3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-17 11:07:18 +02:00
Code Issues Projects Releases Packages Wiki Activity
1762 commits 160 branches 126 tags 104 MiB
Commit graph

1762 commits

This branch
This branch
All branches
Author SHA1 Message Date
Caleb Doxsey
f9675f61cc
deps: upgrade to go-jose v3 (#2284) 2021-06-10 09:35:44 -06:00
bobby
5813487cfc
docs: google gcp / workspace instructions (#2272) 
Deferential to Google's own docs since they keep changing the screens.

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-06-10 05:01:11 -06:00
Caleb Doxsey
02d9460765
envoy: fix usage of codec_type with alpn (#2277) 2021-06-07 14:26:20 -06:00
dependabot[bot]
2c48f7fd95
chore(deps): bump github.com/open-policy-agent/opa from 0.28.0 to 0.29.4 (#2255) 
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.28.0 to 0.29.4.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.28.0...v0.29.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-07 09:43:53 -06:00
dependabot[bot]
862442c483
chore(deps): bump github.com/go-redis/redis/v8 from 8.9.0 to 8.10.0 (#2276) 2021-06-07 11:21:51 -04:00
dependabot[bot]
0246882f13
chore(deps): bump gopkg.in/square/go-jose.v2 from 2.5.1 to 2.6.0 (#2273) 
* chore(deps): bump gopkg.in/square/go-jose.v2 from 2.5.1 to 2.6.0

Bumps [gopkg.in/square/go-jose.v2](https://github.com/square/go-jose) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/square/go-jose/releases)
- [Commits](https://github.com/square/go-jose/compare/v2.5.1...v2.6.0)

---
updated-dependencies:
- dependency-name: gopkg.in/square/go-jose.v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* update kid

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-06-07 09:15:17 -06:00
dependabot[bot]
4363eb920b
chore(deps): bump github.com/shirou/gopsutil/v3 from 3.21.4 to 3.21.5 (#2274) 2021-06-07 10:59:47 -04:00
wasaga
744e2c7993
xds: only tag contexts used for UpdateRecords (#2269) 2021-06-04 14:01:25 -04:00
Caleb Doxsey
2156dbc553
envoy: always set jwt claim headers even if no value is available (#2261) 
* envoy: always set jwt claim headers even if no value is available

* add test
 2021-06-04 10:01:00 -07:00
Caleb Doxsey
699f3f461f
authorize: handle grpc-web content types like json (#2268) 2021-06-04 10:12:55 -06:00
Caleb Doxsey
d705b219ea
redis: enforce capacity via ZREVRANGE to avoid race (#2267) 2021-06-04 07:03:55 -06:00
Caleb Doxsey
4af12c4bbb
xds: retry storing configuration events (#2266) 2021-06-03 13:03:55 -06:00
Caleb Doxsey
c3286aa355
envoyconfig: use zipkin tracer (#2265) 2021-06-03 09:28:00 -06:00
Caleb Doxsey
9dc90d02d0
authorize: only redirect for HTML pages (#2264) 
* authorize: only redirect for HTML pages

* authorize: only redirect for HTML pages
 2021-06-02 16:18:02 -06:00
Caleb Doxsey
513859665a
tracing: support dynamic reloading, more aggressive envoy restart (#2262) 
* tracing: support dynamic reloading, more aggressive envoy restart

* set exporter to nil

* actually register tracer
 2021-06-02 09:58:07 -06:00
wasaga
40ddc2c4b3
jwt: round timestamp (#2258) 2021-06-01 14:12:45 -07:00
Caleb Doxsey
7f05133e3b
envoy: disable hot-reload for macos (#2259) 
* envoy: disable hotload for macos

* lint

* envoy: ignore error when retrieving process status
 2021-06-01 13:35:55 -06:00
wasaga
12c8bb2da4
authorize: preserve original context (#2247) 2021-06-01 11:10:35 -04:00
wasaga
96d6005639
config: warn about unrecognized keys (#2256) 2021-05-31 23:35:38 -04:00
bobby
c5f90e40f3
options: s/shared-key/shared secret (#2257) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-05-31 12:55:11 -07:00
dependabot[bot]
41804ef0ba
chore(deps): bump go.uber.org/zap from 1.16.0 to 1.17.0 (#2254) 
Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uber-go/zap/compare/v1.16.0...v1.17.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-31 13:17:28 -04:00
dependabot[bot]
8a98bc3989
chore(deps): bump github.com/google/go-cmp from 0.5.5 to 0.5.6 (#2253) 
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.5 to 0.5.6.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](https://github.com/google/go-cmp/compare/v0.5.5...v0.5.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-31 12:49:31 -04:00
dependabot[bot]
b027d91395
chore(deps): bump github.com/cenkalti/backoff/v4 from 4.1.0 to 4.1.1 (#2252) 
Bumps [github.com/cenkalti/backoff/v4](https://github.com/cenkalti/backoff) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/cenkalti/backoff/releases)
- [Commits](https://github.com/cenkalti/backoff/compare/v4.1.0...v4.1.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-31 12:48:01 -04:00
dependabot[bot]
4117fce3c7
chore(deps): bump github.com/mitchellh/hashstructure/v2 (#2251) 
Bumps [github.com/mitchellh/hashstructure/v2](https://github.com/mitchellh/hashstructure) from 2.0.1 to 2.0.2.
- [Release notes](https://github.com/mitchellh/hashstructure/releases)
- [Commits](https://github.com/mitchellh/hashstructure/compare/v2.0.1...v2.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-31 12:47:32 -04:00
dependabot[bot]
5f3a68df3b
chore(deps): bump github.com/go-redis/redis/v8 from 8.8.3 to 8.9.0 (#2249) 
Bumps [github.com/go-redis/redis/v8](https://github.com/go-redis/redis) from 8.8.3 to 8.9.0.
- [Release notes](https://github.com/go-redis/redis/releases)
- [Changelog](https://github.com/go-redis/redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-redis/redis/compare/v8.8.3...v8.9.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-31 12:45:46 -04:00
Caleb Doxsey
1eea197859
darwin: use x86 envoy build for arm64 (#2246) 
* darwin: use x86 envoy build for arm64

* allow arm64 build for darwin
 2021-05-28 15:59:09 -07:00
wasaga
db00821001
auth: do not strip query parameters in forward auth (#2216) 2021-05-28 17:19:18 -04:00
Caleb Doxsey
d538f1d104
darwin: use gopsutil v3 to fix arm issue (#2245) 
* darwin: use gopsutil v3 to fix arm issue

* remove getenvoy
 2021-05-28 12:20:46 -06:00
Caleb Doxsey
9b61d04dd8
envoyconfig: fallback to global custom ca when no policy ca is defined (#2235) 
* envoyconfig: fallback to global custom ca when no policy ca is defined

* update upgrading

* combine custom ca with root cas
 2021-05-28 09:36:15 -06:00
Travis Groth
88902003f7
docs: update helm values for chart v20.0.0 (#2242) 2021-05-27 18:46:23 -04:00
Caleb Doxsey
91dd937468
policy: fix allowed idp claims PPL generation (#2243) 2021-05-27 15:12:12 -06:00
Caleb Doxsey
ef62d9bb31
envoy: exit if envoy exits (#2240) 2021-05-27 15:11:12 -06:00
bobby
1cf0c701ba
Update _redirects (#2237) 2021-05-24 21:59:02 -06:00
dependabot[bot]
e9ffc5fde3
chore(deps): bump google.golang.org/grpc from 1.37.1 to 1.38.0 (#2231) 
* chore(deps): bump google.golang.org/grpc from 1.37.1 to 1.38.0

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.37.1 to 1.38.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.37.1...v1.38.0)

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): bump google.golang.org/grpc from 1.37.1 to 1.38.0

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.37.1 to 1.38.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.37.1...v1.38.0)

Signed-off-by: dependabot[bot] <support@github.com>

* fix UpdateState method

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-05-24 09:33:53 -06:00
dependabot[bot]
acdcdff2a7
chore(deps): bump github.com/go-redis/redis/v8 from 8.8.2 to 8.8.3 (#2232) 
* chore(deps): bump github.com/go-redis/redis/v8 from 8.8.2 to 8.8.3

Bumps [github.com/go-redis/redis/v8](https://github.com/go-redis/redis) from 8.8.2 to 8.8.3.
- [Release notes](https://github.com/go-redis/redis/releases)
- [Changelog](https://github.com/go-redis/redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-redis/redis/compare/v8.8.2...v8.8.3)

Signed-off-by: dependabot[bot] <support@github.com>

* remove unused field

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-05-24 08:17:41 -06:00
dependabot[bot]
98790b9456
chore(deps): bump google.golang.org/api from 0.46.0 to 0.47.0 (#2233) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.46.0 to 0.47.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.46.0...v0.47.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-24 07:50:31 -06:00
dependabot[bot]
36cabbac90
chore(deps): bump github.com/prometheus/common from 0.24.0 to 0.25.0 (#2234) 
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.24.0 to 0.25.0.
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](https://github.com/prometheus/common/compare/v0.24.0...v0.25.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-24 07:49:57 -06:00
Caleb Doxsey
96b9702ee3
ppl: add data type, implement string and list matchers (#2228) 
* ppl: add data type, implement string and list matchers

* update policy converter
 2021-05-21 11:28:41 -06:00
Ben Potter
1cd95e808d
add support for latest version of code-server (#2229) 
* add support for latest version of code-server

* golang version

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

* golang version

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

* install zip

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
 2021-05-21 09:57:47 -07:00
Caleb Doxsey
dad35bcfb0
ppl: refactor authorize to evaluate PPL (#2224) 
* ppl: refactor authorize to evaluate PPL

* remove opa test step

* add log statement

* simplify assignment

* deny with forbidden if logged in

* add safeEval function

* create evaluator-specific config and options

* embed the headers rego file directly
 2021-05-21 09:50:18 -06:00
Alex Fornuto
8c56d64f31
docs: rm broken link (#2215) 
* docs: rm broken link

The was the only image on this page that was also a link to the image, which failed with a 404 (which is the default Nginx 404 page, BTW).

* fmt and typo

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

Co-authored-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-05-20 21:13:41 -07:00
Joe Previte
38a7591395
fix(docs): use correct name for code-server (#2223) 
* fix: use correct name for code-server

* chore: update config.js for code-server

* chore: add redirect for code-server
 2021-05-20 20:44:52 -07:00
bobby
2227ca5b6a
depedency: update /x/net (#2227) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-05-20 19:44:26 -07:00
Caleb Doxsey
a1061c5c03
envoy: add global response headers to local replies (#2217) 2021-05-20 08:56:43 -06:00
Alex Fornuto
5b1b6e5ee5
match tenses (#2214) 
The ordered list at the end changed from simple present tense to present progressive tense, which can break reader flow.
 2021-05-19 11:46:30 -07:00
Caleb Doxsey
c489391bbf
ppl: convert config policy to ppl (#2218) 2021-05-19 12:42:36 -06:00
Caleb Doxsey
bdccd4f785
ppl: bubble up values, bug fixes (#2213) 2021-05-18 14:01:36 -06:00
Caleb Doxsey
e138054cb9
Pomerium Policy Language (#2202) 
* policy: add parser and generator for Pomerium Policy Language

* add criteria

* add additional criteria
 2021-05-17 15:30:51 -06:00
dependabot[bot]
9fe941ccee
chore(deps): bump gopkg.in/auth0.v5 from 5.16.0 to 5.17.0 (#2208) 
Bumps [gopkg.in/auth0.v5](https://github.com/go-auth0/auth0) from 5.16.0 to 5.17.0.
- [Release notes](https://github.com/go-auth0/auth0/releases)
- [Changelog](https://github.com/go-auth0/auth0/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-auth0/auth0/compare/v5.16.0...v5.17.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-17 09:50:32 -06:00
dependabot[bot]
b3a5613488
chore(deps): bump github.com/lithammer/shortuuid/v3 from 3.0.6 to 3.0.7 (#2211) 
Bumps [github.com/lithammer/shortuuid/v3](https://github.com/lithammer/shortuuid) from 3.0.6 to 3.0.7.
- [Release notes](https://github.com/lithammer/shortuuid/releases)
- [Commits](https://github.com/lithammer/shortuuid/compare/v3.0.6...v3.0.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-17 09:28:04 -04:00