3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-19 03:57:17 +02:00
Code Issues Projects Releases Packages Wiki Activity
1762 commits 161 branches 126 tags 104 MiB
Commit graph

1762 commits

This branch
This branch
All branches
Author SHA1 Message Date
Caleb Doxsey
ae7626df3e
authorize: set JWT to expire after 5 minutes (#1980) 
* authorize: set JWT to expire after 5 minutes

* use lesser of 5 minutes or id token expiration

* add test for expires at
 2021-03-15 07:38:32 -06:00
Caleb Doxsey
07e150a5af
ping: add documentation (#1976) 
* ping: add documentation

* Update docs/docs/identity-providers/ping.md

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

* Update docs/docs/identity-providers/ping.md

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

* use yaml for config

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
 2021-03-12 09:03:56 -07:00
Caleb Doxsey
a5731f7d92
identity: infer email from mail claim (#1977) 2021-03-12 09:01:21 -07:00
Caleb Doxsey
fd97561ab1
ping: identity and directory providers (#1975) 
* ping: add identity provider

* ping: implement directory provider

* ping, not onelogin

* ping, not onelogin

* escape path params
 2021-03-10 16:25:49 -07:00
Caleb Doxsey
00a1cb7456
docs: add JWT Verification w/Envoy guide (#1974) 
* docs: add JWT Verification w/Envoy guide

* add sentence about usage, fix formatting of config
 2021-03-10 15:45:37 -07:00
Travis Groth
c99ceaef1d
ci: deploy master to integration environments (#1973) 2021-03-09 12:13:11 -05:00
Renovate Bot
2f00d2dd72 fix(deps): update module github.com/go-redis/redis/v8 to v8.7.1 2021-03-08 19:52:17 +00:00
Renovate Bot
d89d2e2126 fix(deps): update google.golang.org/genproto commit hash to 9728d6b 2021-03-08 17:30:41 +00:00
Renovate Bot
db385e8b08 fix(deps): update github.com/nsf/jsondiff commit hash to 6ea3239 2021-03-08 15:46:20 +00:00
Renovate Bot
50dc15de28 fix(deps): update module github.com/google/go-cmp to v0.5.5 2021-03-08 05:22:54 +00:00
Caleb Doxsey
46ae3cf358
add rewrite_response_headers to protobuf (#1962) 2021-03-05 13:57:27 -07:00
Caleb Doxsey
7f6107051f
config: add rewrite_response_headers option (#1961) 
* add lua script to rewrite response headers

* add policy config

* update docs
 2021-03-05 09:40:17 -07:00
Caleb Doxsey
b6ec01f377
assets: use embed instead of statik (#1960) 
* assets: use embed instead of statik

* remove empty line

* maybe fix precommit
 2021-03-03 18:56:55 -07:00
Caleb Doxsey
92c3a4a56c
telemetry: add process collector for envoy (#1948) 
* telemetry: add process collector for envoy

* add test

* maybe fix macos

* address comments
 2021-03-03 16:05:35 -07:00
Caleb Doxsey
f396c2a0f7
config: log config source changes (#1959) 
* config: log config source changes

* use internal log import
 2021-03-03 09:54:08 -07:00
Caleb Doxsey
664358dfad
config: multiple endpoints for authorize and databroker (#1957) 
* wip

* update docs

* remove dead code
 2021-03-03 09:53:19 -07:00
Travis Groth
0f0a50be40
cmd/pomerium: exit 0 when intentionally terminated (#1958) 2021-03-02 15:47:25 -05:00
renovate[bot]
c42b364e07
chore(deps): update mikefarah/yq action to v4.6.1 (#1951) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-03-01 15:57:32 -05:00
Renovate Bot
f5b0e26971 fix(deps): update module github.com/go-chi/chi to v5 2021-03-01 17:04:43 +00:00
Renovate Bot
500c3ecca8 fix(deps): update module google.golang.org/grpc to v1.36.0 2021-03-01 15:27:24 +00:00
Renovate Bot
e635b112a5 fix(deps): update module go.opencensus.io to v0.23.0 2021-03-01 13:19:37 +00:00
Renovate Bot
18ede4b896 fix(deps): update module github.com/lithammer/shortuuid/v3 to v3.0.6 2021-03-01 11:42:27 +00:00
Renovate Bot
e3c64a17e5 chore(deps): update vuepress monorepo to v1.8.2 2021-03-01 09:21:50 +00:00
Renovate Bot
cbf35895d1 fix(deps): update google.golang.org/genproto commit hash to ab064af 2021-03-01 04:33:55 +00:00
Renovate Bot
79b29c5f8f fix(deps): update golang.org/x/net commit hash to e18ecbb 2021-03-01 02:52:14 +00:00
Caleb Doxsey
e9083b6dad
config: expose viper policy hooks (#1947) 2021-02-25 10:12:51 -07:00
Caleb Doxsey
4f2bb60adb
proxy: redirect to dashboard for logout (#1944) 2021-02-24 11:52:38 -07:00
bobby
a78dae7f6f
ci: cache build and test binaries (#1938) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-24 13:45:11 -05:00
Caleb Doxsey
a825b06014
metrics: add TLS options (#1939) 
* move metrics listener to envoy

* add metrics tls options

* add test

* update docs

* update config proto

* add function to validate metric addr

* fix validation
 2021-02-24 09:42:53 -07:00
Tanguy
ec02761e2f
Update data-storage.md (#1941) 
Add `databroker_storage_type` in example to make it functional.
 2021-02-24 08:00:53 -08:00
wasaga
de55199a70
use build_info as liveness gauge metric (#1940) 2021-02-24 10:57:31 -05:00
bobby
cdcb65b77c
ci: go 1.16.x, cached tests (#1937) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-23 11:39:52 -08:00
Caleb Doxsey
138df5ae24
identity: record metric for last refresh (#1936) 2021-02-23 10:08:01 -07:00
Caleb Doxsey
218acc001b
autocert: remove non-determinism (#1932) 
* autocert: remove non-determinism

* try sorting coverage
 2021-02-23 08:56:11 -08:00
bobby
9c7958b66f
middleware: equalize lengths of input (#1934) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-23 08:31:17 -08:00
Travis Groth
e56fb38cb5
config: fix redirect routes from protobuf (#1930) 2021-02-22 18:10:50 -05:00
Caleb Doxsey
8b42eb5ebd
config: add metrics_basic_auth option (#1917) 
* config: add metrics_basic_auth option

* remove println

* use constant time compare
 2021-02-22 13:37:18 -07:00
Caleb Doxsey
03d8ffaee2
google: fix default provider URL (#1928) 2021-02-22 11:21:16 -07:00
bobby
a4e1ae8db0
chore(deps): update yaml v2 to v3 (#1927) 
- update github.com/envoyproxy/protoc-gen-validate v0.4.1
- update github.com/go-redis/redis/v8 v8.6.0
- update github.com/golang/mock v1.5.0

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-22 08:51:49 -08:00
Caleb Doxsey
fe5e3712b8
docs: fix query param name (#1920) 2021-02-19 13:56:22 -07:00
bobby
b42b25531e
docs: add breaking sa changes in v0.13 (#1919) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-19 12:56:12 -08:00
Travis Groth
3c84004c1d
ci: deploy releases to test environment (#1916) 2021-02-19 07:40:20 -08:00
Caleb Doxsey
5d60cff21e
databroker: refactor databroker to sync all changes (#1879) 
* refactor backend, implement encrypted store

* refactor in-memory store

* wip

* wip

* wip

* add syncer test

* fix redis expiry

* fix linting issues

* fix test by skipping non-config records

* fix backoff import

* fix init issues

* fix query

* wait for initial sync before starting directory sync

* add type to SyncLatest

* add more log messages, fix deadlock in in-memory store, always return server version from SyncLatest

* update sync types and tests

* add redis tests

* skip macos in github actions

* add comments to proto

* split getBackend into separate methods

* handle errors in initVersion

* return different error for not found vs other errors in get

* use exponential backoff for redis transaction retry

* rename raw to result

* use context instead of close channel

* store type urls as constants in databroker

* use timestampb instead of ptypes

* fix group merging not waiting

* change locked names

* update GetAll to return latest record version

* add method to grpcutil to get the type url for a protobuf type
 2021-02-18 15:24:33 -07:00
Caleb Doxsey
b1871b0f2e
envoy: validate binary checksum (#1908) 
* envoy: validate binary checksum

* address comments

* change to info

* fix order
 2021-02-18 15:22:46 -07:00
Travis Groth
cc5335bd7f
docs: add v0.13 to docs site menu (#1913) 2021-02-18 17:00:22 -05:00
wasaga
c02223a8f0
fix flaky registry test (#1911) 2021-02-17 20:17:42 -05:00
bobby
b1baa5ac6d
docs: update changelog for v0.13.0 (#1909) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-17 16:08:29 -08:00
Caleb Doxsey
1a1cc30c67
config: support map of jwt claim headers (#1906) 
* config: support map of jwt claim headers

* fix array handling, add test

* update docs

* use separate hook, add tests
 2021-02-17 13:43:18 -07:00
wasaga
d04416a5fd
in-memory service registry (#1892) 2021-02-17 14:28:54 -05:00
Travis Groth
ee28f008b5
docs: add load balancing weight documentation (#1883) 2021-02-17 09:36:47 -08:00