3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-13 14:58:15 +02:00
Code Issues Projects Releases Packages Wiki Activity
2450 commits 167 branches 131 tags 110 MiB
Commit graph

709 commits

Author SHA1 Message Date
Renovate Bot
04696daff2 chore(deps): update module contrib.go.opencensus.io/exporter/jaeger to v0.2.1 2020-08-03 03:25:21 +00:00
Renovate Bot
ea99b71de7 chore(deps): update golang.org/x/crypto commit hash to 123391f 2020-08-03 02:02:07 +00:00
Caleb Doxsey
4115c67d93
pomerium-cli: kubernetes fixes (#1176) 
* pomerium-cli: fix kubernetes token caching

* pomerium-cli: fix error hanging

* add options for TLS
 2020-07-31 13:51:48 -06:00
Caleb Doxsey
b1d72c829b
pomerium-cli: fix kubernetes token caching (#1169) 
* pomerium-cli: fix kubernetes token caching

* switch to jose v2
 2020-07-31 09:50:06 -06:00
Cuong Manh Le
bc61206b78
pkg/storage/redis: add redis TLS support (#1163) 
Fixes #1156
 2020-07-31 19:37:23 +07:00
Caleb Doxsey
a5e8abd6af
handle example.com and example.com:443 (#1153) 
* handle example.com and example.com:443

* fix domain comparisons
 2020-07-28 15:30:41 -06:00
Cuong Manh Le
fd544b7072
authenticate: fix wrong condition checking in VerifySession (#1146) 
The code checks session client not nil, but using databroker client in
the body instead.
 2020-07-28 21:18:39 +07:00
Renovate Bot
d9711c8055 Update module google/go-cmp to v0.5.1 2020-07-27 05:28:15 +00:00
Renovate Bot
94c4db3eb2 Update google.golang.org/genproto commit hash to da3ae01 2020-07-27 04:56:06 +00:00
Caleb Doxsey
1ad243dfd1
directory.Group entry for groups (#1118) 
* store directory groups separate from directory users

* fix group lookup, azure display name

* remove fields restriction

* fix test

* also support email

* use Email as name for google'

* remove changed file

* show groups on dashboard

* fix test

* re-add accidentally removed code
 2020-07-22 11:28:53 -06:00
Cuong Manh Le
26f099b49d
redis storage backend (#1082) 
* pkg/storage: add redis storage backend

* pkg/storage/redis: set record create time correctly

* pkg/storage/redis: add docs

* pkg/storage/redis: run test with redis tag only

* pkg/storage/redis: use localhost

* pkg/storage/redis: use 127.0.0.1

* pkg/storage/redis: honor REDIS_URL env

* .github/workflows: add missing config for redis service

* .github/workflows: map redis ports to host

* pkg/storage/redis: use proto marshaler instead of json one

* pkg/storage/redis: use better implementation

By using redis supported datastructure:

 - Hash for storing record
 - Sorted set for storing by version
 - Set for storing deleted ids

List operation will be now performed in O(log(N)+M) instead of O(N) like
previous implementation.

* pkg/storage/redis: add tx to wrap redis transaction

* pkg/storage/redis: set record type in New

* pkg/storage/redis: make sure tx commands appear in right order

* pkg/storage/redis: make deletePermanentAfter as argument

* pkg/storage/redis: make sure version is incremented when deleting

* pkg/storage/redis: fix linter

* pkg/storage/redis: fix cmd construction
 2020-07-22 03:07:20 +07:00
Caleb Doxsey
858077b3b6
authorize: custom rego policies (#1123) 
* add support for custom rego policies

* add support for passing custom policies
 2020-07-21 12:09:26 -06:00
Renovate Bot
d2656ecd67 chore(deps): update google.golang.org/genproto commit hash to 11fb19a 2020-07-20 08:00:29 +00:00
Renovate Bot
0f17fb0d95 chore(deps): update module spf13/cobra to v1 2020-07-20 03:22:08 +00:00
Renovate Bot
2a99088cdf chore(deps): update module open-policy-agent/opa to v0.22.0 2020-07-20 02:27:34 +00:00
Renovate Bot
c2e487a996 chore(deps): update github.com/skratchdot/open-golang commit hash to eef8423 2020-07-20 01:06:57 +00:00
Caleb Doxsey
02b4e4b619
fix deep copy of config (#1089) 2020-07-17 10:42:24 +07:00
Caleb Doxsey
d3a7ee38be
options refactor (#1088) 
* refactor config loading

* wip

* move autocert to its own config source

* refactor options updaters

* fix stuttering

* fix autocert validate check
 2020-07-16 14:30:15 -06:00
Caleb Doxsey
5df10d1539
pomerium-cli k8s exec-credential (#1073) 
* wip

* wip

* remove dead code

* add logging about errors for caching credentials

* rename subcommand
 2020-07-16 11:40:43 -06:00
Caleb Doxsey
96424dac0f
implement google cloud serverless authentication (#1080) 
* add google cloud serverless support

* force ipv4 for google cloud serverless

* disable long line linting

* fix destination hostname

* add test

* add support for service accounts

* fix utc time in test
 2020-07-16 08:25:14 -06:00
Cuong Manh Le
2f84dd2aff
Add storage backend interface (#1072) 
* pkg: add storage package

Which contains storage.Backend interface to initial support for multiple
backend storage.

* pkg/storage: add inmemory storage

* internal/databroker: use storage.Backend interface

Instead of implementing multiple databroker server implementation for
each kind of storage backend, we use only one databroker server
implementation, which is supported multiple storage backends, which
satisfy storage.Backend interface.
 2020-07-15 09:42:01 +07:00
Caleb Doxsey
a70254ab76
kubernetes apiserver integration (#1063) 
* sessions: support bearer tokens in authorization

* wip

* remove dead code

* refactor signed jwt code

* use function

* update per comments

* fix test
 2020-07-14 08:33:24 -06:00
Renovate Bot
645f0a2ff8 chore(deps): update module google.golang.org/api to v0.29.0 2020-07-14 00:08:55 +00:00
Renovate Bot
7437a4967d chore(deps): update module envoyproxy/go-control-plane to v0.9.6 2020-07-13 11:17:51 +00:00
Renovate Bot
fda39942ad chore(deps): update golang.org/x/net commit hash to ab34263 2020-07-13 09:31:08 +00:00
Renovate Bot
2e763ac289 chore(deps): update google.golang.org/genproto commit hash to 8698661 2020-07-13 06:14:28 +00:00
Renovate Bot
c6bdd0be5e chore(deps): update golang.org/x/crypto commit hash to 948cd5f 2020-07-13 05:14:25 +00:00
renovate[bot]
51c8de70ba
chore(deps): update module open-policy-agent/opa to v0.21.1 (#1061) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2020-07-12 22:13:57 -07:00
Caleb Doxsey
73105c0b08
audit: add protobuf definitions (#1047) 2020-07-08 07:23:03 -06:00
Renovate Bot
f80a72d680 chore(deps): update google.golang.org/genproto commit hash to 8e8330b 2020-07-07 01:53:44 +00:00
Renovate Bot
e482fef247 chore(deps): update module google.golang.org/protobuf to v1.25.0 2020-07-02 16:07:51 +00:00
Caleb Doxsey
fae02791f5
cryptutil: move to pkg dir, add token generator (#1029) 
* cryptutil: move to pkg dir, add token generator

* add gitignored files

* add tests
 2020-06-30 15:55:33 -06:00
Renovate Bot
f8491b48ee chore(deps): update google.golang.org/genproto commit hash to ee7919e 2020-06-29 20:07:28 +00:00
Renovate Bot
a18f48b209 chore(deps): update module google.golang.org/grpc to v1.30.0 2020-06-29 17:34:09 +00:00
Cuong Manh Le
f938554968
internal/controlplane: enable envoy use remote address (#1023) 
Fixes #1013
 2020-06-29 23:06:34 +07:00
Renovate Bot
ad232bf10e chore(deps): update module prometheus/client_golang to v1.7.1 2020-06-29 06:43:00 +00:00
Renovate Bot
8e9f886818 chore(deps): update golang.org/x/sync commit hash to 6e8e738 2020-06-29 03:16:20 +00:00
Renovate Bot
0300be3ed1 chore(deps): update golang.org/x/net commit hash to 4c52546 2020-06-29 01:28:06 +00:00
Caleb Doxsey
0d277cf662
azure: use OID for user id in session (#985) 2020-06-23 12:02:17 -06:00
Cuong Manh Le
fb4dfaea44
authenticate: hide impersonation form from non-admin users (#979) 
Fixes #881
 2020-06-23 22:09:33 +07:00
Renovate Bot
fa40ff1f77 chore(deps): update module hashicorp/memberlist to v0.2.2 2020-06-23 05:41:34 +00:00
Renovate Bot
90bd2baf80 chore(deps): update google.golang.org/genproto commit hash to fbb79ea 2020-06-23 03:54:40 +00:00
Renovate Bot
1ea3253660 chore(deps): update module go.opencensus.io to v0.22.4 2020-06-23 00:47:22 +00:00
Renovate Bot
6ccf3246aa chore(deps): update module cenkalti/backoff/v4 to v4.0.2 2020-06-22 23:14:22 +00:00
renovate[bot]
0c7faf4991
chore(deps): update module google.golang.org/api to v0.28.0 (#949) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2020-06-22 16:59:09 -06:00
renovate[bot]
b6287fcf8a
chore(deps): update module google/go-cmp to v0.5.0 (#950) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2020-06-22 16:58:35 -06:00
renovate[bot]
8ea4560fe6
chore(deps): update module prometheus/client_golang to v1.7.0 (#953) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2020-06-22 16:58:16 -06:00
Caleb Doxsey
dbf020a532
github: implement github directory provider (#963) 
* github: implement github directory provider

* fix test
 2020-06-22 11:33:37 -06:00
Renovate Bot
6ef74806c7 chore(deps): update module open-policy-agent/opa to v0.21.0 2020-06-22 15:29:50 +00:00
bobby
452c9be06d
cache: remove unused metrics and options (#957) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-06-22 06:59:04 -07:00