3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 18:36:30 +02:00
Code Issues Projects Releases Packages Wiki Activity
3725 commits 156 branches 125 tags 103 MiB
Commit graph

49 commits

Author SHA1 Message Date
Kenneth Jenkins
e1d84a1dde
logging: standardize on hyphens in attribute names (#5577) 2025-04-22 10:57:19 -07:00
Caleb Doxsey
c47055bece
upgrade to go v1.24 (#5562) 
* upgrade to go v1.24

* add a macOS-specific //nolint comment too

---------

Co-authored-by: Kenneth Jenkins <51246568+kenjenkins@users.noreply.github.com>
 2025-04-02 15:53:09 -06:00
Joe Kralicky
a96ab2fe93
move internal/telemetry/trace => pkg/telemetry/trace (#5541) 2025-03-25 10:43:04 -04:00
Denis Mishin
ab5f3ac7f3
core/envoyconfig: make adding ipv6 addresses to internal cidr list conditional on ipv6 support on the system (#5538) 2025-03-21 11:14:50 -04:00
Joe Kralicky
396c35b6b4
New tracing system (#5388) 
* update tracing config definitions

* new tracing system

* performance improvements

* only configure tracing in envoy if it is enabled in pomerium

* [tracing] refactor to use custom extension for trace id editing (#5420)

refactor to use custom extension for trace id editing

* set default tracing sample rate to 1.0

* fix proxy service http middleware

* improve some existing auth related traces

* test fixes

* bump envoyproxy/go-control-plane

* code cleanup

* test fixes

* Fix missing spans for well-known endpoints

* import extension apis from pomerium/envoy-custom
 2025-01-21 13:26:32 -05:00
Joe Kralicky
526e2a58d6
New integration test fixtures (#5233) 
* Initial test environment implementation

* linter pass

* wip: update request latency test

* bugfixes

* Fix logic race in envoy process monitor when canceling context

* skip tests using test environment on non-linux
 2024-11-05 14:31:40 -05:00
Joe Kralicky
fe31799eb5
Fix many instances of contexts and loggers not being propagated (#5340) 
This also replaces instances where we manually write "return ctx.Err()"
with "return context.Cause(ctx)" which is functionally identical, but
will also correctly propagate cause errors if present.
 2024-10-25 14:50:56 -04:00
Caleb Doxsey
d2c14cd6d2
logging: remove ctx from global log methods (#5337) 
* log: remove warn

* log: update debug

* log: update info

* remove level, log

* remove contextLogger function
 2024-10-23 14:18:52 -06:00
Caleb Doxsey
dad954ae16
core/logging: change log.Error function (#5251) 
* core/logging: change log.Error function

* use request id
 2024-09-05 15:42:46 -06:00
Kenneth Jenkins
f5f5e5fddc
controlplane: avoid calling Close on nil listener (#5156) 
Tweak the cleanup logic in controlplane.NewServer() to avoid a nil panic
if the DebugListener fails to start.
 2024-06-27 08:48:43 -07:00
Caleb Doxsey
4ac06d3bbd
core/logging: less verbose logs (#5040) 2024-03-29 15:26:20 -06:00
Caleb Doxsey
4301da3648
core/telemetry: move requestid to pkg directory (#4911) 2024-01-19 13:18:16 -07:00
Caleb Doxsey
7eb7861f2c
core: fix graceful stop (#4865) 
* core/grpc: fix graceful stop

* core/http: add graceful stop serve
 2023-12-29 10:18:08 -07:00
Caleb Doxsey
53573dc046
core/config: remove version (#4653) 
* core/config: remove version

* lint

* fix
 2023-11-01 10:19:55 -06:00
Caleb Doxsey
6511440c2f
core/controlplane: apply configuration changes in a background thread (#4649) 
* core/controlplane: apply configuration changes in a background thread

* core/controlplane: build envoy resources in goroutines

* tracing
 2023-10-31 16:47:13 -06:00
Caleb Doxsey
ae420f01c6
core/config: add config version, additional telemetry (#4645) 
* core/config: add config version, additional telemetry

* typo
 2023-10-27 15:16:40 -06:00
Denis Mishin
62ca7ffaa2
authenticate: fix authenticate_internal_service_url for all in one (#4003) 2023-02-22 10:42:27 -05:00
Denis Mishin
ce1b8701da
events: remove xds configuraton update (#3792) 2022-12-06 14:46:45 -05:00
Caleb Doxsey
b68dc1ff4f
controlplane: move jwks.json endpoint to control plane (#3691) 2022-10-25 08:01:33 -06:00
Caleb Doxsey
6140ee1d88
controlplane: add well-known endpoint to the controlplane http handler (#3555) 
* controlplane: add well-known endpoint to the controlplane http handler

* add support for trailing /

* remove redundant test
 2022-08-16 09:59:39 -06:00
Caleb Doxsey
0ac7e45a21
atomicutil: use atomicutil.Value wherever possible (#3517) 
* atomicutil: use atomicutil.Value wherever possible

* fix test

* fix mux router
 2022-07-28 15:38:38 -06:00
Denis Mishin
d1037d784a
allow pomerium to be embedded as a library (#3415) 2022-06-15 20:29:19 -04:00
Denis Mishin
db426072b0
eliminate global events manager (#3422) 2022-06-14 15:05:16 -04:00
Caleb Doxsey
fd82cc7870
authenticate: allow changing the authenticate service URL at runtime (#3378) 
* config: better change detection

* wip

* fix middleware

* add middleware before handlers

* use ctx
 2022-05-31 13:24:40 -06:00
Caleb Doxsey
b435f73e2b
authenticate: fix debug and metrics endpoints (#3212) 2022-03-30 09:37:37 -06:00
Caleb Doxsey
64ee7eca5c
directory: save IDP errors to databroker, put event handling in dedicated package (#2957) 2022-01-28 15:15:32 -07:00
Caleb Doxsey
bbec2cae9f
grpc: send client traffic through envoy (#2469) 
* wip

* wip

* handle wildcards in override name

* remove wait for ready, add comment about sync, force initial sync complete in test

* address comments
 2021-08-16 16:12:22 -06:00
Caleb Doxsey
31fa214983
envoy: add full version (#2287) 
* envoy: add full version

* remove unused import

* get envoy for lint
 2021-06-14 13:58:12 -06:00
wasaga
c71f7dca5b
authorize: grpc health check (#2200) 2021-05-13 15:00:10 -04:00
wasaga
129df47f9c
xds extended event (#2158) 2021-05-03 12:28:11 -04:00
Caleb Doxsey
0adbf4f24c
controlplane: save configuration events to databroker (#2153) 
* envoy: save events to databroker

* controlplane: add tests for envoy configuration events

* format imports
 2021-04-29 15:51:46 -06:00
wasaga
e0c09a0998
log context (#2107) 2021-04-22 10:58:13 -04:00
Caleb Doxsey
f760cdece5
envoyconfig: move most bootstrap config to shared package (#2088) 2021-04-14 12:07:49 -06:00
Caleb Doxsey
1dcccf2b56
envoy: refactor controlplane xds to new envoyconfig package (#2086) 2021-04-13 13:51:44 -06:00
Caleb Doxsey
d8f11dcb91
proxy: support re-proxying request through control plane for kubernetes (#2051) 
* proxy: support re-proxying request from envoy for kubernetes

* encrypt policy id for reproxy, implement tls options

* add comment, use hmac

* use httputil handler and error

* remove reproxy headers on all incoming request

* only allow re-proxying for kubernetes, strip headers

* fix tests
 2021-04-06 12:08:09 -06:00
Caleb Doxsey
a825b06014
metrics: add TLS options (#1939) 
* move metrics listener to envoy

* add metrics tls options

* add test

* update docs

* update config proto

* add function to validate metric addr

* fix validation
 2021-02-24 09:42:53 -07:00
wasaga
3a505d5573
expose envoy cluster options in policy (#1804) 2021-01-25 09:49:03 -05:00
Caleb Doxsey
c90eda5622
autocert: store certificates separately from config certificates (#1794) 2021-01-21 13:13:55 -07:00
Caleb Doxsey
10912add67
config: detect underlying file changes (#1775) 
* wip

* cleanup

* add test

* use uuid for temp dir, derive root CA path from filemgr for tests

* fix comment

* fix double close

* use latest notify
 2021-01-14 18:06:02 -07:00
Caleb Doxsey
3524697f6f
use incremental API for envoy xDS (#1732) 
* use incremental API

* add test

* use backoff v4

* remove panic, add comment to exponential try, add test for HashProto

* merge master

* fix missing import
 2021-01-05 12:45:55 -07:00
Caleb Doxsey
8ada0c51dd
attach version to gRPC server metadata (#1598) 
* attach version to gRPC server metadata

* fix linting
 2020-11-17 07:18:48 -07:00
Travis Groth
2e714c211e
internal/controlplane: add telemetry http handler (#1353) 2020-09-01 09:22:24 -04:00
Caleb Doxsey
d3a7ee38be
options refactor (#1088) 
* refactor config loading

* wip

* move autocert to its own config source

* refactor options updaters

* fix stuttering

* fix autocert validate check
 2020-07-16 14:30:15 -06:00
Travis Groth
06e3f5def5
Fix missing/incorrect grpc labels (#804) 2020-05-29 15:57:58 -04:00
Travis Groth
ca5f68e371
telemetry: Refactor GRPC Server Handler (#756) 
* Refactor GRPC server stats handler location
 2020-05-22 13:36:55 -04:00
Travis Groth
66e4c7d7ca
envoy: Add GRPC stats handler to control plane service (#744) 
* Add GRPC stats handler to control plane service
 2020-05-20 22:26:34 -04:00
Caleb Doxsey
41855e5419 envoy: use envoy request id for logging across systems with http and gRPC (#691) 2020-05-18 17:10:10 -04:00
Caleb Doxsey
352c2b851b envoy: add separate proxy log level option (#689) 2020-05-18 17:10:10 -04:00
Travis Groth
99e788a9b4 envoy: Initial changes 2020-05-18 17:10:10 -04:00