3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-21 04:57:18 +02:00
Code Issues Projects Releases Packages Wiki Activity
2604 commits 163 branches 126 tags 104 MiB
Commit graph

2604 commits

This branch
This branch
All branches
Author SHA1 Message Date
Caleb Doxsey
a3be1b7cc5
devices: switch "default" device type to two built-in default device types (#2835) 2021-12-20 10:44:29 -07:00
dependabot[bot]
9408401dbd
chore(deps): bump github.com/rs/zerolog from 1.26.0 to 1.26.1 (#2833) 
Bumps [github.com/rs/zerolog](https://github.com/rs/zerolog) from 1.26.0 to 1.26.1.
- [Release notes](https://github.com/rs/zerolog/releases)
- [Commits](https://github.com/rs/zerolog/compare/v1.26.0...v1.26.1)

---
updated-dependencies:
- dependency-name: github.com/rs/zerolog
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-20 11:45:51 -05:00
dependabot[bot]
c3267c8306
chore(deps): bump google.golang.org/grpc from 1.42.0 to 1.43.0 (#2831) 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.42.0 to 1.43.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.42.0...v1.43.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-20 11:43:59 -05:00
Denis Mishin
5e8fcf8d20
move NewGRPCClientConn to public package (#2826) 2021-12-19 22:10:24 -05:00
cfanbo
8f62b06425
fix: Fixed return description error (#2825) 
* fix: Fixed return description error

* config/options: Adjust the position of TracingJaegerAgentEndpoint option
 2021-12-17 08:57:35 -08:00
Denis Mishin
52920eaf72
add docs for ingress regex path (#2822) 2021-12-16 16:33:24 -05:00
Denis Mishin
9466d7ef53
rm cli code (#2824) 2021-12-15 16:25:21 -05:00
Denis Mishin
41877e166b
fix typo in docs (#2819) 2021-12-13 16:48:51 -05:00
dependabot[bot]
6325d82fe2
chore(deps): bump github.com/docker/docker (#2817) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.11+incompatible to 20.10.12+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/docker/docker/compare/v20.10.11...v20.10.12)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-12-13 10:32:58 -07:00
dependabot[bot]
84409437d9
chore(deps): bump github.com/open-policy-agent/opa from 0.34.2 to 0.35.0 (#2804) 
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.34.2 to 0.35.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.34.2...v0.35.0)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-13 10:29:22 -07:00
dependabot[bot]
c8fb03d718
chore(deps): bump github.com/spf13/viper from 1.9.0 to 1.10.0 (#2816) 
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.9.0...v1.10.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-13 11:44:42 -05:00
Denis Mishin
993da5704b
dev build support for darwin-arm64 from envoy tip (#2815) 2021-12-13 11:37:24 -05:00
Caleb Doxsey
5a858f5d48
config: add internal service URLs (#2801) 
* config: add internal service URLs

* maybe fix integration tests

* add docs

* fix integration tests

* for databroker connect to external name, but listen on internal name

* Update docs/reference/readme.md

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* Update docs/reference/readme.md

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* Update docs/reference/readme.md

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* Update docs/reference/settings.yaml

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* Update docs/reference/settings.yaml

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* Update docs/reference/settings.yaml

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2021-12-10 14:04:37 -05:00
Caleb Doxsey
2d04106e6d
ppl: add support for http_path and http_method (#2813) 
* ppl: add support for http_path and http_method

* fix import ordering
 2021-12-10 07:28:51 -07:00
Travis Groth
54ec88fb93
internal/telemetry: fix grpc server stats (#2811) 2021-12-08 16:13:08 -05:00
Travis Groth
e2e0646f70
Fix IdP client metrics (#2810) 2021-12-08 13:22:53 -05:00
Caleb Doxsey
d0890d399c
envoyconfig: fix tls_downstream_client_ca for non-standard ports (#2802) 2021-12-08 10:48:52 -07:00
Caleb Doxsey
8331db9a26
envoy: treat configuration errors as fatal (#2777) 2021-12-08 10:39:18 -07:00
dependabot[bot]
5be2bf0ac5
chore(deps): bump google.golang.org/api from 0.60.0 to 0.61.0 (#2805) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.60.0 to 0.61.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.60.0...v0.61.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-08 07:25:19 -07:00
dependabot[bot]
e5f94db3e1
chore(deps): bump github.com/shirou/gopsutil/v3 from 3.21.10 to 3.21.11 (#2807) 
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil) from 3.21.10 to 3.21.11.
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](https://github.com/shirou/gopsutil/compare/v3.21.10...v3.21.11)

---
updated-dependencies:
- dependency-name: github.com/shirou/gopsutil/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-08 07:24:49 -07:00
Alex Fornuto
e03f8a00db
add Grafana to Guides index (#2808) 2021-12-07 16:34:50 -06:00
dependabot[bot]
a5d9fcb4de
chore(deps): bump github.com/mitchellh/mapstructure from 1.4.2 to 1.4.3 (#2806) 2021-12-07 09:31:02 -05:00
dependabot[bot]
223b2332db
chore(deps): bump mikefarah/yq from 4.15.1 to 4.16.1 (#2803) 2021-12-07 09:30:16 -05:00
Alex Fornuto
ec22b07a4e
fix indentation (#2798) 2021-12-02 11:31:11 -08:00
Caleb Doxsey
c97dcf7e0f
envoy: add hash policy and routing key for hash-based load balancers (#2791) 
* envoy: add hash policy and routing key for hash-based load balancers

* fix integration test

* fix nginx
 2021-12-01 13:42:12 -07:00
Caleb Doxsey
bd0a5389bf
envoy: add support for bind_config bootstrap options (#2772) 
* envoy: add support for bind_config bootstrap options

* only add upstream bind config options to individual policy clusters

* update docs for new Envoy keys

Co-authored-by: alexfornuto <alex@fornuto.com>
 2021-12-01 13:02:49 -07:00
Travis Groth
1bfdae4e12
docs: update pomerium-cli location (#2790) 2021-12-01 15:00:11 -05:00
dependabot[bot]
cfa1621814
chore(deps): bump mikefarah/yq from 4.14.2 to 4.15.1 (#2783) 2021-12-01 14:55:50 -05:00
Alex Fornuto
e8e0305483
Docs: Update Kubernetes Dashboard Guide (#2759) 
* update dashboard guide...
This new version takes advantage of the RBAC options the Pomerium Helm chart now makes available

* Update docs/guides/kubernetes-dashboard.md

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* edit intro para

* Apply suggestions from code review

Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>

* remvove numbered list of one

* Update docs/guides/kubernetes-dashboard.md

Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>

* typo correction

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>
 2021-11-30 20:16:12 -06:00
Alex Fornuto
715d32259f
Docs: Update Securing Kubernetes Guide (#2758) 
* Update Securing k8s for Ingress Controller (incomplete)

* enable apiProxy

* finish updated draft

* rm outdated cli install method

* Apply suggestions from code review

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* add skip tls verify

also rm errant indentation and break up some long commands

* Update docs/guides/kubernetes.md

Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>

* Update docs/guides/kubernetes.md

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>
 2021-11-30 14:04:17 -06:00
Alex Fornuto
150862b7e6
Document Pomerium Policy Language (#2784) 
* Init PPL doc

* copy edits

* Apply suggestions from code review

Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>

* Apply suggestions from code review

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

* Update docs/docs/topics/ppl.md

* whitespace cleanup

Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
 2021-11-29 17:13:48 -06:00
Alex Fornuto
f016981194
Docs: Update JWT Verification Guide (#2746) 
* WIP update

* init mutual auth topic page

* WIP

* update JWT verification guide

* s/Java/Json/g

* remove Mutual Auth topic page and references

The new page will be reviewed and added as a separate PR

* fix JSON capitalization throughout

* copy edit to jwt-verification.md

Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>
 2021-11-29 15:11:39 -06:00
Caleb Doxsey
a8b76bd623
authorize: support X-Pomerium-Authorization in addition to Authorization (#2780) 
* authorize: support X-Pomerium-Authorization in addition to Authorization

* tangentental correction

Co-authored-by: alexfornuto <alex@fornuto.com>
 2021-11-29 12:19:14 -07:00
Alex Fornuto
88c5eeba45
coy edit to changelog entry (#2786) 2021-11-29 11:31:11 -06:00
dependabot[bot]
0e8d7d2c0c
chore(deps): bump github.com/ory/dockertest/v3 from 3.8.0 to 3.8.1 (#2785) 
Bumps [github.com/ory/dockertest/v3](https://github.com/ory/dockertest) from 3.8.0 to 3.8.1.
- [Release notes](https://github.com/ory/dockertest/releases)
- [Commits](https://github.com/ory/dockertest/compare/v3.8.0...v3.8.1)

---
updated-dependencies:
- dependency-name: github.com/ory/dockertest/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-11-29 09:59:36 -07:00
bobby
1a7c5415e7
identity: only assign access_type uri params to google. (#2782) 
* identity: only assign `access_type` uri params to google.

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

* bump upgrading

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-11-28 19:01:34 -08:00
Alex Fornuto
cce70afe98
remove forward_auth_url from Enterprise (#2779) 2021-11-22 14:54:55 -06:00
dependabot[bot]
258ec9ca06
chore(deps): bump mikefarah/yq from 4.6.3 to 4.14.2 (#2774) 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.6.3 to 4.14.2.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](https://github.com/mikefarah/yq/compare/v4.6.3...v4.14.2)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-11-19 10:16:09 -07:00
dependabot[bot]
e2370afb91
chore(deps): bump coverallsapp/github-action from 1.1.2 to 1.1.3 (#2775) 
Bumps [coverallsapp/github-action](https://github.com/coverallsapp/github-action) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/coverallsapp/github-action/releases)
- [Commits](https://github.com/coverallsapp/github-action/compare/v1.1.2...1.1.3)

---
updated-dependencies:
- dependency-name: coverallsapp/github-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-11-19 10:15:08 -07:00
dependabot[bot]
61c14bf67f
chore(deps): bump github.com/docker/docker (#2776) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.10+incompatible to 20.10.11+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/docker/docker/compare/v20.10.10...v20.10.11)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-11-19 10:14:07 -07:00
Travis Groth
477cb2a9d7
deployment: migrate pomerium-cli automation to new repo (#2771) 2021-11-19 11:13:39 -05:00
Caleb Doxsey
a5034aabae
authenticate: redirect / to /.pomerium/ (#2770) 2021-11-18 08:49:23 -07:00
Caleb Doxsey
d90d4caf1a
config: detect changes to the kubernetes service account token file (#2767) 2021-11-17 08:19:09 -07:00
dependabot[bot]
370d8c53bb
chore(deps): bump github.com/cenkalti/backoff/v4 from 4.1.1 to 4.1.2 (#2768) 
Bumps [github.com/cenkalti/backoff/v4](https://github.com/cenkalti/backoff) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/cenkalti/backoff/releases)
- [Commits](https://github.com/cenkalti/backoff/compare/v4.1.1...v4.1.2)

---
updated-dependencies:
- dependency-name: github.com/cenkalti/backoff/v4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-11-16 15:46:27 -07:00
dependabot[bot]
6403c07a4c
chore(deps): bump github.com/golangci/golangci-lint from 1.42.1 to 1.43.0 (#2756) 
* chore(deps): bump github.com/golangci/golangci-lint

Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint) from 1.42.1 to 1.43.0.
- [Release notes](https://github.com/golangci/golangci-lint/releases)
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/golangci/golangci-lint/compare/v1.42.1...v1.43.0)

---
updated-dependencies:
- dependency-name: github.com/golangci/golangci-lint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* ignore file close errors

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-11-16 15:45:57 -07:00
dependabot[bot]
5eafe1ea63
chore(deps): bump github.com/caddyserver/certmagic from 0.15.1 to 0.15.2 (#2769) 
Bumps [github.com/caddyserver/certmagic](https://github.com/caddyserver/certmagic) from 0.15.1 to 0.15.2.
- [Release notes](https://github.com/caddyserver/certmagic/releases)
- [Commits](https://github.com/caddyserver/certmagic/compare/v0.15.1...v0.15.2)

---
updated-dependencies:
- dependency-name: github.com/caddyserver/certmagic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-11-16 14:58:42 -07:00
dependabot[bot]
519af3bf50
chore(deps): bump gopkg.in/auth0.v5 from 5.21.0 to 5.21.1 (#2763) 
Bumps [gopkg.in/auth0.v5](https://github.com/go-auth0/auth0) from 5.21.0 to 5.21.1.
- [Release notes](https://github.com/go-auth0/auth0/releases)
- [Changelog](https://github.com/go-auth0/auth0/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-auth0/auth0/compare/v5.21.0...v5.21.1)

---
updated-dependencies:
- dependency-name: gopkg.in/auth0.v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-11-16 13:48:34 -07:00
dependabot[bot]
075d338b7b
chore(deps): bump github.com/mholt/acmez from 1.0.0 to 1.0.1 (#2764) 
Bumps [github.com/mholt/acmez](https://github.com/mholt/acmez) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/mholt/acmez/releases)
- [Commits](https://github.com/mholt/acmez/compare/v1.0.0...v1.0.1)

---
updated-dependencies:
- dependency-name: github.com/mholt/acmez
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-11-16 13:37:08 -07:00
dependabot[bot]
ce28959135
chore(deps): bump github.com/open-policy-agent/opa from 0.34.1 to 0.34.2 (#2765) 
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.34.1 to 0.34.2.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.34.1...v0.34.2)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-11-16 13:29:04 -07:00
Caleb Doxsey
ca48052551
tls: fallback to self-signed certificate (#2760) 
* tls: fallback to self-signed certificate

* remove unknown domain because certs are no longer valid

* update multi-deployment to use service-specific certificates
 2021-11-15 14:11:53 -07:00