3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-07 14:26:01 +02:00
Code Issues Projects Releases Packages Wiki Activity
2640 commits 159 branches 125 tags 104 MiB
Commit graph

2640 commits

This branch
This branch
All branches
Author SHA1 Message Date
wasaga
129df47f9c
xds extended event (#2158) 2021-05-03 12:28:11 -04:00
dependabot[bot]
b6984d4322
chore(deps): bump github.com/open-policy-agent/opa from 0.27.1 to 0.28.0 (#2165) 
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.27.1 to 0.28.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.27.1...v0.28.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 10:19:25 -06:00
dependabot[bot]
6219b8f683
chore(deps): bump github.com/envoyproxy/protoc-gen-validate (#2166) 
Bumps [github.com/envoyproxy/protoc-gen-validate](https://github.com/envoyproxy/protoc-gen-validate) from 0.6.0 to 0.6.1.
- [Release notes](https://github.com/envoyproxy/protoc-gen-validate/releases)
- [Commits](https://github.com/envoyproxy/protoc-gen-validate/compare/v0.6.0...v0.6.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 10:19:04 -06:00
dependabot[bot]
5072cf0321
chore(deps): bump github.com/prometheus/common from 0.21.0 to 0.23.0 (#2167) 
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.21.0 to 0.23.0.
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](https://github.com/prometheus/common/compare/v0.21.0...v0.23.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 10:18:47 -06:00
dependabot[bot]
f6658103f7
chore(deps): bump github.com/ory/dockertest/v3 from 3.6.3 to 3.6.5 (#2168) 
Bumps [github.com/ory/dockertest/v3](https://github.com/ory/dockertest) from 3.6.3 to 3.6.5.
- [Release notes](https://github.com/ory/dockertest/releases)
- [Commits](https://github.com/ory/dockertest/compare/v3.6.3...v3.6.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 10:18:23 -06:00
bobby
0e789aad6d
docs: add inline instructions to generate signing-key (#2164) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-05-03 09:06:40 -07:00
Caleb Doxsey
67592f2469
docs: add info note to set_response_headers (#2162) 
* docs: add info note to set_response_headers

* use tip
 2021-04-30 16:13:15 -06:00
Caleb Doxsey
b5b1013947
config: add client_crl (#2157) 
* config: add client_crl

* address comments

* add ignored file
 2021-04-30 14:36:32 -06:00
Travis Groth
a43d666d56
ci: remove codecov (#2161) 2021-04-30 12:37:40 -07:00
Travis Groth
dae1836dff
internal/envoy: always extract envoy (#2160) 2021-04-30 15:30:40 -04:00
Caleb Doxsey
d9cc26a2e0
authenticate,proxy: add same site lax to cookies (#2159) 2021-04-30 10:24:47 -06:00
Caleb Doxsey
699ebf061a
config: add support for codec_type (#2156) 
* config: add support for codec_type

* add comma

* fix warning block

* fix docs
 2021-04-30 07:21:40 -06:00
Caleb Doxsey
0adbf4f24c
controlplane: save configuration events to databroker (#2153) 
* envoy: save events to databroker

* controlplane: add tests for envoy configuration events

* format imports
 2021-04-29 15:51:46 -06:00
Travis Groth
d32b8a4d8a
docs: mention alternative bearer token header format (#2155) 2021-04-29 15:38:58 -04:00
Travis Groth
16c106441c
deployment: update alpine debug image dependencies (#2154) 2021-04-29 08:45:03 -06:00
Caleb Doxsey
c85c8b0778
authorize: refactor store locking (#2151) 
* authorize: refactor store locking

* fix nil reference panic
 2021-04-29 08:37:27 -06:00
bobby
9215833a0b
control plane: add request id to all error pages (#2149) 
* controlplane: add request id to all error pages

- use a single http error handler for both envoy and go control plane
- add http lib style status text for our custom statuses.

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-04-28 15:04:44 -07:00
Caleb Doxsey
91c7dc742f
databroker: store server version in backend (#2142) 2021-04-28 09:12:52 -06:00
wasaga
1b698053f6
let pass custom grpc dial opts (#2144) 2021-04-27 18:26:27 -04:00
bobby
7973ab43fe
authorize: audit log had duplicate "message" key (#2141) 
* authorize: audit log had duplicate "message" key

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-04-27 15:26:16 -06:00
Travis Groth
843c4b6fee
docs: upgrade notes on allowed_users by ID (#2133) 2021-04-27 07:37:01 -04:00
Caleb Doxsey
636b3d6846
databroker: add options for maximum capacity (#2095) 
* databroker: add options

* implement redis

* add trace for enforce options
 2021-04-26 17:14:54 -06:00
Caleb Doxsey
b3216ae854
httputil: fix SPDY support with reverse proxy (#2134) 2021-04-26 14:45:07 -06:00
wasaga
9d0baad136
use cached envoy (#2132) 2021-04-26 15:58:46 -04:00
dependabot[bot]
5767443836
chore(deps): bump google.golang.org/api from 0.44.0 to 0.45.0 (#2128) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.44.0 to 0.45.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.44.0...v0.45.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-26 07:53:09 -06:00
Caleb Doxsey
008bda99e2
envoyconfig: fix metrics ingress listener name (#2124) 2021-04-26 07:49:48 -06:00
dependabot[bot]
9718d27ba6
chore(deps): bump github.com/envoyproxy/protoc-gen-validate (#2129) 
Bumps [github.com/envoyproxy/protoc-gen-validate](https://github.com/envoyproxy/protoc-gen-validate) from 0.5.1 to 0.6.0.
- [Release notes](https://github.com/envoyproxy/protoc-gen-validate/releases)
- [Commits](https://github.com/envoyproxy/protoc-gen-validate/compare/v0.5.1...v0.6.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-26 07:45:42 -06:00
dependabot[bot]
8c04bbbe67
chore(deps): bump github.com/prometheus/common from 0.20.0 to 0.21.0 (#2130) 
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](https://github.com/prometheus/common/compare/v0.20.0...v0.21.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-26 07:44:54 -06:00
Caleb Doxsey
22f6a2207b
envoy: re-implement recommended defaults (#2123) 2021-04-23 14:54:13 -06:00
Caleb Doxsey
f365b30e02
authorize: remove log (#2122) 2021-04-23 14:00:08 -06:00
Caleb Doxsey
762b565239
authorize: fix empty sub policy arrays (#2119) 2021-04-23 11:00:30 -06:00
Caleb Doxsey
433831fbea
authorize: fix unsigned URL (#2118) 2021-04-22 17:33:46 -06:00
dependabot[bot]
d365771e90
chore(deps): bump github.com/caddyserver/certmagic from 0.12.0 to 0.13.0 (#2074) 
* chore(deps): bump github.com/caddyserver/certmagic from 0.12.0 to 0.13.0

Bumps [github.com/caddyserver/certmagic](https://github.com/caddyserver/certmagic) from 0.12.0 to 0.13.0.
- [Release notes](https://github.com/caddyserver/certmagic/releases)
- [Commits](https://github.com/caddyserver/certmagic/compare/v0.12.0...v0.13.0)

Signed-off-by: dependabot[bot] <support@github.com>

* autocert: fix for certmagic 0.12 -> 0.13

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-04-22 15:31:19 -06:00
Caleb Doxsey
b1d62bb541
config: remove validate side effects (#2109) 
* config: default shared key

* handle additional errors

* update grpc addr and grpc insecure

* update google cloud service authentication service account

* fix set response headers

* fix qps

* fix test
 2021-04-22 15:10:50 -06:00
Hugo Blom
2806b67bee
drop tun.cfg.dstHost from jwtCacheKey (#2115) 2021-04-22 11:50:37 -06:00
wasaga
e0c09a0998
log context (#2107) 2021-04-22 10:58:13 -04:00
Travis Groth
e7995954ff
deps: bump envoy to 1.17.2 (#2113) 2021-04-22 10:28:04 -04:00
Travis Groth
2b59db27be
deployment: update get-envoy script and release hooks (#2111) 2021-04-21 16:00:16 -04:00
Travis Groth
3b1e5a9a48
deployment: Publish OS packages to cloudsmith (#2105) 
* deployment: Publish OS packages to cloudsmith
 2021-04-21 07:12:14 -04:00
Caleb Doxsey
3906b70bc5
authorize: support arbitrary jwt claims (#2102) 
* authorize: support arbitrary jwt claims

* remove dead code
 2021-04-19 14:55:08 -06:00
bobby
073c6063db
docs: add threat model to security page (#2097) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-04-19 09:15:41 -07:00
dependabot[bot]
99eaf599c2
chore(deps): bump gopkg.in/auth0.v5 from 5.14.1 to 5.15.0 (#2098) 
Bumps [gopkg.in/auth0.v5](https://github.com/go-auth0/auth0) from 5.14.1 to 5.15.0.
- [Release notes](https://github.com/go-auth0/auth0/releases)
- [Changelog](https://github.com/go-auth0/auth0/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-auth0/auth0/compare/v5.14.1...v5.15.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-19 09:57:06 -06:00
dependabot[bot]
6a64f087ed
chore(deps): bump github.com/go-redis/redis/v8 from 8.8.0 to 8.8.2 (#2099) 
Bumps [github.com/go-redis/redis/v8](https://github.com/go-redis/redis) from 8.8.0 to 8.8.2.
- [Release notes](https://github.com/go-redis/redis/releases)
- [Changelog](https://github.com/go-redis/redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-redis/redis/compare/v8.8.0...v8.8.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-19 09:56:41 -06:00
Travis Groth
ebfbdb721b
config: don't change address value on databroker or authorize (#2092) 2021-04-16 10:46:32 -04:00
Caleb Doxsey
7c98e0ae76
xdsmgr: update resource versions on NACK (#2093) 2021-04-16 08:23:40 -06:00
Caleb Doxsey
116805acb3
config: rename headers to set_response_headers (#2081) 
* config: rename headers to set_response_headers

* Update config/options.go

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
 2021-04-14 11:22:21 -07:00
Caleb Doxsey
f760cdece5
envoyconfig: move most bootstrap config to shared package (#2088) 2021-04-14 12:07:49 -06:00
wasaga
c12c0aab49
metrics_address should be optional parameter (#2087) 2021-04-13 15:56:35 -04:00
Caleb Doxsey
1dcccf2b56
envoy: refactor controlplane xds to new envoyconfig package (#2086) 2021-04-13 13:51:44 -06:00
wasaga
0e66619081
do not require project be in GOPATH/src (#2078) 2021-04-12 09:43:05 -04:00