3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-03 11:22:45 +02:00
Code Issues Projects Releases Packages Wiki Activity
3525 commits 167 branches 127 tags 105 MiB
Commit graph

396 commits

Author SHA1 Message Date
Kenneth Jenkins
2b84111058
config: sort runtime flags, name consistency (#5255) 
Sort the runtime flag definitions alphabetically. Rename
envoy_resource_manager_enabled to just envoy_resource_manager for
consistency with the other flag names. (This flag hasn't been released
yet, so it should be OK to rename it.) Also add a doc comment.
 2024-09-03 13:37:19 -07:00
Denis Mishin
ce12e51cf5
zero/api: reset token and url cache if 401 is received (#5256) 
zero/api: reset token cache if 401 is received
 2024-09-03 15:40:28 -04:00
Joe Kralicky
d149b2d178
zero: generate error methods for response types (#5252) 2024-08-30 16:21:43 -04:00
Caleb Doxsey
d062f9d68d
core/logs: remove warnings (#5235) 
* core/logs: remove warnings

* switch to error
 2024-08-27 09:38:50 -06:00
Caleb Doxsey
556b2e0d73
core/grpc: add mock for registry service (#5243) 2024-08-26 11:30:17 -06:00
Caleb Doxsey
98cea10421
Revert "core/grpc: add IterateAll method" (#5234) 
Revert "core/grpc: add IterateAll method (#5227)"

This reverts commit 3961098681.
 2024-08-23 10:35:46 -06:00
Denis Mishin
0503b41108
zero/connect: add re-run health checks command (#5219) 
* zero/connect: add run health checks and shutdown commands

* fix proto

* trigger re-run on command

* add handler

* rename runPeriodicHealthChecksLeased
 2024-08-22 16:17:53 -04:00
Denis Mishin
6e766233c7
zero/health-checks: fix early checks sometimes missing (#5229) 
* zero/health-checks: fix early checks sometimes missing

* rm closure

* fix test
 2024-08-20 22:13:45 -04:00
Caleb Doxsey
3961098681
core/grpc: add IterateAll method (#5227) 
* core/grpc: add IterateAll method

* Update pkg/grpc/databroker/generic.go

Co-authored-by: Denis Mishin <dmishin@pomerium.com>

---------

Co-authored-by: Denis Mishin <dmishin@pomerium.com>
 2024-08-20 09:34:26 -06:00
Caleb Doxsey
2925447d35
zero/api: switch to github.com/oapi-codegen/oapi-codegen (#5226) 2024-08-19 12:00:48 -06:00
Joe Kralicky
332932b7a8
Replace usages of x/exp/maps + bump golang.org/x/exp (#5221) 
Bump golang.org/x/exp; replace usages of x/exp/maps with stdlib equivalents
 2024-08-15 17:49:24 -04:00
Caleb Doxsey
0cfb1025db
core/proto: update protoc dependencies (#5218) 
* core/proto: update protoc dependencies

* cleanup

* disable unimplemented forward compatibility check

* fix mock

* add generate make command

* add .0
 2024-08-15 11:12:05 -06:00
Denis Mishin
3483447c37
ci: do not include timestamp into buildmeta (#5215) 2024-08-15 10:57:10 -04:00
Denis Mishin
e2251b2d57
databroker/leaser: set timeout on ReleaseLease (#5208) 2024-08-06 14:47:59 -04:00
Kenneth Jenkins
418ee79e1a
authenticate: rework session ID token handling (#5178) 
Currently, the Session proto id_token field is populated with Pomerium
session data during initial login, but with IdP ID token data after an
IdP session refresh.

Instead, store only IdP ID token data in this field.

Update the existing SetRawIDToken method to populate the structured data
fields based on the contents of the raw ID token. Remove the other code
that sets these fields (in the authenticateflow package and in
manager.sessionUnmarshaler).

Add a test for the identity manager, exercising the combined effect of
session claims unmarshaling and SetRawIDToken(), to verify that the
combined behavior is preserved unchanged.
 2024-07-29 12:43:50 -07:00
Kenneth Jenkins
b0606d9283
envoy: upgrade to v1.31.0 (#5183) 2024-07-23 10:06:03 -07:00
Kenneth Jenkins
14c0c5abd0
oidc: add more unit tests (#5174) 
Add tests for all of the oidc.Provider methods not currently covered.
Remove the GetSubject() method as it appears to be unused.
 2024-07-22 14:28:39 -07:00
Kenneth Jenkins
9fe646f25a
session: do not invalidate based on ID token (#5182) 
Per the OIDC spec, section 2:

> NOTE: The ID Token expiration time is unrelated [to] the lifetime of
> the authenticated session between the RP and the OP.

A Pomerium session should remain valid for as long as the underlying
OAuth2 session.
 2024-07-19 16:29:06 -07:00
Caleb Doxsey
e5e6558de6
core/authorize: require new login when authenticate url changes (#5165) 2024-07-12 10:57:41 -06:00
dependabot[bot]
8f8c66e9fd
chore(deps): bump the go group with 21 updates (#5162) 
* chore(deps): bump the go group with 21 updates

Bumps the go group with 21 updates:

| Package | From | To |
| --- | --- | --- |
| [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.41.0` | `1.42.0` |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.27.0` | `1.30.1` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.27.16` | `1.27.23` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.54.3` | `1.57.1` |
| [github.com/caddyserver/certmagic](https://github.com/caddyserver/certmagic) | `0.21.2` | `0.21.3` |
| [github.com/cloudflare/circl](https://github.com/cloudflare/circl) | `1.3.8` | `1.3.9` |
| [github.com/docker/docker](https://github.com/docker/docker) | `26.1.3+incompatible` | `27.0.3+incompatible` |
| [github.com/go-chi/chi/v5](https://github.com/go-chi/chi) | `5.0.12` | `5.1.0` |
| [github.com/gorilla/websocket](https://github.com/gorilla/websocket) | `1.5.1` | `1.5.3` |
| [github.com/klauspost/compress](https://github.com/klauspost/compress) | `1.17.8` | `1.17.9` |
| [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) | `7.0.70` | `7.0.72` |
| [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) | `0.65.0` | `0.66.0` |
| [github.com/prometheus/common](https://github.com/prometheus/common) | `0.53.0` | `0.55.0` |
| [github.com/spf13/viper](https://github.com/spf13/viper) | `1.18.2` | `1.19.0` |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.23.0` | `0.24.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.25.0` | `0.26.0` |
| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.20.0` | `0.21.0` |
| [golang.org/x/sys](https://github.com/golang/sys) | `0.20.0` | `0.21.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.178.0` | `0.183.0` |
| [google.golang.org/genproto/googleapis/rpc](https://github.com/googleapis/go-genproto) | `0.0.0-20240515191416-fc5f0ca64291` | `0.0.0-20240528184218-531527333157` |
| google.golang.org/protobuf | `1.34.1` | `1.34.2` |


Updates `cloud.google.com/go/storage` from 1.41.0 to 1.42.0
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.41.0...spanner/v1.42.0)

Updates `github.com/aws/aws-sdk-go-v2` from 1.27.0 to 1.30.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.27.0...v1.30.1)

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.27.16 to 1.27.23
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.16...config/v1.27.23)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.54.3 to 1.57.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.54.3...service/s3/v1.57.1)

Updates `github.com/caddyserver/certmagic` from 0.21.2 to 0.21.3
- [Release notes](https://github.com/caddyserver/certmagic/releases)
- [Commits](https://github.com/caddyserver/certmagic/compare/v0.21.2...v0.21.3)

Updates `github.com/cloudflare/circl` from 1.3.8 to 1.3.9
- [Release notes](https://github.com/cloudflare/circl/releases)
- [Commits](https://github.com/cloudflare/circl/compare/v1.3.8...v1.3.9)

Updates `github.com/docker/docker` from 26.1.3+incompatible to 27.0.3+incompatible
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.3...v27.0.3)

Updates `github.com/go-chi/chi/v5` from 5.0.12 to 5.1.0
- [Release notes](https://github.com/go-chi/chi/releases)
- [Changelog](https://github.com/go-chi/chi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-chi/chi/compare/v5.0.12...v5.1.0)

Updates `github.com/gorilla/websocket` from 1.5.1 to 1.5.3
- [Release notes](https://github.com/gorilla/websocket/releases)
- [Commits](https://github.com/gorilla/websocket/compare/v1.5.1...v1.5.3)

Updates `github.com/klauspost/compress` from 1.17.8 to 1.17.9
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](https://github.com/klauspost/compress/compare/v1.17.8...v1.17.9)

Updates `github.com/minio/minio-go/v7` from 7.0.70 to 7.0.72
- [Release notes](https://github.com/minio/minio-go/releases)
- [Commits](https://github.com/minio/minio-go/compare/v7.0.70...v7.0.72)

Updates `github.com/open-policy-agent/opa` from 0.65.0 to 0.66.0
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.65.0...v0.66.0)

Updates `github.com/prometheus/common` from 0.53.0 to 0.55.0
- [Release notes](https://github.com/prometheus/common/releases)
- [Changelog](https://github.com/prometheus/common/blob/main/RELEASE.md)
- [Commits](https://github.com/prometheus/common/compare/v0.53.0...v0.55.0)

Updates `github.com/spf13/viper` from 1.18.2 to 1.19.0
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.18.2...v1.19.0)

Updates `golang.org/x/crypto` from 0.23.0 to 0.24.0
- [Commits](https://github.com/golang/crypto/compare/v0.23.0...v0.24.0)

Updates `golang.org/x/net` from 0.25.0 to 0.26.0
- [Commits](https://github.com/golang/net/compare/v0.25.0...v0.26.0)

Updates `golang.org/x/oauth2` from 0.20.0 to 0.21.0
- [Commits](https://github.com/golang/oauth2/compare/v0.20.0...v0.21.0)

Updates `golang.org/x/sys` from 0.20.0 to 0.21.0
- [Commits](https://github.com/golang/sys/compare/v0.20.0...v0.21.0)

Updates `google.golang.org/api` from 0.178.0 to 0.183.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.178.0...v0.183.0)

Updates `google.golang.org/genproto/googleapis/rpc` from 0.0.0-20240515191416-fc5f0ca64291 to 0.0.0-20240528184218-531527333157
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `google.golang.org/protobuf` from 1.34.1 to 1.34.2

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/caddyserver/certmagic
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/cloudflare/circl
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: go
- dependency-name: github.com/go-chi/chi/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/gorilla/websocket
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/klauspost/compress
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/minio/minio-go/v7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/genproto/googleapis/rpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix test

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2024-07-05 13:26:47 -06:00
Kenneth Jenkins
6ee9e5238c
envoy: upgrade to v1.30.3 (#5152) 2024-06-26 17:20:42 -07:00
Caleb Doxsey
d9c6afc168
core/envoy: add mode to download only the current binary (#5149) 2024-06-25 14:35:55 -06:00
Denis Mishin
a7dd30ad29
zero/telemetry: add hostname and version (#5146) 2024-06-24 21:33:37 -04:00
Caleb Doxsey
7eca911292
core/envoy: add command to download envoy binaries (#5133) 
* core/envoy: add command to download envoy binaries

* use internal log

* remove original get-envoy script
 2024-06-18 20:00:55 -06:00
Denis Mishin
8d206e0087
zero/telemetry: collect limited core metrics (#5142) 2024-06-18 19:15:11 -04:00
Denis Mishin
114f730dba
zero: refactor telemetry and controller (#5135) 
* zero: refactor controller

* refactor zero telemetry and controller

* wire with connect handler

* cr
 2024-06-12 21:59:25 -04:00
Denis Mishin
e12532ba52
zero/connect: add telemetry request command (#5131) 
* zero/connect: add telemetry request command

* rm relabeling
 2024-06-10 22:54:02 -04:00
dependabot[bot]
3fcce1d9ef
chore(deps): bump the go group with 27 updates (#5122) 
* chore(deps): bump the go group with 27 updates

Bumps the go group with 27 updates:

| Package | From | To |
| --- | --- | --- |
| [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.40.0` | `1.41.0` |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.26.1` | `1.27.0` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.27.11` | `1.27.16` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.53.1` | `1.54.3` |
| [github.com/caddyserver/certmagic](https://github.com/caddyserver/certmagic) | `0.20.0` | `0.21.2` |
| [github.com/docker/docker](https://github.com/docker/docker) | `26.1.1+incompatible` | `26.1.3+incompatible` |
| [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) | `5.5.5` | `5.6.0` |
| [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) | `0.64.1` | `0.65.0` |
| [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.19.0` | `1.19.1` |
| [github.com/prometheus/procfs](https://github.com/prometheus/procfs) | `0.14.0` | `0.15.1` |
| [github.com/rs/zerolog](https://github.com/rs/zerolog) | `1.32.0` | `1.33.0` |
| [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil) | `3.24.4` | `3.24.5` |
| [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) | `1.26.0` | `1.27.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc](https://github.com/open-telemetry/opentelemetry-go) | `1.26.0` | `1.27.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go) | `1.26.0` | `1.27.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go) | `1.26.0` | `1.27.0` |
| [go.opentelemetry.io/otel/metric](https://github.com/open-telemetry/opentelemetry-go) | `1.26.0` | `1.27.0` |
| [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) | `1.26.0` | `1.27.0` |
| [go.opentelemetry.io/otel/sdk/metric](https://github.com/open-telemetry/opentelemetry-go) | `1.26.0` | `1.27.0` |
| [go.opentelemetry.io/otel/trace](https://github.com/open-telemetry/opentelemetry-go) | `1.26.0` | `1.27.0` |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.22.0` | `0.23.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.24.0` | `0.25.0` |
| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.19.0` | `0.20.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.177.0` | `0.178.0` |
| [google.golang.org/genproto/googleapis/rpc](https://github.com/googleapis/go-genproto) | `0.0.0-20240429193739-8cf5692501f6` | `0.0.0-20240515191416-fc5f0ca64291` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.63.2` | `1.64.0` |
| google.golang.org/protobuf | `1.34.0` | `1.34.1` |


Updates `cloud.google.com/go/storage` from 1.40.0 to 1.41.0
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.40.0...spanner/v1.41.0)

Updates `github.com/aws/aws-sdk-go-v2` from 1.26.1 to 1.27.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.26.1...v1.27.0)

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.27.11 to 1.27.16
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.11...config/v1.27.16)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.53.1 to 1.54.3
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.53.1...service/s3/v1.54.3)

Updates `github.com/caddyserver/certmagic` from 0.20.0 to 0.21.2
- [Release notes](https://github.com/caddyserver/certmagic/releases)
- [Commits](https://github.com/caddyserver/certmagic/compare/v0.20.0...v0.21.2)

Updates `github.com/docker/docker` from 26.1.1+incompatible to 26.1.3+incompatible
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.1...v26.1.3)

Updates `github.com/jackc/pgx/v5` from 5.5.5 to 5.6.0
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v5.5.5...v5.6.0)

Updates `github.com/open-policy-agent/opa` from 0.64.1 to 0.65.0
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.64.1...v0.65.0)

Updates `github.com/prometheus/client_golang` from 1.19.0 to 1.19.1
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.19.0...v1.19.1)

Updates `github.com/prometheus/procfs` from 0.14.0 to 0.15.1
- [Release notes](https://github.com/prometheus/procfs/releases)
- [Commits](https://github.com/prometheus/procfs/compare/v0.14.0...v0.15.1)

Updates `github.com/rs/zerolog` from 1.32.0 to 1.33.0
- [Commits](https://github.com/rs/zerolog/compare/v1.32.0...v1.33.0)

Updates `github.com/shirou/gopsutil/v3` from 3.24.4 to 3.24.5
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](https://github.com/shirou/gopsutil/compare/v3.24.4...v3.24.5)

Updates `go.opentelemetry.io/otel` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0)

Updates `go.opentelemetry.io/otel/metric` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0)

Updates `go.opentelemetry.io/otel/sdk` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0)

Updates `go.opentelemetry.io/otel/sdk/metric` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0)

Updates `go.opentelemetry.io/otel/trace` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0)

Updates `golang.org/x/crypto` from 0.22.0 to 0.23.0
- [Commits](https://github.com/golang/crypto/compare/v0.22.0...v0.23.0)

Updates `golang.org/x/net` from 0.24.0 to 0.25.0
- [Commits](https://github.com/golang/net/compare/v0.24.0...v0.25.0)

Updates `golang.org/x/oauth2` from 0.19.0 to 0.20.0
- [Commits](https://github.com/golang/oauth2/compare/v0.19.0...v0.20.0)

Updates `google.golang.org/api` from 0.177.0 to 0.178.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.177.0...v0.178.0)

Updates `google.golang.org/genproto/googleapis/rpc` from 0.0.0-20240429193739-8cf5692501f6 to 0.0.0-20240515191416-fc5f0ca64291
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `google.golang.org/grpc` from 1.63.2 to 1.64.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.63.2...v1.64.0)

Updates `google.golang.org/protobuf` from 1.34.0 to 1.34.1

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/caddyserver/certmagic
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/jackc/pgx/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/prometheus/procfs
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/rs/zerolog
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/shirou/gopsutil/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: go.opentelemetry.io/otel/metric
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: go.opentelemetry.io/otel/sdk/metric
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: go.opentelemetry.io/otel/trace
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/genproto/googleapis/rpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
...

Signed-off-by: dependabot[bot] <support@github.com>

* change acme pkg

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Denis Mishin <dmishin@pomerium.com>
 2024-06-03 14:35:29 -04:00
Joe Kralicky
927f24e1ff
Envoy resource monitoring & overload manager configuration (#5106) 
* Initial envoy cgroup resource monitor implementation

* Add cgroupv1 support; add metrics instrumentation

* Slight refactor for more efficient memory limit detection

Instead of reading memory.max/limit_in_bytes on every tick, we
read it once, then again only when it is modified.

To support this change, logic for computing the saturation was moved out
of the cgroup driver and into the resource monitor, and the driver
interface now has separate methods for reading memory usage and limit.

* Code cleanup/lint fixes

* Add platform build tags

* Add unit tests

* Fix lint issues

* Add runtime flag to allow disabling resource monitor

* Clamp saturation values to the range [0.0, 1.0]

* Switch to x/sys/unix; handle inotify IN_IGNORED events
 2024-05-28 16:57:09 -04:00
Denis Mishin
8269a723ec
health-checks: zero route availability improvements (#5111) 2024-05-17 16:47:27 -04:00
Caleb Doxsey
d225288ab3
core/identity: dynamic authenticator registration (#5105) 2024-05-07 16:45:39 -06:00
Denis Mishin
4031f4a962
health-check: building config from databroker source (#5104) 2024-05-06 14:47:20 -04:00
Kenneth Jenkins
b1feff5d56
envoy: preserve Go's max file limit for Envoy (#5102) 
Go raises the "max open files" soft limit to match the hard limit for
itself, but has special logic to reset the original soft limit before
forking a child process. This logic does not apply if the file limit is
set explicitly. Add a pair of Getrlimit / Setrlimit calls so that we
(1) preserve the default Go limit behavior for ourselves, and
(2) keep these same limits when launching Envoy.
 2024-05-03 17:15:59 -07:00
Caleb Doxsey
1a5b8b606f
core/lint: upgrade golangci-lint, replace interface{} with any (#5099) 
* core/lint: upgrade golangci-lint, replace interface{} with any

* regen proto
 2024-05-02 14:33:52 -06:00
Denis Mishin
614048ae9c
health-checks: add route reachability (#5093) 
* health-checks: add route reachability

* rm tls check bypass
 2024-05-02 13:31:48 -04:00
Kenneth Jenkins
a3149363a6
envoyconfig: address strconv.Atoi warnings (#5076) 
Replace Atoi() calls with ParseUint(), and update the buildAddress()
defaultPort parameter to be a uint32. (A uint16 would arguably make more
sense for a port number, but uint32 matches the Envoy proto field.)

Delete a ParseAddress() method that appears to be unused.
 2024-04-26 09:38:41 -07:00
Denis Mishin
df67fb7086
connect: add health check (#5086) 2024-04-26 11:56:36 -04:00
Denis Mishin
08eb255bbf
health-check: add storage health check (#5074) 2024-04-19 13:10:33 -04:00
Denis Mishin
2da4801d3a
zero: add user-agent to requests (#5078) 2024-04-19 11:33:43 -04:00
Caleb Doxsey
fab2181be4
core/mock: switch to uber mock (#5073) 
* core/mock: switch to uber mock

* merge main
 2024-04-16 12:23:00 -06:00
Denis Mishin
deb6f67094
healthcheck: only report transitions (#5068) 2024-04-16 13:15:18 -04:00
Denis Mishin
dc7820ea3e
zero/healthchecks: add checks for ability to save bootstrap parameter and bundle status reporting (#5064) 2024-04-11 10:47:52 -04:00
Denis Mishin
991fca496c
healthcheck: add common package, zero reporter and first xds check (#5059) 2024-04-10 15:21:39 -04:00
Denis Mishin
e7b3d3b6e9
config: add runtime flags (#5050) 2024-04-04 17:51:04 -04:00
Caleb Doxsey
4ac06d3bbd
core/logging: less verbose logs (#5040) 2024-03-29 15:26:20 -06:00
Denis Mishin
181d5b171d
cluster api: add shared secret to the cluster bootstrap params (#5030) 2024-03-18 16:30:39 -04:00
Caleb Doxsey
513d8bf615
core/config: implement direct response (#4960) 
* implement direct response

* proto

* fix tests

* update
 2024-02-15 14:33:56 -07:00
Caleb Doxsey
76862c2fe8
core: use context.WithoutCancel (#4959) 2024-02-09 13:55:06 -07:00
Caleb Doxsey
9d0e727e4d
core/zero: upgrade oapi-codegen (#4953) 2024-02-05 11:44:21 -07:00
Caleb Doxsey
6a833b365a
core/ppl: add groups criterion (#4916) 
* core/ppl: add groups criterion

* remove dead code

* add additional test
 2024-01-30 09:40:15 -07:00