Pomerium is an identity and context-aware access proxy.
Find a file
dependabot[bot] 340ee97bf3
chore(deps): bump github.com/shirou/gopsutil/v3 from 3.22.11 to 3.22.12 (#3849)
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil) from 3.22.11 to 3.22.12.
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](https://github.com/shirou/gopsutil/commits/v3.22.12)

---
updated-dependencies:
- dependency-name: github.com/shirou/gopsutil/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-03 09:40:27 -07:00
.github chore(deps): bump actions/stale from 6.0.1 to 7.0.0 (#3852) 2023-01-03 08:42:36 -07:00
.vscode use tlsClientConfig instead of custom dialer (#3830) 2022-12-27 09:55:36 -07:00
authenticate options: support multiple signing keys (#3828) 2022-12-22 09:31:09 -07:00
authorize authorize: log check() error (#3846) 2023-01-03 11:05:25 -05:00
cmd/pomerium chore(deps): bump github.com/golangci/golangci-lint from 1.48.0 to 1.50.0 (#3667) 2022-10-19 09:36:59 -06:00
config config: add support for extended TCP route URLs (#3845) 2022-12-27 12:50:33 -07:00
databroker test: use T.TempDir to create temporary test directory (#3725) 2022-11-08 09:16:32 -07:00
examples remove forward auth (#3628) 2022-11-23 15:59:28 -07:00
integration authenticate: implement hpke-based login flow (#3779) 2022-12-05 15:31:07 -07:00
internal config: add support for extended TCP route URLs (#3845) 2022-12-27 12:50:33 -07:00
ospkg move directory providers (#3633) 2022-11-03 11:33:56 -06:00
pkg envoyconfig: clean up filter chain construction (#3844) 2022-12-27 10:07:26 -07:00
proxy use tlsClientConfig instead of custom dialer (#3830) 2022-12-27 09:55:36 -07:00
scripts bump envoy to v1.24.0 (#3767) 2022-11-28 09:32:31 -07:00
ui chore(deps): bump json5 from 2.2.0 to 2.2.3 in /ui (#3853) 2023-01-03 08:43:08 -07:00
.codecov.yml
.dockerignore
.fossa.yml
.gitattributes
.gitignore allow pomerium to be embedded as a library (#3415) 2022-06-15 20:29:19 -04:00
.golangci.yml lint: remove deprecated linters (#3686) 2022-10-19 13:52:03 -06:00
.pre-commit-config.yaml
.tool-versions upgrade go to 1.19.2 (#3689) 2022-10-20 12:18:19 -06:00
3RD-PARTY
DEBUG.MD
Dockerfile chore(deps): bump debian from 880aa5f to 7ca0fec (#3841) 2022-12-27 09:51:29 -07:00
Dockerfile.debug chore(deps): bump golang from e464bb0 to 7c97bae (#3843) 2022-12-27 09:51:18 -07:00
go.mod chore(deps): bump github.com/shirou/gopsutil/v3 from 3.22.11 to 3.22.12 (#3849) 2023-01-03 09:40:27 -07:00
go.sum chore(deps): bump github.com/shirou/gopsutil/v3 from 3.22.11 to 3.22.12 (#3849) 2023-01-03 09:40:27 -07:00
LICENSE
Makefile databroker: support rotating shared secret (#3502) 2022-07-26 10:59:54 -06:00
pomerium.go
README.md Update README.md (#3569) 2022-08-23 08:45:58 -07:00
RELEASING.md deployment: update RELEASING.md (#3503) 2022-08-16 10:40:03 -07:00
SECURITY.md
tools.go

pomerium logo

pomerium chat GitHub Actions Go Report Card GoDoc LICENSE Docker Pulls

Pomerium is an identity and context-aware reverse proxy that brokers secure access to apps and services at scale. Pomerium provides a standardized interface to add access control to applications regardless of whether the application itself has authorization or authentication baked-in.

Pomerium can be used in situations where you'd typically reach for a VPN, but, unlike a VPN, does not require a client and uses identity and context, not network locality to determine access.

Pomerium can be used to:

  • provide a single-sign-on gateway to internal applications.
  • enforce dynamic access policy based on context, identity, and device identity.
  • aggregate access logs and telemetry data.
  • a VPN alternative.

Docs

For comprehensive docs, and tutorials see our documentation.

Integration Tests

To run the integration tests locally, first build a local development image:

./scripts/build-dev-docker.bash

Next go to the integration/clusters folder and pick a cluster, for example google-single, then use docker-compose to start the cluster. We use an environment variable to specify the dev docker image we built earlier:

cd integration/clusters/google-single
env POMERIUM_TAG=dev docker-compose up -V

Once that's up and running you can run the integration tests from another terminal:

go test -count=1 -v ./integration/...

If you need to make a change to the clusters themselves, there's a tpl folder that contains jsonnet files. Make a change and then rebuild the clusters by running:

go run ./integration/cmd/pomerium-integration-tests/ generate-configuration