Pomerium v0.10.0-rc1 Release Notes
Release Date: 2020-06-30 // almost 4 years ago-
Note : This is a release candidate and should not be used for production deployments. Please see up to date documentation at https://master.docs.pomerium.io/
๐ Changes
- ๐ ci: support rc releases @travisgroth GH-1011
- โ cache: add test for runMemberList @cuonglm GH-1007
- ๐ Allow specify go executable in Makefile @cuonglm GH-1008
- integration: add dummy value for idp_service_account @cuonglm GH-1009
- grpc: rename internal/grpc to pkg/grpc @calebdoxsey GH-1010
- envoy: disable idle timeouts to controlplane @travisgroth GH-1000
- cache: fix missing parameter @travisgroth GH-1005
- config: add check to assert service account is required for policies with allowed_groups @desimone GH-997
- cache: attempt to join memberlist cluster for sanity check @travisgroth GH-1004
- memberlist: use bufio reader instead of scanner @calebdoxsey GH-1002
- authorize/evaluator/opa: use route policy object instead of array index @cuonglm GH-1001
- ๐ authorize: avoid serializing databroker data map to improve performance @calebdoxsey GH-995
- internal/sessions: handle claims "ver" field generally @cuonglm GH-990
- telemetry: add tracing spans to cache and databroker @travisgroth GH-987
- authenticate: hide impersonation form from non-admin users @cuonglm GH-979
- cache: add client telemetry @travisgroth GH-975
- โ Sleep longer before running integration tests @cuonglm GH-968
- ๐ authenticate: move impersonate from proxy to authenticate @calebdoxsey GH-965
- authenticate: revoke current session oauth token before sign out @cuonglm GH-964
- ๐ authenticate: remove useless/duplicated code block @cuonglm GH-962
๐ New
- ๐ identity: support custom code flow request params @desimone GH-998
- github: implement github directory provider @calebdoxsey GH-963
- google: store directory information by user id @calebdoxsey GH-988
- azure: use OID for user id in session @calebdoxsey GH-985
- internal/directory/onelogin: store directory information by user id @cuonglm GH-992
- internal/directory/okta: store directory information by user id @cuonglm GH-991
- ๐ authenticate: support hot reloaded config @cuonglm GH-984
๐ Fixed
- controlplane: add robots route @desimone GH-966
- authorize/evaluator/opa: set client tls cert usage explicitly @travisgroth GH-1026
- internal/controlplane: enable envoy use remote address @cuonglm GH-1023
๐ Documentation
- ๐ Docs: Update Istio VirtualService example @jeffhubLR GH-1006
- ๐ docs: update upgrading document for breaking changes @calebdoxsey GH-974
- ๐ docs: update service account instructions for OneLogin @calebdoxsey GH-973
- ๐ docs: service account instructions for gitlab @calebdoxsey GH-970
- ๐ directory: add service account struct and parsing method @calebdoxsey GH-971
- ๐ docs: update okta service account docs to match new format @calebdoxsey GH-972
- ๐ docs: service account instructions for azure @calebdoxsey GH-969
- ๐ docs: update GitHub documentation for service account @calebdoxsey GH-967
- ๐ docs: Add warnings cones around requiring IdP Service Accounts @travisgroth GH-999
- ๐ docs/docs/identity-providers: document gitlab default scopes changed @cuonglm GH-980
Dependency
- โก๏ธ chore(deps): update google.golang.org/genproto commit hash to ee7919e @renovate GH-1019
- โก๏ธ chore(deps): update module google.golang.org/grpc to v1.30.0 @renovate GH-1020
- โก๏ธ chore(deps): update module prometheus/client_golang to v1.7.1 @renovate GH-1022
- โก๏ธ chore(deps): update golang.org/x/sync commit hash to 6e8e738 @renovate GH-1018
- โก๏ธ chore(deps): update golang.org/x/net commit hash to 4c52546 @renovate GH-1017
- depedency: bump opa v0.21.0 @desimone GH-993
- โก๏ธ chore(deps): update module hashicorp/memberlist to v0.2.2 @renovate GH-951
- โก๏ธ chore(deps): update google.golang.org/genproto commit hash to fbb79ea @renovate GH-945
- โก๏ธ chore(deps): update module go.opencensus.io to v0.22.4 @renovate GH-948
- โก๏ธ chore(deps): update module cenkalti/backoff/v4 to v4.0.2 @renovate GH-946
- โก๏ธ chore(deps): update module google.golang.org/api to v0.28.0 @renovate GH-949
- โก๏ธ chore(deps): update module google/go-cmp to v0.5.0 @renovate GH-950
- โก๏ธ chore(deps): update module prometheus/client_golang to v1.7.0 @renovate GH-953
- โก๏ธ chore(deps): update module open-policy-agent/opa to v0.21.0 @renovate GH-952
- docs: document preserve_host_header with policy routes to static ip @cuonglm GH-1024