pomerium

mirror of https://github.com/pomerium/pomerium.git synced 2025-05-25 23:17:18 +02:00

Author	SHA1	Message	Date
Travis Groth	65bb1501fd	deployment: Envoy cross platform improvements (#701 ) * Share processgroup on all platforms * Fix cross platform release handling	2020-05-18 17:10:10 -04:00
Travis Groth	d58f68ab15	Update build and release process for envoy embedding (#699 )	2020-05-18 17:10:10 -04:00
Caleb Doxsey	dccec1e646	envoy: support autocert (#695 ) * envoy: support autocert * envoy: fallback to http host routing if sni fails to match * update comment * envoy: renew certs when necessary * fix tests	2020-05-18 17:10:10 -04:00
Travis Groth	0c1ac5a575	Return an error regardless of envoy's exit status (#694 )	2020-05-18 17:10:10 -04:00
Travis Groth	f5a9bad3d6	enable ipv6 grpc routing (#692 )	2020-05-18 17:10:10 -04:00
Caleb Doxsey	41855e5419	envoy: use envoy request id for logging across systems with http and gRPC (#691 )	2020-05-18 17:10:10 -04:00
Caleb Doxsey	593c47f8ac	proxy: remove pomerium cookie and authorization from upstream requests (#687 ) * proxy: remove pomerium cookie and authorization from upstream requests * fix typo	2020-05-18 17:10:10 -04:00
Caleb Doxsey	5819bf1408	authorize: return jwt claims in request headers (#688 ) * authorize: refactor session loading, implement headers and query params * authorize: fix http recorder header, use constant for pomerium authorization header * fix compile * remove dead code * authorize: return jwt claims in request headers	2020-05-18 17:10:10 -04:00
Caleb Doxsey	352c2b851b	envoy: add separate proxy log level option (#689 )	2020-05-18 17:10:10 -04:00
Caleb Doxsey	af649d3eb0	envoy: implement header and query param session loading (#684 ) * authorize: refactor session loading, implement headers and query params * authorize: fix http recorder header, use constant for pomerium authorization header * fix compile * remove dead code	2020-05-18 17:10:10 -04:00
Caleb Doxsey	0d9a372182	envoy: implement refresh session (#674 ) * authorize: refresh session WIP * remove upstream cookie with lua * only refresh session on expired * authorize: handle session expiration * authorize: add refresh test, fix isExpired check * proxy: implement preserve host header option * authorize: allow CORS preflight requests * proxy: add request headers * authenticate: use id token expiry	2020-05-18 17:10:10 -04:00
Caleb Doxsey	ae3049baca	envoy: implement set_request_headers (#673 ) * proxy: implement preserve host header option * authorize: allow CORS preflight requests * proxy: add request headers	2020-05-18 17:10:10 -04:00
Caleb Doxsey	98d2f194a0	authorize: allow CORS preflight requests (#672 ) * proxy: implement preserve host header option * authorize: allow CORS preflight requests	2020-05-18 17:10:10 -04:00
Caleb Doxsey	d92ee8d2a0	proxy: implement preserve host header option (#671 )	2020-05-18 17:10:10 -04:00
Caleb Doxsey	3879fe2f2a	proxy: add websocket support (#670 )	2020-05-18 17:10:10 -04:00
Caleb Doxsey	02615b8b6c	Merge remote-tracking branch 'origin/master' into feature/envoy	2020-05-18 17:10:10 -04:00
Travis Groth	99e788a9b4	envoy: Initial changes	2020-05-18 17:10:10 -04:00
Renovate Bot	8f78497e99	Update module google.golang.org/api to v0.24.0	2020-05-18 14:55:47 +00:00
Renovate Bot	fe35489657	Update module golang/protobuf to v1.4.2	2020-05-18 13:16:44 +00:00
Bjoern Weidlich	1a1a5a11f9	Documentation around Pomerium/Istio/Grafana (#675 ) * Added an example of how to protect Grafana with Pomerium inside of an Istio mesh * Added relevant documentation links	2020-05-17 22:26:09 -07:00
Renovate Bot	9ede2be7c5	Update module google/go-cmp to v0.4.1	2020-05-18 01:43:57 +00:00
Caleb Doxsey	49067c8f06	integration-tests: TLS policy configuration options (#708 ) * integration-tests: switch to go for backends to support TLS scenarios * fix apply order * generate additional tls certs * integration-tests: tls_skip_verify option * integration-tests: wait for openid to come up before starting authenticate * add tls_server_name test * add test for tls_custom_ca * increase setup timeout to 15 minutes * fix secret name reference * mtls wip * mtls wip * add test for client_cert	2020-05-15 16:37:09 -06:00
Caleb Doxsey	397d4a9f51	integration-tests: switch to go for backends to support TLS scenarios (#707 ) * integration-tests: switch to go for backends to support TLS scenarios * fix apply order * fix duplicate port value	2020-05-15 09:25:27 -06:00
Bobby DeSimone	1cba3d50eb	docs: fixes to v0.8.0 docs (#696 ) Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>	2020-05-13 12:38:01 -07:00
Bobby DeSimone	80166bcc40	deployment: release v0.8.0 (#686 ) Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>	2020-05-12 19:10:12 -07:00
Renovate Bot	e5e043ee12	Update module spf13/viper to v1.7.0	2020-05-11 20:39:19 +00:00
Renovate Bot	60c10c6e4e	Update golang.org/x/net commit hash to 7e3656a	2020-05-11 19:37:35 +00:00
Renovate Bot	960c07f777	Update module google.golang.org/api to v0.23.0	2020-05-11 17:35:44 +00:00
Renovate Bot	d988fb39eb	Update module gorilla/websocket to v1.4.2	2020-05-11 16:32:06 +00:00
Renovate Bot	aef79d62ec	Update module go-acme/lego/v3 to v3.7.0	2020-05-11 15:18:04 +00:00
Renovate Bot	425316e8bb	Update module golang/protobuf to v1.4.1	2020-05-11 13:33:28 +00:00
Renovate Bot	65856bef35	Update golang.org/x/crypto commit hash to 06a226f	2020-05-11 05:56:21 +00:00
Renovate Bot	9561307de9	Update github.com/pomerium/autocache commit hash to 8c1cd65	2020-05-11 04:59:16 +00:00
Caleb Doxsey	cbc6374efd	integration-tests: set_request_headers and preserve_host_header options (#668 ) * integration-tests: rename to policy_test * integration-tests: add request header test * integration-tests: add test for preserve_host_header	2020-05-07 10:52:55 -06:00
Caleb Doxsey	f5eaad54ee	pre-commit: add pre-commit configuration (#666 )	2020-05-07 08:13:30 -06:00
Caleb Doxsey	3f4a22a10d	integration-tests: add CORS test (#662 )	2020-05-06 17:31:40 -06:00
Caleb Doxsey	f9399df1bd	should be a list (#665 )	2020-05-06 17:31:08 -06:00
Caleb Doxsey	303691eb82	renovate: run go mod tidy after updating dependencies (#663 )	2020-05-06 17:21:17 -06:00
Caleb Doxsey	236891329b	integration-tests: add websocket enabled/disabled test (#661 ) * integration-tests: add websocket enabled/disabled test * integration-tests: lint	2020-05-06 16:10:01 -06:00
Travis Groth	b9b66ec20f	deploy: autocert documentation and defaults (#658 ) * Define AUTOCERT_DIR in dockerfiles * Add autocert example and compose file * Update reference docs for defaults	2020-05-05 21:13:28 -04:00
Travis Groth	d9f752aaca	deps: go mod tidy (#657 )	2020-05-05 16:22:00 -04:00
Bobby DeSimone	bf9a6f5e97	cryptutil: add automatic certificate management (#644 ) Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>	2020-05-05 12:50:19 -07:00
Travis Groth	1dc1c870c3	Switch integration tests from minikube to kind (#656 )	2020-05-05 15:23:16 -04:00
Renovate Bot	c29f1932d6	chore(deps): update golang.org/x/net commit hash to 1ed2336	2020-05-05 05:15:54 +00:00
Renovate Bot	e6212ce6e3	chore(deps): update module stretchr/testify to v1.5.1	2020-05-04 21:41:10 +00:00
Renovate Bot	fe89c7dcb3	chore(deps): update module square/go-jose to v2.5.1	2020-05-04 20:39:39 +00:00
Renovate Bot	3390e557c0	chore(deps): update golang.org/x/crypto commit hash to 4b2356b	2020-05-04 19:59:47 +00:00
Renovate Bot	12e0e18944	chore(deps): update module prometheus/client_golang to v1.6.0	2020-05-04 18:40:23 +00:00
Travis Groth	b0baea1fdd	Add CODEOWNERS (#653 )	2020-05-04 10:24:52 -04:00
Travis Groth	6196278046	Fix reload panic in Authorize code (#652 )	2020-05-04 09:21:06 -04:00

... 35 36 37 38 39 ...

2396 commits