wasaga
51ab7e6226
telemetry: add nonce and make explicit ack/nack ( #2434 )
2021-08-04 21:08:55 -04:00
wasaga
204aa30b6e
telemetry: try guess hostname or external IP addr for metrics ( #2412 )
2021-08-03 18:10:14 -04:00
Caleb Doxsey
1a95036b8c
sessions: add impersonate_session_id, remove legacy impersonation ( #2407 )
...
* sessions: add impersonate_session_id, remove legacy impersonation
* show impersonated user details
* fix headers
* address feedback
* only check impersonate id on non-nil pbSession
* Revert "only check impersonate id on non-nil pbSession"
This reverts commit a6f7ca5abd
2021-07-30 08:42:36 -06:00
Caleb Doxsey
0620cfdc50
config: add support for embedded PPL policy ( #2401 )
2021-07-27 13:44:10 -06:00
Caleb Doxsey
8f7357b333
google: remove WithHTTPClient ( #2391 )
2021-07-23 15:36:56 -06:00
Caleb Doxsey
ac8ae3ef5b
directory: add logging http client to help with debugging outbound http requests ( #2385 )
2021-07-22 11:58:52 -06:00
Caleb Doxsey
8a74fae2e7
urlutil: improve error message for urls with port in path ( #2377 )
2021-07-20 11:08:50 -06:00
Caleb Doxsey
fbf44261c1
telemetry: support b3 headers on gRPC server calls ( #2376 )
2021-07-20 05:36:58 -06:00
Caleb Doxsey
1123de07a6
envoy: only allow embedding ( #2368 )
2021-07-19 08:32:48 -06:00
Caleb Doxsey
2a5dcc2848
ci: use revive instead of golint ( #2370 )
2021-07-16 10:26:47 -06:00
Caleb Doxsey
d45a7e9996
databroker: tests ( #2367 )
...
* databroker: tests
* fix lint
2021-07-16 10:26:29 -06:00
Caleb Doxsey
4c64daa8c2
envoy: only check for pid with monitor ( #2355 )
2021-07-13 09:58:37 -06:00
Taylor
93e735831f
authclient - use proxy from environment ( #2316 )
2021-07-08 08:16:15 -07:00
Caleb Doxsey
cb09aa4199
envoyconfig: add bootstrap layered runtime configuration ( #2343 )
2021-07-07 15:18:02 -06:00
Caleb Doxsey
163e53823c
registry/redis: call publish from within lua function ( #2337 )
2021-07-07 07:28:02 -06:00
wasaga
134ca74ec9
proxy: add idle timeout ( #2319 )
2021-07-02 10:29:53 -04:00
Travis Groth
2ceaae8e54
internal/envoy: add debugging information if envoy is no longer running ( #2320 )
2021-06-30 11:18:43 -07:00
wasaga
41a2622736
certs: reject certs from databroker if they conflict with local ( #2309 )
2021-06-24 18:40:59 -04:00
Caleb Doxsey
b1d7a126ab
directory/azure: add paging support to user group members call ( #2311 )
2021-06-24 08:52:41 -06:00
Caleb Doxsey
fcb33966e2
config: add enable_google_cloud_serverless_authentication to config protobuf ( #2306 )
...
* config: add enable_google_cloud_serverless_authentication to config protobuf
* use dependency injection for embedded envoy provider
* Revert "use dependency injection for embedded envoy provider"
This reverts commit 5c08990501
2021-06-21 18:00:29 -06:00
Caleb Doxsey
9bce8314ba
envoy: refactor envoy embedding ( #2296 )
...
* envoy: add full version
* remove unused import
* envoy: refactor envoy embedding
* fix lint
* commit ignored files
* maybe fix test
2021-06-15 08:18:30 -06:00
Caleb Doxsey
31fa214983
envoy: add full version ( #2287 )
...
* envoy: add full version
* remove unused import
* get envoy for lint
2021-06-14 13:58:12 -06:00
dependabot[bot]
5dd68f5ff0
chore(deps): bump github.com/caddyserver/certmagic from 0.13.1 to 0.14.0 ( #2291 )
...
* chore(deps): bump github.com/caddyserver/certmagic from 0.13.1 to 0.14.0
Bumps [github.com/caddyserver/certmagic](https://github.com/caddyserver/certmagic ) from 0.13.1 to 0.14.0.
- [Release notes](https://github.com/caddyserver/certmagic/releases )
- [Commits](https://github.com/caddyserver/certmagic/compare/v0.13.1...v0.14.0 )
---
updated-dependencies:
- dependency-name: github.com/caddyserver/certmagic
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* update Obtain and Renew cert to new signatures
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Denis Mishin <dmishin@pomerium.com>
2021-06-14 11:48:05 -04:00
wasaga
b372ab4bcc
ocsp: reload on ocsp response changes ( #2286 )
2021-06-11 15:58:01 -04:00
Caleb Doxsey
f9675f61cc
deps: upgrade to go-jose v3 ( #2284 )
2021-06-10 09:35:44 -06:00
wasaga
744e2c7993
xds: only tag contexts used for UpdateRecords ( #2269 )
2021-06-04 14:01:25 -04:00
Caleb Doxsey
4af12c4bbb
xds: retry storing configuration events ( #2266 )
2021-06-03 13:03:55 -06:00
Caleb Doxsey
c3286aa355
envoyconfig: use zipkin tracer ( #2265 )
2021-06-03 09:28:00 -06:00
Caleb Doxsey
513859665a
tracing: support dynamic reloading, more aggressive envoy restart ( #2262 )
...
* tracing: support dynamic reloading, more aggressive envoy restart
* set exporter to nil
* actually register tracer
2021-06-02 09:58:07 -06:00
Caleb Doxsey
7f05133e3b
envoy: disable hot-reload for macos ( #2259 )
...
* envoy: disable hotload for macos
* lint
* envoy: ignore error when retrieving process status
2021-06-01 13:35:55 -06:00
wasaga
12c8bb2da4
authorize: preserve original context ( #2247 )
2021-06-01 11:10:35 -04:00
Caleb Doxsey
1eea197859
darwin: use x86 envoy build for arm64 ( #2246 )
...
* darwin: use x86 envoy build for arm64
* allow arm64 build for darwin
2021-05-28 15:59:09 -07:00
wasaga
db00821001
auth: do not strip query parameters in forward auth ( #2216 )
2021-05-28 17:19:18 -04:00
Caleb Doxsey
d538f1d104
darwin: use gopsutil v3 to fix arm issue ( #2245 )
...
* darwin: use gopsutil v3 to fix arm issue
* remove getenvoy
2021-05-28 12:20:46 -06:00
Caleb Doxsey
ef62d9bb31
envoy: exit if envoy exits ( #2240 )
2021-05-27 15:11:12 -06:00
dependabot[bot]
acdcdff2a7
chore(deps): bump github.com/go-redis/redis/v8 from 8.8.2 to 8.8.3 ( #2232 )
...
* chore(deps): bump github.com/go-redis/redis/v8 from 8.8.2 to 8.8.3
Bumps [github.com/go-redis/redis/v8](https://github.com/go-redis/redis ) from 8.8.2 to 8.8.3.
- [Release notes](https://github.com/go-redis/redis/releases )
- [Changelog](https://github.com/go-redis/redis/blob/master/CHANGELOG.md )
- [Commits](https://github.com/go-redis/redis/compare/v8.8.2...v8.8.3 )
Signed-off-by: dependabot[bot] <support@github.com>
* remove unused field
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
2021-05-24 08:17:41 -06:00
bobby
51655a5502
Revert "authenticate,proxy: add same site lax to cookies ( #2159 )" ( #2203 )
...
This reverts commit d9cc26a2e0
2021-05-14 15:36:05 -07:00
wasaga
c71f7dca5b
authorize: grpc health check ( #2200 )
2021-05-13 15:00:10 -04:00
wasaga
1ac93c2d3a
telemetry: add hostname tag to metrics ( #2191 )
2021-05-11 17:58:02 -04:00
Caleb Doxsey
94aa0b1a48
databroker: implement leases ( #2172 )
...
* databroker: implement leases
* return error
* handle gRPC errors
2021-05-10 13:30:25 -06:00
Caleb Doxsey
a54d43b937
registry: implement redis backend ( #2179 )
2021-05-10 10:33:37 -06:00
wasaga
cbaf33032d
report instance hostname ( #2175 )
2021-05-04 15:46:21 -06:00
Caleb Doxsey
aeece76928
databroker: store issued at timestamp with session ( #2173 )
2021-05-04 10:09:14 -06:00
wasaga
129df47f9c
xds extended event ( #2158 )
2021-05-03 12:28:11 -04:00
Caleb Doxsey
b5b1013947
config: add client_crl ( #2157 )
...
* config: add client_crl
* address comments
* add ignored file
2021-04-30 14:36:32 -06:00
Travis Groth
dae1836dff
internal/envoy: always extract envoy ( #2160 )
2021-04-30 15:30:40 -04:00
Caleb Doxsey
d9cc26a2e0
authenticate,proxy: add same site lax to cookies ( #2159 )
2021-04-30 10:24:47 -06:00
Caleb Doxsey
0adbf4f24c
controlplane: save configuration events to databroker ( #2153 )
...
* envoy: save events to databroker
* controlplane: add tests for envoy configuration events
* format imports
2021-04-29 15:51:46 -06:00
bobby
9215833a0b
control plane: add request id to all error pages ( #2149 )
...
* controlplane: add request id to all error pages
- use a single http error handler for both envoy and go control plane
- add http lib style status text for our custom statuses.
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
2021-04-28 15:04:44 -07:00
Caleb Doxsey
91c7dc742f
databroker: store server version in backend ( #2142 )
2021-04-28 09:12:52 -06:00
