to v1.1.3	2021-02-15 09:11:47 +00:00
Renovate Bot	bf95a08466	chore(deps): update module google.golang.org/api to v0.40.0	2021-02-15 07:21:33 +00:00
Renovate Bot	7a4c2cd108	chore(deps): update mikefarah/yq action to v4.5.1	2021-02-15 05:32:05 +00:00
Renovate Bot	619cb4bede	chore(deps): update google.golang.org/genproto commit hash to e7f2df4	2021-02-15 04:32:25 +00:00
Renovate Bot	8da6b6615d	chore(deps): update golang.org/x/oauth2 commit hash to 6667018	2021-02-15 03:47:33 +00:00
Travis Groth	07d9074796	docs: additional load balancing documentation (#1875 )	2021-02-12 10:29:01 -05:00
bobby	c3e3ed9b50	authenticate: validate origin of signout (#1876 ) * authenticate: validate origin of signout - add a debug task to kill envoy - improve various function docs - userinfo: return "error" page if user is logged out without redirect uri set - remove front channel logout. There's little difference between it, and the signout function. Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>	2021-02-11 21:37:54 -08:00
Travis Groth	9fd58f9b8a	config: add CertificateFiles to FileWatcherSource list (#1878 )	2021-02-11 17:58:58 -05:00
Caleb Doxsey	963399b53d	proxy: implement pass-through for authenticate backend (#1870 ) * proxy: implement pass-through for authenticate backend * address comments	2021-02-09 14:03:54 -07:00
Caleb Doxsey	4bf5179bb6	controlplane: maybe fix flaky test (#1873 )	2021-02-09 13:52:20 -07:00
Caleb Doxsey	9f6dc78798	config: allow customization of envoy boostrap admin options (#1872 )	2021-02-09 11:29:58 -07:00
Caleb Doxsey	b5d52ceb3d	redis: fix deletion versioning (#1871 )	2021-02-08 16:12:13 -07:00
bobby	a38913925d	controlplane: add global headers to virtualhost (#1861 ) Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>	2021-02-08 12:30:45 -08:00
bobby	fcd8c3644f	options: header only applies to routes and authN (#1862 ) Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>	2021-02-08 11:05:33 -08:00
wasaga	7b06d37913	unique envoy cluster ids (#1858 )	2021-02-08 13:52:09 -05:00
Caleb Doxsey	7d236ca1af	authorize: move headers and jwt signing to rego (#1856 ) * wip * wip * wip * remove SignedJWT field * set google_cloud_serverless_authentication_service_account * update jwt claim headers * add mock get_google_cloud_serverless_headers for opa test * swap issuer and audience * add comment * change default port in authz	2021-02-08 10:53:21 -07:00
renovate[bot]	2dc0be2ec9	chore(deps): update module auth0 to v5 (#1868 ) * chore(deps): update module auth0 to v5 * fix v4->v5 Co-authored-by: Renovate Bot <bot@renovateapp.com> Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>	2021-02-08 08:50:15 -07:00
renovate[bot]	970662f85f	chore(deps): update module go-redis/redis/v8 to v8.5.0 (#1866 ) Co-authored-by: Renovate Bot <bot@renovateapp.com>	2021-02-08 07:51:43 -07:00
Renovate Bot	7abd8a85cc	chore(deps): update mikefarah/yq action to v4.5.0	2021-02-08 12:51:14 +00:00
Renovate Bot	9fb577fcdc	chore(deps): update module google.golang.org/api to v0.39.0	2021-02-08 05:36:45 +00:00
Renovate Bot	e314b2bf37	chore(deps): update google.golang.org/genproto commit hash to bba0dbe	2021-02-08 03:37:05 +00:00
Renovate Bot	91b43b1404	chore(deps): update golang.org/x/oauth2 commit hash to 0101308	2021-02-08 02:24:51 +00:00
Travis Groth	912fb3532d	remove generated code from code coverage metrics (#1857 )	2021-02-05 16:12:22 -05:00
Travis Groth	b9faff7b89	ci: enable backporting from forks (#1854 )	2021-02-04 20:15:01 -05:00
Caleb Doxsey	25b697a13d	authorize: allow access by user id (#1850 )	2021-02-03 07:15:44 -07:00
Caleb Doxsey	7a5c4fd0f6	authorize: handle null (#1853 )	2021-02-02 17:29:21 -08:00
Caleb Doxsey	899076a06a	fix data race (#1851 )	2021-02-02 16:19:33 -07:00
Caleb Doxsey	74ac23c980	authorize: remove DataBrokerData input (#1847 ) * authorize: remove DataBrokerData * add opa test * domain, group tests * more tests * remove databroker data input * update authz tests * update dead code * fix method name * handle / in keys	2021-02-02 14:27:35 -07:00
Travis Groth	14a637570f	deployment: set maintainer field in packages (#1848 )	2021-02-02 16:21:15 -05:00
Caleb Doxsey	eed873b263	authorize: remove DataBrokerData (#1846 ) * authorize: remove DataBrokerData * fix method name	2021-02-02 11:40:21 -07:00
Brad Jones	2f3c73baf3	Update GitLab provider docs (#1591 ) * Update GitLab provider docs Updates GitLab provider docs to reference self-hosted GitLab and provide additional clarity on required scopes. * precommit fix Co-authored-by: Bobby DeSimone <bobbydesimone@gmail.com>	2021-02-01 15:48:06 -08:00
Caleb Doxsey	655951cfa1	opa: format rego files (#1845 ) * opa: format rego files * statik	2021-02-01 15:43:08 -07:00
Caleb Doxsey	b7f0242090	authorize: remove admin (#1833 ) * authorize: remove admin * regen rego * add note to upgrading	2021-02-01 15:22:02 -07:00
Caleb Doxsey	a5a3ab55fc	xds: fix always requiring client certificates (#1844 ) * xds: fix always requiring client certificates * break early	2021-02-01 12:44:22 -07:00

... 14 15 16 17 18 ...

2120 commits