3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 10:26:29 +02:00
Code Issues Projects Releases Packages Wiki Activity
1759 commits 157 branches 125 tags 103 MiB
Commit graph

1759 commits

This branch
This branch
All branches
Author SHA1 Message Date
Travis Groth
335925d94a
v0.15 release notes (#2409) 2021-08-03 21:36:48 -04:00
wasaga
204aa30b6e
telemetry: try guess hostname or external IP addr for metrics (#2412) 2021-08-03 18:10:14 -04:00
Caleb Doxsey
94eb3c1149
config: remove grpc server max connection age options (#2427) 
* config: remove grpc server max connection age options

* remove docs
 2021-08-03 09:39:48 -06:00
dependabot[bot]
56bbc31517
chore(deps): bump gopkg.in/auth0.v5 from 5.19.1 to 5.19.2 (#2422) 
Bumps [gopkg.in/auth0.v5](https://github.com/go-auth0/auth0) from 5.19.1 to 5.19.2.
- [Release notes](https://github.com/go-auth0/auth0/releases)
- [Changelog](https://github.com/go-auth0/auth0/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-auth0/auth0/compare/v5.19.1...v5.19.2)

---
updated-dependencies:
- dependency-name: gopkg.in/auth0.v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-08-03 08:28:54 -04:00
Caleb Doxsey
5e2ca68e94
redis: increase timeout on test (#2425) 2021-08-02 17:11:33 -06:00
Caleb Doxsey
a64e5b5fa1
authorize: add sid to JWT claims (#2420) 
* authorize: add sid to JWT claims

* fix import ordering
 2021-08-02 16:11:05 -06:00
dependabot[bot]
97af64df60
chore(deps): bump github.com/shirou/gopsutil/v3 from 3.21.6 to 3.21.7 (#2414) 
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil) from 3.21.6 to 3.21.7.
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](https://github.com/shirou/gopsutil/compare/v3.21.6...v3.21.7)

---
updated-dependencies:
- dependency-name: github.com/shirou/gopsutil/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-08-02 14:01:28 -06:00
dependabot[bot]
251a33ff68
chore(deps): bump google.golang.org/api from 0.51.0 to 0.52.0 (#2415) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.51.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.51.0...v0.52.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-08-02 13:38:35 -06:00
dependabot[bot]
796a963c4e
chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0-rc.1 to 3.0.0 (#2421) 
* chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0-rc.1 to 3.0.0

Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.0-rc.1 to 3.0.0.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.0-rc.1...v3.0.0)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* go mod tidy

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-08-02 13:07:26 -06:00
dependabot[bot]
e5fb3d947b
chore(deps): bump github.com/prometheus/common from 0.29.0 to 0.30.0 (#2417) 
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.29.0 to 0.30.0.
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](https://github.com/prometheus/common/compare/v0.29.0...v0.30.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-08-02 12:57:42 -06:00
dependabot[bot]
8d7e9a1126
chore(deps): bump github.com/open-policy-agent/opa from 0.30.2 to 0.31.0 (#2416) 
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.30.2 to 0.31.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.30.2...v0.31.0)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-08-02 12:55:44 -06:00
dependabot[bot]
63ffc6c2b8
chore(deps): bump github.com/go-redis/redis/v8 from 8.11.0 to 8.11.1 (#2413) 
Bumps [github.com/go-redis/redis/v8](https://github.com/go-redis/redis) from 8.11.0 to 8.11.1.
- [Release notes](https://github.com/go-redis/redis/releases)
- [Changelog](https://github.com/go-redis/redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-redis/redis/compare/v8.11.0...v8.11.1)

---
updated-dependencies:
- dependency-name: github.com/go-redis/redis/v8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-08-02 12:55:06 -06:00
Caleb Doxsey
57c0c0a1bc
authorize: log additional session details (#2419) 2021-08-02 12:08:34 -06:00
Travis Groth
3c658714ac
build: add envoy files to make clean (#2411) 2021-07-30 12:47:22 -06:00
Caleb Doxsey
1a95036b8c
sessions: add impersonate_session_id, remove legacy impersonation (#2407) 
* sessions: add impersonate_session_id, remove legacy impersonation

* show impersonated user details

* fix headers

* address feedback

* only check impersonate id on non-nil pbSession

* Revert "only check impersonate id on non-nil pbSession"

This reverts commit a6f7ca5abd.
 2021-07-30 08:42:36 -06:00
bobby
2b6813dc95
docs: only secure schemes are supported (#2408) 
* docs: only secure schemes are supported

https://pomerium-io.slack.com/archives/CK92MUAES/p1627615869000100?thread_ts=1627567572.143500&cid=CK92MUAES

* bring update to source file

Co-authored-by: alexfornuto <alex@fornuto.com>
 2021-07-30 08:40:41 -06:00
Travis Groth
386fc6ef81
envoy: bump to 1.19 (#2392) 2021-07-29 19:13:24 -04:00
Alex Fornuto
834fa85058
Installation Docs Restructuring (#2406) 
* rename quick-start as install, move Synology to guides

* add redirects

* expand redirects, rename installation to releases
 2021-07-29 15:40:15 -05:00
Caleb Doxsey
3026efb5af
envoyconfig: improvements (#2402) 
* add alpn function

* add comment

* address PR feedback
 2021-07-27 16:44:15 -06:00
Caleb Doxsey
0620cfdc50
config: add support for embedded PPL policy (#2401) 2021-07-27 13:44:10 -06:00
Caleb Doxsey
c34118360d
ppl: remove support for aliases (#2400) 2021-07-27 12:29:42 -06:00
Caleb Doxsey
1c627e5724
disable http/2 for websockets (#2399) 2021-07-26 20:09:18 -06:00
dependabot[bot]
d9bc9d7005
chore(deps): bump github.com/prometheus/procfs from 0.7.0 to 0.7.1 (#2395) 
Bumps [github.com/prometheus/procfs](https://github.com/prometheus/procfs) from 0.7.0 to 0.7.1.
- [Release notes](https://github.com/prometheus/procfs/releases)
- [Commits](https://github.com/prometheus/procfs/compare/v0.7.0...v0.7.1)

---
updated-dependencies:
- dependency-name: github.com/prometheus/procfs
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-07-26 11:52:05 -06:00
dependabot[bot]
0fc9fece5a
chore(deps): bump google.golang.org/api from 0.50.0 to 0.51.0 (#2394) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.50.0 to 0.51.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.50.0...v0.51.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-07-26 11:50:59 -06:00
bobby
6bac8e1ace
symlink security policy to root of project (#2396) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-07-26 10:42:21 -07:00
Travis Groth
91e4ddd9d5
ci: update gcloud action (#2393) 2021-07-24 10:22:52 -07:00
Caleb Doxsey
8f7357b333
google: remove WithHTTPClient (#2391) 2021-07-23 15:36:56 -06:00
Caleb Doxsey
ac8ae3ef5b
directory: add logging http client to help with debugging outbound http requests (#2385) 2021-07-22 11:58:52 -06:00
bobby
aa0e6872de
evaluator: use cryputil to hash (#2384) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-07-22 06:15:54 -07:00
Caleb Doxsey
c7a8f11d9a
authorize: add additional tracing for rego evaluation (#2381) 2021-07-21 15:37:51 -06:00
Caleb Doxsey
8be71800c4
k8s: add flush-credentials command (#2379) 
* k8s: add flush-credentials command

* Update cmd/pomerium-cli/kubernetes.go

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2021-07-20 14:51:55 -07:00
Caleb Doxsey
8a74fae2e7
urlutil: improve error message for urls with port in path (#2377) 2021-07-20 11:08:50 -06:00
Caleb Doxsey
fbf44261c1
telemetry: support b3 headers on gRPC server calls (#2376) 2021-07-20 05:36:58 -06:00
dependabot[bot]
a02010409a
chore(deps): bump github.com/google/uuid from 1.2.0 to 1.3.0 (#2374) 
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Commits](https://github.com/google/uuid/compare/v1.2.0...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-07-19 13:28:32 -06:00
dependabot[bot]
e4c852d830
chore(deps): bump github.com/open-policy-agent/opa from 0.30.1 to 0.30.2 (#2373) 
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.30.1 to 0.30.2.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.30.1...v0.30.2)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-07-19 13:27:51 -06:00
Travis Groth
ba6e4b129a
ci: convert to FOSSA scan (#2371) 2021-07-19 15:06:57 -04:00
Caleb Doxsey
1123de07a6
envoy: only allow embedding (#2368) 2021-07-19 08:32:48 -06:00
Caleb Doxsey
2a5dcc2848
ci: use revive instead of golint (#2370) 2021-07-16 10:26:47 -06:00
Caleb Doxsey
d45a7e9996
databroker: tests (#2367) 
* databroker: tests

* fix lint
 2021-07-16 10:26:29 -06:00
Travis Groth
d453c90fb6
ci: use github app for backport credentials (#2369) 2021-07-16 08:30:02 -06:00
Caleb Doxsey
cef08a1c2d
authorize: remove service account impersonate user id, email and groups (#2365) 2021-07-15 09:31:45 -06:00
Alex Fornuto
86b56ffd37
Docs bug fixes (#2362) 
* close warning block, syntax highlight

* Add title, grammar-fix link
 2021-07-14 12:34:06 -05:00
dependabot[bot]
34b8af77d1
chore(deps): bump github.com/rs/cors from 1.7.0 to 1.8.0 (#2334) 
* chore(deps): bump github.com/rs/cors from 1.7.0 to 1.8.0

Bumps [github.com/rs/cors](https://github.com/rs/cors) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/rs/cors/releases)
- [Commits](https://github.com/rs/cors/compare/v1.7.0...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/rs/cors
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix test to handle 204

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-07-14 10:08:03 -06:00
dependabot[bot]
9d17e65a5d
chore(deps): bump github.com/open-policy-agent/opa from 0.29.4 to 0.30.1 (#2323) 
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.29.4 to 0.30.1.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.29.4...v0.30.1)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-07-14 10:03:25 -06:00
Caleb Doxsey
360aa89505
authorize: allow redirects on deny (#2361) 2021-07-13 15:41:36 -06:00
Caleb Doxsey
b4b86dccb4
authorize: decode CheckRequest path for redirect (#2357) 2021-07-13 13:17:21 -06:00
Caleb Doxsey
ca8205f0b4
config: add warning about http URLs (#2358) 2021-07-13 11:12:03 -06:00
Caleb Doxsey
a9ba3ffff5
envoyconfig: default zipkin path to / when empty (#2359) 2021-07-13 11:11:49 -06:00
Caleb Doxsey
4c64daa8c2
envoy: only check for pid with monitor (#2355) 2021-07-13 09:58:37 -06:00
Caleb Doxsey
23552cfc1c
envoyconfig: only delete cached files, ignore noisy error (#2356) 2021-07-13 09:58:25 -06:00