3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-18 11:37:08 +02:00
Code Issues Projects Releases Packages Wiki Activity
2120 commits 160 branches 126 tags 104 MiB
Commit graph

2120 commits

This branch
This branch
All branches
Author SHA1 Message Date
Alex Fornuto
a95aa7cb77
DOCS: New Guide: Upstream mTLS (#2814) 
* rename mtls.md to be client-side specific

* init upstream mTLS guide

* Apply suggestions from code review

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* clarify assumed config dir

* Apply suggestions from code review

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

* link to before-you-begin anchor

* Update docs/guides/upstream-mtls.md

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
 2021-12-27 18:14:18 -06:00
dependabot[bot]
a4f7bc39a0
chore(deps): bump github.com/google/go-jsonnet from 0.17.0 to 0.18.0 (#2854) 
Bumps [github.com/google/go-jsonnet](https://github.com/google/go-jsonnet) from 0.17.0 to 0.18.0.
- [Release notes](https://github.com/google/go-jsonnet/releases)
- [Changelog](https://github.com/google/go-jsonnet/blob/master/.goreleaser.yml)
- [Commits](https://github.com/google/go-jsonnet/compare/v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: github.com/google/go-jsonnet
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-27 14:27:06 -08:00
dependabot[bot]
c8f954de60
chore(deps): bump mikefarah/yq from 4.16.1 to 4.16.2 (#2853) 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.16.1 to 4.16.2.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](https://github.com/mikefarah/yq/compare/v4.16.1...v4.16.2)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-27 14:26:56 -08:00
dependabot[bot]
09eef79d51
chore(deps): bump github.com/rs/cors from 1.8.0 to 1.8.2 (#2855) 
Bumps [github.com/rs/cors](https://github.com/rs/cors) from 1.8.0 to 1.8.2.
- [Release notes](https://github.com/rs/cors/releases)
- [Commits](https://github.com/rs/cors/compare/v1.8.0...v1.8.2)

---
updated-dependencies:
- dependency-name: github.com/rs/cors
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-27 14:26:43 -08:00
Alex Fornuto
3bd73be534
Update mTLS guide (#2788) 
* version 0.9 is old enough as to not warrant reference

* copy edits and formatting

* Consolidate 'before you begin' and warn that mkcert is for development.

* update and refresh

* add troubleshooting partial

* standardize img path for partial

* Apply suggestions from code review

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* clarify all route mtls config

* remove troubleshooting section

This commit requires that the PR **not** be backported, since the fix that negates this workaround will not be backported.

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2021-12-27 16:23:58 -06:00
Travis Groth
adb0727018
docs: update version menu for v0.16 (#2847) 2021-12-22 18:24:00 -05:00
Travis Groth
45a348de2a
docs: v0.16 release (#2845) 2021-12-22 18:04:43 -05:00
Denis Mishin
c19dd80fe6
more idp metrics (#2842) 2021-12-22 17:30:16 -05:00
Caleb Doxsey
6b949a5c2e
config: allow specifying auto codec type in all-in-one mode (#2846) 
* config: allow specifying auto codec type in all-in-one mode

* fix test

* fix test
 2021-12-22 12:34:58 -07:00
Caleb Doxsey
0ee6a72c02
dashboard: add confirmation dialog, fix button in firefox (#2841) 2021-12-21 14:12:41 -07:00
Alex Fornuto
f48191fe45
DOCS: Create Consolidated Troubleshooting Guide and Replace FAQ (#2797) 
* replace FAQ with troubleshooting

* Apply suggestions from code review

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

* clarify JWT authentication issue

* elevate and clarify HSTS issue

* expand Set Response Header reference section

* Apply suggestions from code review

Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>

* capitalize Pomerium serivice names

* additional capitalization

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>
 2021-12-21 12:33:01 -06:00
Denis Mishin
6b592afd3e
set default codec type to auto/http1 (#2839) 2021-12-21 13:26:07 -05:00
Caleb Doxsey
70e0e866fc
devices: add experimental icon (#2836) 2021-12-20 14:26:03 -07:00
dependabot[bot]
bdbcfe3cda
chore(deps): bump github.com/spf13/viper from 1.10.0 to 1.10.1 (#2832) 
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.10.0 to 1.10.1.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.10.0...v1.10.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-20 11:40:33 -08:00
Caleb Doxsey
838c9e3a3d
dashboard: improve display of device credentials, allow deletion (#2829) 
* dashboard: improve display of device credentials, allow deletion

* fix test
 2021-12-20 12:19:54 -07:00
dependabot[bot]
c064bc8e0e
chore(deps): bump google.golang.org/api from 0.62.0 to 0.63.0 (#2834) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.62.0 to 0.63.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.62.0...v0.63.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-20 14:19:07 -05:00
Caleb Doxsey
a3be1b7cc5
devices: switch "default" device type to two built-in default device types (#2835) 2021-12-20 10:44:29 -07:00
dependabot[bot]
9408401dbd
chore(deps): bump github.com/rs/zerolog from 1.26.0 to 1.26.1 (#2833) 
Bumps [github.com/rs/zerolog](https://github.com/rs/zerolog) from 1.26.0 to 1.26.1.
- [Release notes](https://github.com/rs/zerolog/releases)
- [Commits](https://github.com/rs/zerolog/compare/v1.26.0...v1.26.1)

---
updated-dependencies:
- dependency-name: github.com/rs/zerolog
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-20 11:45:51 -05:00
dependabot[bot]
c3267c8306
chore(deps): bump google.golang.org/grpc from 1.42.0 to 1.43.0 (#2831) 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.42.0 to 1.43.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.42.0...v1.43.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-20 11:43:59 -05:00
Denis Mishin
5e8fcf8d20
move NewGRPCClientConn to public package (#2826) 2021-12-19 22:10:24 -05:00
cfanbo
8f62b06425
fix: Fixed return description error (#2825) 
* fix: Fixed return description error

* config/options: Adjust the position of TracingJaegerAgentEndpoint option
 2021-12-17 08:57:35 -08:00
Denis Mishin
52920eaf72
add docs for ingress regex path (#2822) 2021-12-16 16:33:24 -05:00
Denis Mishin
9466d7ef53
rm cli code (#2824) 2021-12-15 16:25:21 -05:00
Denis Mishin
41877e166b
fix typo in docs (#2819) 2021-12-13 16:48:51 -05:00
dependabot[bot]
6325d82fe2
chore(deps): bump github.com/docker/docker (#2817) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.11+incompatible to 20.10.12+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/docker/docker/compare/v20.10.11...v20.10.12)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-12-13 10:32:58 -07:00
dependabot[bot]
84409437d9
chore(deps): bump github.com/open-policy-agent/opa from 0.34.2 to 0.35.0 (#2804) 
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.34.2 to 0.35.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.34.2...v0.35.0)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-13 10:29:22 -07:00
dependabot[bot]
c8fb03d718
chore(deps): bump github.com/spf13/viper from 1.9.0 to 1.10.0 (#2816) 
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.9.0...v1.10.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-13 11:44:42 -05:00
Denis Mishin
993da5704b
dev build support for darwin-arm64 from envoy tip (#2815) 2021-12-13 11:37:24 -05:00
Caleb Doxsey
5a858f5d48
config: add internal service URLs (#2801) 
* config: add internal service URLs

* maybe fix integration tests

* add docs

* fix integration tests

* for databroker connect to external name, but listen on internal name

* Update docs/reference/readme.md

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* Update docs/reference/readme.md

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* Update docs/reference/readme.md

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* Update docs/reference/settings.yaml

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* Update docs/reference/settings.yaml

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* Update docs/reference/settings.yaml

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2021-12-10 14:04:37 -05:00
Caleb Doxsey
2d04106e6d
ppl: add support for http_path and http_method (#2813) 
* ppl: add support for http_path and http_method

* fix import ordering
 2021-12-10 07:28:51 -07:00
Travis Groth
54ec88fb93
internal/telemetry: fix grpc server stats (#2811) 2021-12-08 16:13:08 -05:00
Travis Groth
e2e0646f70
Fix IdP client metrics (#2810) 2021-12-08 13:22:53 -05:00
Caleb Doxsey
d0890d399c
envoyconfig: fix tls_downstream_client_ca for non-standard ports (#2802) 2021-12-08 10:48:52 -07:00
Caleb Doxsey
8331db9a26
envoy: treat configuration errors as fatal (#2777) 2021-12-08 10:39:18 -07:00
dependabot[bot]
5be2bf0ac5
chore(deps): bump google.golang.org/api from 0.60.0 to 0.61.0 (#2805) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.60.0 to 0.61.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.60.0...v0.61.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-08 07:25:19 -07:00
dependabot[bot]
e5f94db3e1
chore(deps): bump github.com/shirou/gopsutil/v3 from 3.21.10 to 3.21.11 (#2807) 
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil) from 3.21.10 to 3.21.11.
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](https://github.com/shirou/gopsutil/compare/v3.21.10...v3.21.11)

---
updated-dependencies:
- dependency-name: github.com/shirou/gopsutil/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-08 07:24:49 -07:00
Alex Fornuto
e03f8a00db
add Grafana to Guides index (#2808) 2021-12-07 16:34:50 -06:00
dependabot[bot]
a5d9fcb4de
chore(deps): bump github.com/mitchellh/mapstructure from 1.4.2 to 1.4.3 (#2806) 2021-12-07 09:31:02 -05:00
dependabot[bot]
223b2332db
chore(deps): bump mikefarah/yq from 4.15.1 to 4.16.1 (#2803) 2021-12-07 09:30:16 -05:00
Alex Fornuto
ec22b07a4e
fix indentation (#2798) 2021-12-02 11:31:11 -08:00
Caleb Doxsey
c97dcf7e0f
envoy: add hash policy and routing key for hash-based load balancers (#2791) 
* envoy: add hash policy and routing key for hash-based load balancers

* fix integration test

* fix nginx
 2021-12-01 13:42:12 -07:00
Caleb Doxsey
bd0a5389bf
envoy: add support for bind_config bootstrap options (#2772) 
* envoy: add support for bind_config bootstrap options

* only add upstream bind config options to individual policy clusters

* update docs for new Envoy keys

Co-authored-by: alexfornuto <alex@fornuto.com>
 2021-12-01 13:02:49 -07:00
Travis Groth
1bfdae4e12
docs: update pomerium-cli location (#2790) 2021-12-01 15:00:11 -05:00
dependabot[bot]
cfa1621814
chore(deps): bump mikefarah/yq from 4.14.2 to 4.15.1 (#2783) 2021-12-01 14:55:50 -05:00
Alex Fornuto
e8e0305483
Docs: Update Kubernetes Dashboard Guide (#2759) 
* update dashboard guide...
This new version takes advantage of the RBAC options the Pomerium Helm chart now makes available

* Update docs/guides/kubernetes-dashboard.md

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* edit intro para

* Apply suggestions from code review

Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>

* remvove numbered list of one

* Update docs/guides/kubernetes-dashboard.md

Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>

* typo correction

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>
 2021-11-30 20:16:12 -06:00
Alex Fornuto
715d32259f
Docs: Update Securing Kubernetes Guide (#2758) 
* Update Securing k8s for Ingress Controller (incomplete)

* enable apiProxy

* finish updated draft

* rm outdated cli install method

* Apply suggestions from code review

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* add skip tls verify

also rm errant indentation and break up some long commands

* Update docs/guides/kubernetes.md

Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>

* Update docs/guides/kubernetes.md

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>
 2021-11-30 14:04:17 -06:00
Alex Fornuto
150862b7e6
Document Pomerium Policy Language (#2784) 
* Init PPL doc

* copy edits

* Apply suggestions from code review

Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>

* Apply suggestions from code review

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

* Update docs/docs/topics/ppl.md

* whitespace cleanup

Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
 2021-11-29 17:13:48 -06:00
Alex Fornuto
f016981194
Docs: Update JWT Verification Guide (#2746) 
* WIP update

* init mutual auth topic page

* WIP

* update JWT verification guide

* s/Java/Json/g

* remove Mutual Auth topic page and references

The new page will be reviewed and added as a separate PR

* fix JSON capitalization throughout

* copy edit to jwt-verification.md

Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>
 2021-11-29 15:11:39 -06:00
Caleb Doxsey
a8b76bd623
authorize: support X-Pomerium-Authorization in addition to Authorization (#2780) 
* authorize: support X-Pomerium-Authorization in addition to Authorization

* tangentental correction

Co-authored-by: alexfornuto <alex@fornuto.com>
 2021-11-29 12:19:14 -07:00
Alex Fornuto
88c5eeba45
coy edit to changelog entry (#2786) 2021-11-29 11:31:11 -06:00