Pomerium v0.9.0 Release Notes
Release Date: 2020-05-31 // almost 4 years ago-
v0.9.0
๐ New
- proxy: envoy is now used to handle proxying
- authenticate: add jwks and .well-known endpoint @desimone [GH-745]
- ๐ authorize: add client mTLS support @calebdoxsey [GH-751]
๐ Fixed
- cache: fix closing too early @calebdoxsey [GH-791]
- 0๏ธโฃ authenticate: fix insecure gRPC connection string default port @calebdoxsey [GH-795]
- authenticate: fix user-info call for AWS cognito @calebdoxsey [GH-792]
- authenticate: clear session if ctx fails @desimone [GH-806]
- telemetry: fix autocache labels @travisgroth [GH-805]
- telemetry: fix missing/incorrect grpc labels @travisgroth [GH-804]
- ๐ฒ authorize: fix authorization panic caused by logging a nil reference @desimone [[GH-704]]
๐ Changes
- ๐ authenticate: remove authorize url validate check @calebdoxsey [GH-790]
- ๐ฒ authorize: reduce log noise for empty jwt @calebdoxsey [GH-793]
- ๐จ authorize: refactor and add additional unit tests @calebdoxsey [GH-757]
- envoy: add GRPC stats handler to control plane service @travisgroth [GH-744]
- envoy: enable zipkin tracing @travisgroth [GH-737]
- ๐ฒ envoy: improvements to logging @calebdoxsey [GH-742]
- ๐ envoy: remove 'accept-encoding' header from proxied metric requests @travisgroth [GH-750]
- ๐ envoy: support ports in hosts for routing @calebdoxsey [GH-748]
- ๐ forward-auth: support x-forwarded-uri @calebdoxsey [GH-780]
- proxy/forward-auth: block expired request prior to 302 @desimone [GH-773]
- sessions/state: add nickname claim @BenoitKnecht [GH-755]
- state: infer user (
user) from subject (sub) @desimone [GH-772] - ๐จ telemetry: refactor GRPC Server Handler @travisgroth [GH-756]
- โก๏ธ telemetry: service label updates @travisgroth [GH-802]
- xds: add catch-all for pomerium routes @calebdoxsey [GH-789]
- โก๏ธ xds: disable cluster validation to handle out-of-order updates @calebdoxsey [GH-783]
๐ Documentation
- ๐ docs: add mTLS recipe @calebdoxsey [GH-807]
- ๐ docs: add argo recipe @calebdoxsey [GH-803]
- ๐ docs: update dockerfiles for v0.9.0 @calebdoxsey [GH-801]
- ๐ docs: typo on configuration doc @kintoandar [GH-800]
- ๐ docs: docs regarding claim headers @strideynet [GH-782]
- ๐ docs: update traefik example and add note about forwarded headers @calebdoxsey [GH-784]
- ๐ docs: add note about unsupported platforms @calebdoxsey [GH-799]
- ๐ docs: expose config parameters in sidebar @travisgroth [GH-797]
- ๐ docs: update examples @travisgroth [GH-796]