Caleb Doxsey
c4768ad8cf
add runtime flag
2024-04-26 15:32:11 -06:00
Caleb Doxsey
14cbb2353e
Merge remote-tracking branch 'origin/main' into cdoxsey/identity-manager-refactor-1
2024-04-26 15:19:26 -06:00
Caleb Doxsey
66ed736f56
Merge remote-tracking branch 'origin/main' into cdoxsey/identity-manager-refactor-1
2024-04-26 15:05:43 -06:00
Caleb Doxsey
99a5dbd65b
core/identity: add enabler ( #5084 )
...
* core/identity: add disabler
* enable by default
* add name
* rename to enabler, use mutex instead of goroutine
* rename method, add comments
2024-04-26 15:05:22 -06:00
Kenneth Jenkins
a518435c17
chore(deps): update UI dependencies ( #5088 )
...
Run `yarn upgrade-interactive` to update UI dependencies:
dependencies
name range from to
@babel/core ^7.0.0 7.17.0 ❯ 7.24.4
@emotion/react ^11.7.1 11.7.1 ❯ 11.11.4
@emotion/styled ^11.11.0 11.11.0 ❯ 11.11.5
@fontsource/dm-mono ^5.0.14 5.0.14 ❯ 5.0.20
@fontsource/dm-sans ^5.0.13 5.0.13 ❯ 5.0.21
@mui/icons-material ^5.14.9 5.14.9 ❯ 5.15.15
@mui/material ^5.4.0 5.4.0 ❯ 5.15.15
markdown-to-jsx ^7.2.1 7.2.1 ❯ 7.4.7
devDependencies
name range from to
@types/luxon ^2.0.9 2.0.9 ❯ 2.4.0
@types/node ^17.0.14 17.0.14 ❯ 17.0.45
@types/react ^17.0.34 17.0.38 ❯ 17.0.80
@types/react-dom ^17.0.11 17.0.11 ❯ 17.0.25
@typescript-eslint/eslint-plugin ^5.10.2 5.10.2 ❯ 5.62.0
@typescript-eslint/parser ^5.59.11 5.59.11 ❯ 5.62.0
eslint-config-prettier ^8.3.0 8.3.0 ❯ 8.10.0
eslint-plugin-react ^7.28.0 7.28.0 ❯ 7.34.1
prettier ^2.4.1 2.5.1 ❯ 2.8.8
ts-node ^10.9.1 10.9.1 ❯ 10.9.2
typescript ^5.1.3 5.1.3 ❯ 5.4.5
2024-04-26 12:32:18 -07:00
Kenneth Jenkins
a3149363a6
envoyconfig: address strconv.Atoi warnings ( #5076 )
...
Replace Atoi() calls with ParseUint(), and update the buildAddress()
defaultPort parameter to be a uint32. (A uint16 would arguably make more
sense for a port number, but uint32 matches the Envoy proto field.)
Delete a ParseAddress() method that appears to be unused.
2024-04-26 09:38:41 -07:00
Denis Mishin
df67fb7086
connect: add health check ( #5086 )
2024-04-26 11:56:36 -04:00
Caleb Doxsey
5373e25ac4
core/config: add support for stripping the port for matching routes ( #5085 )
...
* core/config: add support for stripping the port for matching routes
* fix test
* rename option, improve port detection
* add more test cases
2024-04-26 08:24:46 -06:00
Kenneth Jenkins
498c3aa108
config: add support for TCP proxy chaining ( #5053 )
...
Add a distinction between TCP routes depending on whether the To URL(s)
have the scheme tcp://. For routes with a TCP upstream, configure Envoy
to terminate CONNECT requests and open a TCP tunnel to the upstream
service (this is the current behavior). For routes without a TCP
upstream, configure Envoy to proxy CONNECT requests to the upstream.
This new mode can allow an upstream proxy server to terminate a CONNECT
request and open its own TCP tunnel to the final destination server.
(Note that this will typically require setting the preserve_host_header
option as well.)
Note that this requires Envoy 1.30 or later.
2024-04-24 16:35:18 -07:00
Caleb Doxsey
7856830785
use manager context for syncers too
2024-04-23 09:39:48 -06:00
Caleb Doxsey
6965bfbf6c
use base context for manager calls
2024-04-23 09:36:43 -06:00
Caleb Doxsey
27b3a39f2b
use origin context
2024-04-23 09:23:01 -06:00
Caleb Doxsey
1a5a9f1758
remove log
2024-04-23 09:21:41 -06:00
Caleb Doxsey
8dfb74e18d
add stop message
2024-04-23 09:18:08 -06:00
Caleb Doxsey
e21dc6fbc3
fix nil session error
2024-04-23 08:59:45 -06:00
Kenneth Jenkins
05e077fe04
envoy: migrate deprecated overload setting ( #5082 )
...
Migrate from overload.global_downstream_max_connections to the suggested
envoy.resource_monitors.global_downstream_max_connections replacement.
2024-04-22 18:53:24 -07:00
Kenneth Jenkins
cc0a989cc0
envoy: upgrade to v1.30.1 ( #5080 )
2024-04-22 12:05:37 -07:00
Caleb Doxsey
a8efb5901e
clean up context
2024-04-22 10:52:21 -06:00
Caleb Doxsey
0e3e5ff494
wip
2024-04-19 16:07:02 -06:00
Caleb Doxsey
2eaa4291ae
add test
2024-04-19 15:39:34 -06:00
Caleb Doxsey
a80ef11763
wip
2024-04-19 15:23:55 -06:00
Denis Mishin
08eb255bbf
health-check: add storage health check ( #5074 )
2024-04-19 13:10:33 -04:00
Caleb Doxsey
a6577fd570
core/identity: add data store for thread-safe storage of sessions and users
2024-04-19 11:04:47 -06:00
Denis Mishin
2da4801d3a
zero: add user-agent to requests ( #5078 )
2024-04-19 11:33:43 -04:00
dependabot[bot]
86c82c0374
chore(deps): bump golang.org/x/net from 0.22.0 to 0.23.0 ( #5077 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.22.0 to 0.23.0.
- [Commits](https://github.com/golang/net/compare/v0.22.0...v0.23.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-19 10:45:03 -04:00
dependabot[bot]
ca0d6c8c39
chore(deps): bump github.com/docker/docker from 26.0.0+incompatible to 26.0.2+incompatible ( #5075 )
...
chore(deps): bump github.com/docker/docker
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 26.0.0+incompatible to 26.0.2+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v26.0.0...v26.0.2 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-18 15:05:17 -07:00
Caleb Doxsey
494dc4accc
core/envoy: format envoy local replies ( #5067 )
2024-04-18 09:22:15 -06:00
Caleb Doxsey
fab2181be4
core/mock: switch to uber mock ( #5073 )
...
* core/mock: switch to uber mock
* merge main
2024-04-16 12:23:00 -06:00
Denis Mishin
deb6f67094
healthcheck: only report transitions ( #5068 )
2024-04-16 13:15:18 -04:00
Kenneth Jenkins
1aa062b37b
update README: link to Contributing page ( #5072 )
...
Remove the inline integration test instructions in favor of a link to
the Contributing page on the documentation site. Remove some unused link
definitions and update the godoc.org link to use pkg.go.dev instead.
2024-04-15 14:03:38 -07:00
Caleb Doxsey
f03b1cd9ff
core/envoy: only enable port reuse on linux ( #5066 )
...
* core/envoy: only enable port reuse on linux
* fix alert
2024-04-11 16:19:20 -06:00
Caleb Doxsey
ed378af744
core/zero: lower log level ( #5065 )
2024-04-11 15:31:25 -06:00
Denis Mishin
dc7820ea3e
zero/healthchecks: add checks for ability to save bootstrap parameter and bundle status reporting ( #5064 )
2024-04-11 10:47:52 -04:00
Kenneth Jenkins
25aceea626
go.mod: update to a valid go version ( #5061 )
2024-04-10 14:10:58 -07:00
Kenneth Jenkins
cc0d855843
update dev Dockerfiles to use Go 1.22.2 ( #5063 )
2024-04-10 13:32:05 -07:00
Caleb Doxsey
322e11e60d
core/config: disable gRPC ingress when address is the empty string ( #5058 )
...
* core/config: disable gRPC ingress when address is the empty string
* add test
* typo
2024-04-10 13:53:08 -06:00
Caleb Doxsey
5f800300a4
core/authenticate: redirect to /.pomerium/signed_out when no signout redirect url is defined ( #5060 )
2024-04-10 13:39:07 -06:00
Denis Mishin
991fca496c
healthcheck: add common package, zero reporter and first xds check ( #5059 )
2024-04-10 15:21:39 -04:00
dependabot[bot]
5af244f0e5
chore(deps): bump @babel/traverse from 7.16.10 to 7.23.2 in /ui ( #5055 )
...
Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse ) from 7.16.10 to 7.23.2.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse )
---
updated-dependencies:
- dependency-name: "@babel/traverse"
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-05 14:26:26 -06:00
Denis Mishin
fbddb43d7f
envoy: upgrade to v1.29.3 ( #5056 )
2024-04-05 15:32:49 -04:00
Kenneth Jenkins
e9b6298cb5
chore(deps): bump @trivago/prettier-plugin-sort-imports from 2.0.4 to 4.3.0 ( #5054 )
...
This should resolve a security vulnerability alert on the transitive
dependency @babel/traverse.
2024-04-05 12:21:41 -07:00
Denis Mishin
e7b3d3b6e9
config: add runtime flags ( #5050 )
2024-04-04 17:51:04 -04:00
dependabot[bot]
be9bfd9c3f
chore(deps): bump the go group with 15 updates ( #5048 )
...
* chore(deps): bump the go group with 15 updates
Bumps the go group with 15 updates:
| Package | From | To |
| --- | --- | --- |
| [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go ) | `1.39.0` | `1.40.0` |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2 ) | `1.25.3` | `1.26.1` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2 ) | `1.27.7` | `1.27.10` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2 ) | `1.51.4` | `1.53.1` |
| [github.com/cenkalti/backoff/v4](https://github.com/cenkalti/backoff ) | `4.2.1` | `4.3.0` |
| [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc ) | `3.9.0` | `3.10.0` |
| [github.com/docker/docker](https://github.com/docker/docker ) | `25.0.5+incompatible` | `26.0.0+incompatible` |
| [github.com/grpc-ecosystem/go-grpc-middleware/v2](https://github.com/grpc-ecosystem/go-grpc-middleware ) | `2.0.1` | `2.1.0` |
| [github.com/jackc/pgx/v5](https://github.com/jackc/pgx ) | `5.5.4` | `5.5.5` |
| [github.com/minio/minio-go/v7](https://github.com/minio/minio-go ) | `7.0.68` | `7.0.69` |
| [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa ) | `0.62.1` | `0.63.0` |
| [github.com/prometheus/common](https://github.com/prometheus/common ) | `0.50.0` | `0.51.1` |
| [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil ) | `3.24.2` | `3.24.3` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) | `0.169.0` | `0.170.0` |
| [google.golang.org/genproto/googleapis/rpc](https://github.com/googleapis/go-genproto ) | `0.0.0-20240304161311-37d4d3c04a78` | `0.0.0-20240311132316-a219d84964c2` |
Updates `cloud.google.com/go/storage` from 1.39.0 to 1.40.0
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.39.0...spanner/v1.40.0 )
Updates `github.com/aws/aws-sdk-go-v2` from 1.25.3 to 1.26.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.25.3...v1.26.1 )
Updates `github.com/aws/aws-sdk-go-v2/config` from 1.27.7 to 1.27.10
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.7...config/v1.27.10 )
Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.51.4 to 1.53.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.51.4...service/s3/v1.53.1 )
Updates `github.com/cenkalti/backoff/v4` from 4.2.1 to 4.3.0
- [Commits](https://github.com/cenkalti/backoff/compare/v4.2.1...v4.3.0 )
Updates `github.com/coreos/go-oidc/v3` from 3.9.0 to 3.10.0
- [Release notes](https://github.com/coreos/go-oidc/releases )
- [Commits](https://github.com/coreos/go-oidc/compare/v3.9.0...v3.10.0 )
Updates `github.com/docker/docker` from 25.0.5+incompatible to 26.0.0+incompatible
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v25.0.5...v26.0.0 )
Updates `github.com/grpc-ecosystem/go-grpc-middleware/v2` from 2.0.1 to 2.1.0
- [Release notes](https://github.com/grpc-ecosystem/go-grpc-middleware/releases )
- [Commits](https://github.com/grpc-ecosystem/go-grpc-middleware/compare/v2.0.1...v2.1.0 )
Updates `github.com/jackc/pgx/v5` from 5.5.4 to 5.5.5
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md )
- [Commits](https://github.com/jackc/pgx/compare/v5.5.4...v5.5.5 )
Updates `github.com/minio/minio-go/v7` from 7.0.68 to 7.0.69
- [Release notes](https://github.com/minio/minio-go/releases )
- [Commits](https://github.com/minio/minio-go/compare/v7.0.68...v7.0.69 )
Updates `github.com/open-policy-agent/opa` from 0.62.1 to 0.63.0
- [Release notes](https://github.com/open-policy-agent/opa/releases )
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.62.1...v0.63.0 )
Updates `github.com/prometheus/common` from 0.50.0 to 0.51.1
- [Release notes](https://github.com/prometheus/common/releases )
- [Commits](https://github.com/prometheus/common/compare/v0.50.0...v0.51.1 )
Updates `github.com/shirou/gopsutil/v3` from 3.24.2 to 3.24.3
- [Release notes](https://github.com/shirou/gopsutil/releases )
- [Commits](https://github.com/shirou/gopsutil/compare/v3.24.2...v3.24.3 )
Updates `google.golang.org/api` from 0.169.0 to 0.170.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.169.0...v0.170.0 )
Updates `google.golang.org/genproto/googleapis/rpc` from 0.0.0-20240304161311-37d4d3c04a78 to 0.0.0-20240311132316-a219d84964c2
- [Commits](https://github.com/googleapis/go-genproto/commits )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/config
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/cenkalti/backoff/v4
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/coreos/go-oidc/v3
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: go
- dependency-name: github.com/grpc-ecosystem/go-grpc-middleware/v2
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/jackc/pgx/v5
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go
- dependency-name: github.com/minio/minio-go/v7
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go
- dependency-name: github.com/open-policy-agent/opa
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/prometheus/common
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: github.com/shirou/gopsutil/v3
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: google.golang.org/genproto/googleapis/rpc
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go
...
Signed-off-by: dependabot[bot] <support@github.com>
* fix list call
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
2024-04-01 15:53:46 -06:00
Caleb Doxsey
84b44ae2e6
core/authorize: add support for rego print statements ( #5049 )
2024-04-01 14:17:14 -06:00
Kenneth Jenkins
e8edb465f4
authenticate: apply branding to sign out pages ( #5044 )
...
Add support for the Enterprise branding options to the sign_out and
signed_out page handlers.
2024-04-01 11:32:29 -07:00
dependabot[bot]
40655e491a
chore(deps): bump the docker group in /.github with 3 updates ( #5046 )
...
Bumps the docker group in /.github with 3 updates: busybox, distroless/base and distroless/base-debian12.
Updates `busybox` from `650fd57` to `c3839dd`
Updates `distroless/base` from `9d4e568` to `2808521`
Updates `distroless/base-debian12` from `5eae9ef` to `28a7f1f`
---
updated-dependencies:
- dependency-name: busybox
dependency-type: direct:production
dependency-group: docker
- dependency-name: distroless/base
dependency-type: direct:production
dependency-group: docker
- dependency-name: distroless/base-debian12
dependency-type: direct:production
dependency-group: docker
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-01 11:37:22 -06:00
dependabot[bot]
78db594e65
chore(deps): bump the github-actions group with 6 updates ( #5047 )
...
Bumps the github-actions group with 6 updates:
| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout ) | `4.1.1` | `4.1.2` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) | `3.1.0` | `3.2.0` |
| [docker/login-action](https://github.com/docker/login-action ) | `3.0.0` | `3.1.0` |
| [docker/build-push-action](https://github.com/docker/build-push-action ) | `5.2.0` | `5.3.0` |
| [mikefarah/yq](https://github.com/mikefarah/yq ) | `4.42.1` | `4.43.1` |
| [actions/setup-python](https://github.com/actions/setup-python ) | `5.0.0` | `5.1.0` |
Updates `actions/checkout` from 4.1.1 to 4.1.2
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](b4ffde65f4...9bb56186c3https://github.com/docker/setup-buildx-action/releases )
- [Commits](0d103c3126...2b51285047https://github.com/docker/login-action/releases )
- [Commits](343f7c4344...e92390c5fbhttps://github.com/docker/build-push-action/releases )
- [Commits](af5a7ed5ba...2cdde995dehttps://github.com/mikefarah/yq/releases )
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt )
- [Commits](9adde1ac14...c35ec752e3https://github.com/actions/setup-python/releases )
- [Commits](0a5c615913...82c7e631bb
2024-04-01 11:37:05 -06:00
dependabot[bot]
f88c6bedc1
chore(deps): bump the docker group with 3 updates ( #5045 )
...
Bumps the docker group with 3 updates: node, golang and distroless/base-debian12.
Updates `node` from `f3299f1` to `bf0ef06`
Updates `golang` from `6699d28` to `d996c64`
Updates `distroless/base-debian12` from `dd7d395` to `e0cc8fa`
---
updated-dependencies:
- dependency-name: node
dependency-type: direct:production
dependency-group: docker
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: docker
- dependency-name: distroless/base-debian12
dependency-type: direct:production
dependency-group: docker
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-01 10:25:51 -06:00
Caleb Doxsey
4ac06d3bbd
core/logging: less verbose logs ( #5040 )
2024-03-29 15:26:20 -06:00
Denis Mishin
ecbd84b7df
envoy: set to v1.29.2 ( #5042 )
2024-03-27 09:25:37 -06:00
