backport-actions-token[bot]
ee1fefb218
hpke: move published public keys to a new endpoint ( #4048 )
...
hpke: move published public keys to a new endpoint (#4044 )
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
2023-03-08 09:18:37 -07:00
backport-actions-token[bot]
7afa9d4a95
authorize: allow access to /.pomerium/webauthn when policy denies access ( #4016 )
...
authorize: allow access to /.pomerium/webauthn when policy denies access (#4015 )
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
2023-02-27 16:50:51 +00:00
backport-actions-token[bot]
1af749e22b
authenticate: fix identity provider id in encrypted query string ( #4011 )
...
authenticate: fix identity provider id in encrypted query string (#4006 )
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
Co-authored-by: Denis Mishin <dmishin@pomerium.com>
2023-02-23 15:32:27 +00:00
backport-actions-token[bot]
baf36965bd
authenticate: fix callback handler for split mode ( #4010 )
...
authenticate: fix callback handler for split mode (#4008 )
fix auth handler for split mode
Co-authored-by: Denis Mishin <dmishin@pomerium.com>
2023-02-23 08:31:22 -07:00
backport-actions-token[bot]
7f6797ba74
authenticate: don't require a session for sign_out ( #4009 )
...
authenticate: don't require a session for sign_out (#4007 )
authenticate: dont require a session for sign_out
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
2023-02-23 04:43:46 +00:00
backport-actions-token[bot]
7813623ba3
authenticate: fix authenticate_internal_service_url for all in one ( #4005 )
...
authenticate: fix authenticate_internal_service_url for all in one (#4003 )
Co-authored-by: Denis Mishin <dmishin@pomerium.com>
2023-02-22 11:03:36 -05:00
backport-actions-token[bot]
57d1186d20
derivecert: fix ecdsa code to be deterministic ( #3991 )
...
derivecert: fix ecdsa code to be deterministic (#3989 )
* derivecert: fix ecdsa code to be deterministic
* lint
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
2023-02-17 17:08:26 -07:00
backport-actions-token[bot]
282418cb50
fix webauthn url ( #3988 )
...
fix webauthn url (#3983 )
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
2023-02-17 07:16:48 -07:00
backport-actions-token[bot]
df8afa29f6
webauthn: only return known device credentials that match the given type ( #3987 )
...
webauthn: only return known device credentials that match the given type (#3981 )
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
2023-02-16 14:59:01 -07:00
Caleb Doxsey
26d76501fb
backport-3980-to-0-21-0 ( #3986 )
2023-02-16 18:24:47 +00:00
backport-actions-token[bot]
9f541438ef
authenticate: save the session cookie with a different name ( #3984 )
...
authenticate: save the session cookie with a different name (#3978 )
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
2023-02-16 15:53:54 +00:00
backport-actions-token[bot]
3eaa60948c
docker: switch to debian ( #3939 )
...
docker: switch to debian (#3938 )
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
2023-02-03 13:16:02 -07:00
backport-actions-token[bot]
6fdd2da935
identity: fix nil reference error when there is no authenticator ( #3933 )
...
identity: fix nil reference error when there is no authenticator (#3930 )
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
2023-02-02 08:43:34 -07:00
backport-actions-token[bot]
3ba74b38ae
authenticate: always trust the passed in idp ( #3931 )
...
authenticate: always trust the passed in idp (#3917 )
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
2023-01-30 19:06:35 -07:00
backport-actions-token[bot]
cc475a3985
bump goreleaser to v4.1.1 ( #3919 )
...
bump goreleaser to v4.1.1 (#3918 )
Co-authored-by: Denis Mishin <dmishin@pomerium.com>
2023-01-30 12:36:43 -05:00
backport-actions-token[bot]
e8004bbb81
add google cloud creds to ignore ( #3907 )
2023-01-18 08:03:51 -05:00
Denis Mishin
ab430624f2
tls_derive: rename for consistency ( #3905 )
...
rename for consistency with other tls options
2023-01-17 17:04:26 -05:00
dependabot[bot]
1ca03bbc19
chore(deps): bump actions/setup-python from 4.4.0 to 4.5.0 ( #3896 )
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](5ccb29d877...d27e3f3d7c
2023-01-17 10:13:29 -07:00
dependabot[bot]
d84ce5ca41
chore(deps): bump mikefarah/yq from 4.30.6 to 4.30.8 ( #3895 )
...
Bumps [mikefarah/yq](https://github.com/mikefarah/yq ) from 4.30.6 to 4.30.8.
- [Release notes](https://github.com/mikefarah/yq/releases )
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt )
- [Commits](87cba2ecbe...dd6cf3df14
2023-01-17 10:13:10 -07:00
dependabot[bot]
2ed5e13d32
chore(deps): bump github.com/minio/minio-go/v7 from 7.0.46 to 7.0.47 ( #3899 )
...
Bumps [github.com/minio/minio-go/v7](https://github.com/minio/minio-go ) from 7.0.46 to 7.0.47.
- [Release notes](https://github.com/minio/minio-go/releases )
- [Commits](https://github.com/minio/minio-go/compare/v7.0.46...v7.0.47 )
---
updated-dependencies:
- dependency-name: github.com/minio/minio-go/v7
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-17 10:12:52 -07:00
dependabot[bot]
9f657059a2
chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.7 to 1.18.8 ( #3900 )
...
chore(deps): bump github.com/aws/aws-sdk-go-v2/config
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2 ) from 1.18.7 to 1.18.8.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.18.7...config/v1.18.8 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Denis Mishin <dmishin@pomerium.com>
2023-01-17 10:12:07 -07:00
dependabot[bot]
65404ac92b
chore(deps): bump distroless/base from 8ee3d86 to 9eeffdc ( #3903 )
...
Bumps distroless/base from `8ee3d86` to `9eeffdc`.
---
updated-dependencies:
- dependency-name: distroless/base
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-17 10:11:48 -07:00
dependabot[bot]
52549836f0
chore(deps): bump alpine from 8914eb5 to f271e74 ( #3901 )
...
Bumps alpine from `8914eb5` to `f271e74`.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Denis Mishin <dmishin@pomerium.com>
2023-01-17 10:10:48 -07:00
dependabot[bot]
0e7f2a3aa6
chore(deps): bump github.com/open-policy-agent/opa from 0.47.4 to 0.48.0 ( #3898 )
...
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa ) from 0.47.4 to 0.48.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases )
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.47.4...v0.48.0 )
---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Denis Mishin <dmishin@pomerium.com>
2023-01-17 10:10:20 -07:00
dependabot[bot]
e5bbb0c324
chore(deps): bump google.golang.org/api from 0.105.0 to 0.107.0 ( #3897 )
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.105.0 to 0.107.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.105.0...v0.107.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-16 21:47:58 -05:00
dependabot[bot]
abbedad748
chore(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 ( #3893 )
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.51.0 to 1.52.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.51.0...v1.52.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Denis Mishin <dmishin@pomerium.com>
2023-01-16 20:59:11 -05:00
dependabot[bot]
206b73f4ca
chore(deps): bump golang from 1.19.4-buster to 1.19.5-buster ( #3902 )
...
Bumps golang from 1.19.4-buster to 1.19.5-buster.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Denis Mishin <dmishin@pomerium.com>
2023-01-16 19:16:34 -05:00
dependabot[bot]
dcfe50ad31
chore(deps): bump docker/build-push-action from 3.2.0 to 3.3.0 ( #3894 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](c56af95754...37abcedcc1
2023-01-16 19:15:56 -05:00
dependabot[bot]
8b66cc893e
chore(deps): bump debian from 7ca0fec to 12931ad ( #3904 )
...
Bumps debian from `7ca0fec` to `12931ad`.
---
updated-dependencies:
- dependency-name: debian
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-16 19:08:15 -05:00
Caleb Doxsey
759a7782b0
scripts: update get-envoy script to download all binaries ( #3886 )
...
* scripts: update get-envoy script to download all binaries
* run download in parallel
* show errors
2023-01-12 16:23:18 -07:00
Caleb Doxsey
1e6a483ce9
config: add missing options ( #3882 )
...
* config: add missing options
* remove _file options from protobuf
* fix
* lint
2023-01-12 10:55:12 -07:00
Caleb Doxsey
da46b4a47d
config: use insecure skip verify if derived certificates are not used ( #3861 )
2023-01-11 13:50:51 -07:00
Denis Mishin
04a82813f3
explicitly list gRPC services accessible via the gRPC listener ( #3879 )
2023-01-11 12:38:34 -05:00
Caleb Doxsey
bfcd15435f
authenticate: add additional error details for hmac errors ( #3878 )
2023-01-11 07:53:11 -07:00
Caleb Doxsey
92b50683ff
postgres: return unknown records instead of skipping them ( #3876 )
2023-01-09 15:10:52 -07:00
dependabot[bot]
9677e18bbd
chore(deps): bump luxon from 2.3.0 to 2.5.2 in /ui ( #3862 )
...
Bumps [luxon](https://github.com/moment/luxon ) from 2.3.0 to 2.5.2.
- [Release notes](https://github.com/moment/luxon/releases )
- [Changelog](https://github.com/moment/luxon/blob/master/CHANGELOG.md )
- [Commits](https://github.com/moment/luxon/compare/2.3.0...2.5.2 )
---
updated-dependencies:
- dependency-name: luxon
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:54:44 -07:00
dependabot[bot]
47c6596d80
chore(deps): bump github.com/minio/minio-go/v7 from 7.0.45 to 7.0.46 ( #3864 )
...
Bumps [github.com/minio/minio-go/v7](https://github.com/minio/minio-go ) from 7.0.45 to 7.0.46.
- [Release notes](https://github.com/minio/minio-go/releases )
- [Commits](https://github.com/minio/minio-go/compare/v7.0.45...v7.0.46 )
---
updated-dependencies:
- dependency-name: github.com/minio/minio-go/v7
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:54:11 -07:00
dependabot[bot]
ba747f2da6
chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.29.6 to 1.30.0 ( #3866 )
...
chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3
Bumps [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2 ) from 1.29.6 to 1.30.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.29.6...service/s3/v1.30.0 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:53:45 -07:00
dependabot[bot]
5555203561
chore(deps): bump actions/setup-node from 3.5.1 to 3.6.0 ( #3869 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3.5.1 to 3.6.0.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](8c91899e58...64ed1c7eab
2023-01-09 09:53:15 -07:00
dependabot[bot]
259149a1d9
chore(deps): bump distroless/base from 8848703 to 8ee3d86 ( #3874 )
...
Bumps distroless/base from `8848703` to `8ee3d86`.
---
updated-dependencies:
- dependency-name: distroless/base
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:52:55 -07:00
dependabot[bot]
ea5107b987
chore(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2 ( #3871 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](83fd05a356...0b7f8abb15
2023-01-09 09:52:38 -07:00
dependabot[bot]
46a8158de0
chore(deps): bump actions/checkout from 3.2.0 to 3.3.0 ( #3867 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](755da8c3cf...ac59398561
2023-01-09 09:52:17 -07:00
dependabot[bot]
768b30ce62
chore(deps): bump actions/cache from 3.2.2 to 3.2.3 ( #3870 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](4723a57e26...58c146cc91
2023-01-09 09:47:55 -07:00
dependabot[bot]
5cdad252af
chore(deps): bump golang.org/x/oauth2 from 0.3.0 to 0.4.0 ( #3865 )
...
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2 ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/golang/oauth2/releases )
- [Commits](https://github.com/golang/oauth2/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:45:57 -07:00
dependabot[bot]
002044fa06
chore(deps): bump golang.org/x/net from 0.4.0 to 0.5.0 ( #3863 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/net/releases )
- [Commits](https://github.com/golang/net/compare/v0.4.0...v0.5.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:10:51 -07:00
dependabot[bot]
32a18811af
chore(deps): bump golang.org/x/crypto from 0.4.0 to 0.5.0 ( #3873 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.4.0...v0.5.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:09:50 -07:00
dependabot[bot]
99bd006a26
chore(deps): bump actions/download-artifact from 3.0.1 to 3.0.2 ( #3872 )
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](9782bd6a98...9bc31d5ccc
2023-01-09 09:03:50 -07:00
dependabot[bot]
52b78a44fc
chore(deps): bump github.com/coreos/go-oidc/v3 from 3.4.0 to 3.5.0 ( #3868 )
...
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/coreos/go-oidc/releases )
- [Commits](https://github.com/coreos/go-oidc/compare/v3.4.0...v3.5.0 )
---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:03:29 -07:00
Caleb Doxsey
3f1a87727f
config: generate derived certificates instead of self-signed certificates ( #3860 )
2023-01-06 12:50:40 -07:00
Denis Mishin
488bcd6f72
auto tls ( #3856 )
2023-01-05 16:35:58 -05:00
