3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-30 10:56:28 +02:00
Code Issues Projects Releases Packages Wiki Activity
1267 commits 157 branches 125 tags 103 MiB
Commit graph

68 commits

Author SHA1 Message Date
Caleb Doxsey
ab4a68f56f
remove user impersonation and service account cli (#1768) 
* remove user impersonation and service account cli

* update doc

* remove user impersonation url query params

* fix flaky test
 2021-01-12 09:28:29 -07:00
Caleb Doxsey
00734243b3
telemetry: add support for datadog tracing (#1743) 
* add support for datadog tracing

* omitempty on datadog address

* envoy: add datadog exporter for tracing
 2021-01-06 12:27:23 -07:00
Travis Groth
50989a11b3
docs: tcp support (#1712) 2020-12-22 23:03:13 -05:00
bobby
c23c8b34b3
docs: replace httpbin with verify (#1702) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-12-22 09:53:08 -08:00
Travis Groth
64816720c8
internal/telemetry/metrics: update redis metrics for go-redis (#1694) 2020-12-16 14:53:39 -05:00
bobby
d3c697d3e4
nginx: fix docs (#1691) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-12-15 13:25:46 -08:00
Caleb Doxsey
2e8b842aed
remove "see policy" phrase in settings docs (#1668) 2020-12-09 11:35:02 -07:00
Travis Groth
82c7d1ee7a
docs: add allowed_idp_claims docs (#1665) 2020-12-09 12:16:13 -05:00
bobby
0cdd727d5e
update docs (#1645) 2020-12-03 08:29:17 -08:00
Caleb Doxsey
0571754f0c
move signing key algorithm documentation into yaml file (#1646) 2020-12-02 17:14:27 -07:00
bobby
5bbd745934
authorize: add signature algo support (RSA / EdDSA) (#1631) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-11-30 17:14:41 -08:00
Caleb Doxsey
2d5690dde6
remove deprecated cache_service_url config option (#1614) 
* remove deprecated cache_service_url config option

* remove broken test

* update integration test config

* update nginx example

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2020-11-23 14:57:29 -07:00
bobby
f604a3e87a
docs: use standard langauge for lists (#1590) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-11-12 14:44:00 -08:00
Caleb Doxsey
bfe68d1fd8
move docs to settings.yaml (#1579) 2020-11-05 12:13:10 -07:00
Philip Wassermann
85a5961e5e
authorize: add allow_any_authenticated_user policy (#1515) 2020-11-05 11:20:50 -07:00
Caleb Doxsey
2a97e92d50
add settings.yaml file (#1540) 
* store settings in yaml

* add shortdocs

* fix newline at EOF

* fix newline at EOF
 2020-10-22 15:28:16 -06:00
Caleb Doxsey
04c582121d
add flag to enable user impersonation (#1514) 
* add flag to enable user impersonation

* fix typo
 2020-10-14 08:17:59 -06:00
Jon Carl
83f998c088
update the documentation for auth0 to include group/role information (#1502) 
Signed-off-by: Jon Carl <jon.carl@auth0.com>
 2020-10-09 13:42:25 -06:00
Caleb Doxsey
6e385f800a
config: add support for host header rewriting (#1457) 
* config: add support for host header rewriting

* fix lint
 2020-09-25 09:36:39 -06:00
Caleb Doxsey
54d37e62e8
config: add dns_lookup_family option to customize DNS IP resolution (#1436) 2020-09-21 15:32:37 -06:00
Manatsawin Hanmongkolchai
904edfed9a
docs: fix remove_request_headers typo (#1388) 2020-09-08 21:35:09 -07:00
Cuong Manh Le
08a094ae93
internal/directory/okta: remove rate limiter (#1370) 
We did honor the rate limit header from okta, so don't bother to add our
rate limiter there.
 2020-09-04 18:23:14 +07:00
Caleb Doxsey
4fb90fabe8
config: support explicit prefix and regex path rewriting (#1363) 
* config: support explicity prefix and regex path rewriting

* add rewrite tests
 2020-09-02 13:48:19 -06:00
Caleb Doxsey
f6b622c7dc
proxy: support websocket timeouts (#1362) 2020-09-02 07:55:57 -06:00
Cuong Manh Le
9de99d0211
all: add signout redirect url (#1324) 
Fixes #1213
 2020-08-25 01:23:58 +07:00
Cuong Manh Le
f356ff5581 config: add idp qps config 2020-08-14 09:50:49 +07:00
Caleb Doxsey
f822c9a5d2
config: allow reloading of telemetry settings (#1255) 
* metrics: support dynamic configuration settings

* add test

* trace: update configuration when settings change

* config: allow logging options to be configured when settings change

* envoy: allow changing log settings

* fix unexpected doc change

* fix tests

* pick a port at random

* update based on review
 2020-08-12 08:14:15 -06:00
bobby
8d0cb86098
docs: fix links, fix upgrade guide (#1220) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-08-05 23:07:49 -07:00
bobby
ecfe25458e
docs: update reference docs (#1208) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2020-08-05 18:22:56 -07:00
Brad Jones
9af93ff090
Update README stating specific requirements for SIGNING_KEY (#1217) 
Makes clear it must be an EC key and also that it must be present in the authentication service, if run separately.
 2020-08-05 14:47:31 -07:00
Travis Groth
258cb26ed5
docs: fix minor errors (#1214) 
* docs: fix typo in kubectl command

* docs: Fix spurious table
 2020-08-05 15:04:31 -04:00
Travis Groth
7a53e6bb42
proxy: add support for spdy upgrades (#1203) 2020-08-04 13:26:14 -04:00
Travis Groth
01d0f7de6e
config: additional kubernetes token source support (#1200) 2020-08-04 09:40:51 -04:00
bobby
8b68079488
docs: rename docs/reference to docs/topics (#1182) 
* docs: rename docs/reference to docs/topics
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-08-01 10:00:14 -07:00
Cuong Manh Le
bc61206b78
pkg/storage/redis: add redis TLS support (#1163) 
Fixes #1156
 2020-07-31 19:37:23 +07:00
Travis Groth
aa8ba35332
config: default to google idp credentials for serverless (#1170) 2020-07-30 20:21:41 -04:00
Travis Groth
3c4513a91e
telmetry: add databroker storage metrics and tracing (#1161) 
* telmetry: add databroker storage metrics and tracing
 2020-07-30 18:19:23 -04:00
bobby
8cae3f27bb
docs: refactor sections, consolidate examples (#1164) 2020-07-30 11:02:14 -07:00
Bobby DeSimone
0a530fbea2
docs: update site ui 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2019-08-03 22:28:18 -07:00
Bobby DeSimone
5edfa7b03f
telemetry: add tracing 
- telemetry/tace: add traces throughout code
- telemetry/metrics: nest metrics and trace under telemetry
- telemetry/tace: add service name span to HTTPMetricsHandler.
- telemetry/metrics: removed chain dependency middleware_tests.
- telemetry/metrics: wrap and encapsulate variatic view registration.
- telemetry/tace: add jaeger support for tracing.
- cmd/pomerium: move `parseOptions` to internal/config.
- cmd/pomerium: offload server handling to httputil and sub pkgs.
- httputil: standardize creation/shutdown of http listeners.
- httputil: prefer curve X25519 to P256 when negotiating TLS.
- fileutil: use standardized Getw

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2019-07-24 09:20:16 -07:00
Bobby DeSimone
f8843eabac
deployment: add spellcheck to docs 2019-07-22 14:05:22 -07:00
Travis Groth
db63956b0e Add info metrics 2019-07-20 08:53:35 -04:00
Travis Groth
e635c9bb3b HTTP metrics improvements 
- Switch to ochttp plugin
- Add HTTP request metrics
- Relabel for consistency
 2019-07-11 22:49:54 -04:00
Travis Groth
4bd4b27f28 GRPC metrics improvements 
- change to ocgrpc plugin
- rename labels to be more consistent
- refactor view registration patterns
- add server metrics- add client request size metrics
 2019-07-10 22:35:56 -04:00
Bobby DeSimone
9682937d19
docs: update for v0.1.0 release 2019-07-07 19:33:05 -07:00
Bobby DeSimone
7558d5b0de
internal/config: refactor option parsing 
- authorize: build whitelist from policy's URLs instead of strings.
- internal/httputil: merged httputil and https package.
- internal/config: merged config and policy packages.
- internal/metrics: removed unused measure struct.
- proxy/clients: refactor Addr fields to be urls.
- proxy: remove unused extend deadline function.
- proxy: use handler middleware for reverse proxy leg.
- proxy: change the way websocket requests are made (route based).

General improvements
- omitted value from range in several cases where for loop could be simplified.
- added error checking to many tests.
- standardize url parsing.
- remove unnecessary return statements.

- proxy: add self-signed certificate support. #179
- proxy: add skip tls certificate verification. #179
- proxy: Refactor websocket support to be route based. #204
 2019-07-07 09:39:31 -07:00
Travis Groth
989062db8e Allow empty policies at startup 2019-07-02 06:25:25 -04:00
Bobby DeSimone
b8463e30c1
Merge pull request #195 from travisgroth/feature/grpc_metrics 
internal/metrics: add gRPC Client Metrics
 2019-07-01 08:06:36 -07:00
Travis Groth
43ff275b16 Fix #188 2019-06-30 10:24:22 -04:00
Travis Groth
77338bd4e9 Add GRPC Client Metrics 2019-06-28 06:35:27 -04:00