3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-03 12:26:03 +02:00
Code Issues Projects Releases Packages Wiki Activity
182 commits 159 branches 125 tags 104 MiB
Commit graph

72 commits

Author SHA1 Message Date
Bobby DeSimone
b8463e30c1
Merge pull request #195 from travisgroth/feature/grpc_metrics 
internal/metrics: add gRPC Client Metrics
 2019-07-01 08:06:36 -07:00
Travis Groth
43ff275b16 Fix #188 2019-06-30 10:24:22 -04:00
Travis Groth
77338bd4e9 Add GRPC Client Metrics 2019-06-28 06:35:27 -04:00
Travis Groth
d303a95985 Add proxy client metrics instrumentation 
* New set of client request oriented metrics
* RoundTripper chain to instrument requests
 2019-06-21 18:55:02 -04:00
Travis Groth
ff528e8c7b Add metrics implementation* Covers proxy service on server side* Update documentation 2019-06-16 07:07:40 -04:00
Bobby DeSimone
cf0f98536a
authenticate: programmatic access support 
- authenticate: added a token exchange api endpoint that converts
  an identity provider's JWT into a pomerium session.
- internal/identity: authenticate now passes context.
- internal/identity: removed extraneous GetSignInURL from okta.
- internal/sessions: add rest store
- update go.mod / go.sum depedencies.
- docs: add programmatic examples in shell and python
 2019-06-12 14:51:19 -07:00
Bobby DeSimone
554e62108f
authorize: fix headers when impersonating 
- Add user impersonation docs.
- Add navbar link to v0.0.5 docs.
 2019-06-11 15:40:28 -07:00
Bobby DeSimone
0bbb923579
docs: tweaks to helm script and example config 2019-06-05 17:58:24 -07:00
Bobby DeSimone
6ee9c61d5e
docs: tag as latest again 2019-06-04 22:49:00 -07:00
Bobby DeSimone
55d01c4fa4
docs: bump version in docs 2019-06-04 22:20:18 -07:00
Bobby DeSimone
6eab1b7630
docs: fix typos in examples 2019-06-04 22:19:07 -07:00
Bobby DeSimone
dec57f66f3
cmd/pomerium: add version and options dump (#164) 2019-06-04 17:45:17 -07:00
Bobby DeSimone
49bc8274f1
Merge pull request #165 from desimone/docs/v0-0-5-update 
docs: update docs for v0.0.5
 2019-06-04 16:25:01 -07:00
Bobby DeSimone
2618602ae1
docs: update upgrading.md for v0.0.5 2019-06-04 15:41:27 -07:00
Bobby DeSimone
e9faefea16
docs: update docs for v0.0.5 2019-06-04 15:21:25 -07:00
Bobby DeSimone
14403ce388
docs: update examples for v0.0.5 (#147) 2019-06-03 14:05:28 -07:00
Tejasvi Nareddy
f966e5ab19 (proxy, internal/config, internal/log, docs): opt-in websocket support 2019-06-01 22:39:46 -04:00
Travis Groth
8c2beac6f1 Add automatic configuration reloading and 
policy handling
 2019-06-01 14:52:10 -04:00
Bobby DeSimone
77f3933560
internal/config: change internal-authenticate-addr to url (#154) 2019-05-31 17:53:58 -07:00
Bobby DeSimone
1791e3d3f7
Merge pull request #137 from desimone/docs/add-upgrading-guide 
docs: add upgrade guide
 2019-05-31 11:40:40 -07:00
Travis Groth
1148c3cd9b Added note for configuration refactor 2019-05-30 21:56:03 -04:00
Bobby DeSimone
3d6471c4b3
docs: fix example policy name typo (#143) 
Rename s/config-policy-only.yaml /config.example.policy.only/
Removed POLICY_FILE references
 2019-05-27 14:06:10 -07:00
Bobby DeSimone
80612247e3
docs: add versioning (#141) 
docs: make colors and logos consistent
Fixes #109
 2019-05-26 21:52:51 -07:00
Bobby DeSimone
794b7996db
Merge pull request #139 from travisgroth/feature/viper-config 
deployment: expose config file interface in docker images
 2019-05-26 20:09:07 -07:00
Travis Groth
02177043aa Add config handling to dockerfiles and update documentation 2019-05-26 22:28:51 -04:00
Bobby DeSimone
2dc88d44ee
Merge pull request #124 from desimone/docs/update-helm-and-aws-script 
deployment: remove helm from main repo
 2019-05-26 14:59:32 -07:00
Bobby DeSimone
66b4c2d3cd
authenticate/proxy: add user impersonation, refresh, dashboard (#123) 
proxy: Add user dashboard. [GH-123]
proxy/authenticate: Add manual refresh of their session. [GH-73]
authorize: Add administrator (super user) account support. [GH-110]
internal/policy: Allow administrators to impersonate other users. [GH-110]
 2019-05-26 12:33:00 -07:00
Bobby DeSimone
3ee23e3308
docs: add upgrade guide 2019-05-25 14:08:12 -07:00
Travis Groth
febf9464a4 Switch options parsing to viper 2019-05-25 15:06:32 -04:00
Tejasvi Nareddy
c5d2e40435 (proxy, internal\policy, docs\reference): define new access control option to bypass authentication 2019-05-22 23:12:30 -04:00
Bobby DeSimone
950f720660
docs: add amazon helm script to examples 2019-05-16 21:44:33 -07:00
Bobby DeSimone
27d4683662
authenticate: add CSP headers to this service only (#120) 2019-05-14 22:29:24 -07:00
Bobby DeSimone
04a653f694
docs: fix typos and reorganize 2019-05-09 23:16:26 -07:00
Bobby DeSimone
5448e3599a
cmd/pomerium : refactor main to more testable (#112) 
- cmd/pomerium: refactor global timeouts to be configurable
- cmd/pomerium: add tests
- cmd/pomerium: remove debug flag, set with env vars only
- cmd/pomerium: global ping now returns version not OK
- proxy: validate shared secret encoding and length
- docs: add timeout to example policy
- docs: document timeouts and cors
- docs: update pomerium logo
- docs: add policy authorization docs
 2019-05-09 23:10:19 -07:00
Bobby DeSimone
5e37c29dfe
proxy: make http headers configurable (#108) 
- http headers can be disabled via an env config
- http headers can be configured by k/v map env config
- pomerium/envconfig updated to use original syntax v1.5.0
- go.mod / go.sum patches updated
 2019-05-07 12:05:25 -07:00
Bobby DeSimone
0086fa05f8
docs: fix typos in reference 2019-05-03 20:54:21 -07:00
Bobby DeSimone
25d76cd5c0
proxy: make http redirect server configurable (#105) 2019-05-03 20:48:26 -07:00
Bobby DeSimone
ce7a8b1f2d
docs: add certificate section (#96) 
Closes #88
 2019-04-27 20:21:43 -07:00
Bobby DeSimone
fbe1cae482
proxy: remove unused setting AuthorizeInternalAddr (#93) 
- Added unit tests for policy validation.
- Removed extraneous policy validation for URLs.
- Add dependency caching to dockerfile.
 2019-04-24 13:28:29 -07:00
Bobby DeSimone
96f4b8bd61
docs: add sitemap 2019-04-14 17:59:31 -07:00
Bobby DeSimone
603e6a17b9
authenticate: infer settings from authenticate url (#83) 2019-04-10 12:16:00 -07:00
Bobby DeSimone
7bf257f6e9
docs: add synology tutorial (#79) 2019-04-06 23:35:20 -07:00
Bobby DeSimone
0b0010e6ce
docs: changelog++ v0.0.3 (#76) 2019-03-29 16:09:46 -07:00
Bobby DeSimone
8ead5b2a7e
docs: update helm_gke script and docs 2019-03-29 11:41:37 -07:00
Bobby DeSimone
5284c8c32b
deployment: update helm and add quick-start docs (#75) 
- adds quick-start documentation for using helm
- update helm deployment charts to match outstanding official charts repo.
 2019-03-29 08:35:31 -07:00
Bobby DeSimone
7c7939cf5b
deployment: add google analytics 2019-03-28 22:28:37 -07:00
Bobby DeSimone
b18a462681
internal/log: fix setting log level (#74) 
- POMERIUM_DEBUG no longer sets log level.
- LOG_LEVEL now responsible for setting global log level.
 2019-03-28 11:40:36 -07:00
Bobby DeSimone
45e6a8dc57
docs: update changelog, documentaiton, and helm configurations. (#63) 
- Update changelog.
- Update docs to cover authorization support.
- Updates helm to support authorization, and policy file.
 2019-03-19 10:55:41 -07:00
Bobby DeSimone
0a501b61ed
authenticate: support kubernetes (#62) 
- cmd/pomerium: made ping a toplevel route for all services.
- docs: updated kubernetes script and corresponding configuration yaml's
 2019-03-12 15:31:17 -07:00
Bobby DeSimone
c13459bb88
authorize: add authorization (#59) 
* authorize: authorization module adds support for per-route access policy. In this release we support the most common forms of identity based access policy: `allowed_users`, `allowed_groups`, and `allowed_domains`. In future versions, the authorization module will also support context and device based authorization policy and decisions. See website documentation for more details.
 * docs: updated `env.example` to include a `POLICY` setting example.
 * docs:  added `IDP_SERVICE_ACCOUNT` to  `env.example` .
 * docs: removed `PROXY_ROOT_DOMAIN` settings which has been replaced by `POLICY`.
 * all: removed `ALLOWED_DOMAINS` settings which has been replaced by `POLICY`. Authorization is now handled by the authorization service and is defined in the policy configuration files.
 * proxy: `ROUTES` settings which has been replaced by `POLICY`.
* internal/log: `http.Server` and `httputil.NewSingleHostReverseProxy` now uses pomerium's logging package instead of the standard library's built in one.

Closes #54
Closes #41
Closes #61
Closes #58
 2019-03-07 12:47:07 -08:00