TLS configure for OIDC connector #1632
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
from
e91e176
to
94a3e6c
Compare
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
from
94a3e6c
to
a0ea1b4
Compare
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
3 times, most recently
from
8b6ec60
to
732eb22
Compare
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
4 times, most recently
from
9e80f0b
to
5bc7733
Compare
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
from
5bc7733
to
bbbfd15
Compare
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
2 times, most recently
from
99c2dc8
to
7c621d3
Compare
|
@sagikazarmark just a quick raincheck here to see if this PR falls in the path. I am seeing some connectors providing TLS config (more or less). For example, Github: dex/connector/github/github.go Lines 99 to 108 in 6cdbb59 LDAP: Lines 255 to 269 in 6cdbb59 openshift: dex/connector/openshift/openshift.go Lines 81 to 84 in 6cdbb59 Thank you for your time! |
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
from
7c621d3
to
ced8d9d
Compare
muntac
force-pushed
the
pr/oidc-CA-configure-sync
branch
from
ced8d9d
to
14970ac
Compare
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
from
14970ac
to
bd81b08
Compare
|
Hi could I get some feedbacks on thie PR? Thx @sagikazarmark |
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
from
bd81b08
to
7724ee0
Compare
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
from
7724ee0
to
f98aae9
Compare
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
from
f98aae9
to
9460b5d
Compare
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
2 times, most recently
from
38a8196
to
cc399f7
Compare
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
2 times, most recently
from
0f9c3a5
to
a3df4f9
Compare
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
from
a3df4f9
to
b3f0835
Compare
sagikazarmark
requested changes
Oct 3, 2022
connector/oidc/oidc.go
Outdated
| @@ -166,6 +188,40 @@ func (c *Config) Open(id string, logger log.Logger) (conn connector.Connector, e | |||
| }, nil | |||
| } | |||
|
|
|||
| func newHTTPClient(rootCAs []string, insecureSkipVerify bool) (*http.Client, error) { | |||
There was a problem hiding this comment.
Would it make sense to create a common function in an internal package? Haven't checked how this is used in different packages, but unless there are significant differences, it might make sense to reuse.
There was a problem hiding this comment.
I have extract the func out to a package named httpclient. The test of it requires some test certs as you can see. The instruction for regenerate the test certs are in the readme. Test certs are set to expired in 10 years.
@sagikazarmark please let me know if you want to set up the test differently. Thank you!
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
from
b3f0835
to
ed39c34
Compare
Bumps golang from 1.19.1-alpine3.16 to 1.19.2-alpine3.16. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Backport Go update to v2.35.x
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
Backport dexidp#2700 to v2.35.x
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
from
ccdc4d0
to
e73567b
Compare
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
Backport dexidp#2705 to v2.35.x
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
2 times, most recently
from
2cb57bb
to
9b00836
Compare
Signed-off-by: Alex Suraci <suraci.alex@gmail.com> Co-authored-by: Rui Yang <ruiya@vmware.com>
Signed-off-by: Rui Yang <ruiya@vmware.com>
* extract common newHTTPClient func out to its own package * add test for testing root CAs in the constructor. * test certs are set to expired in 10 years Signed-off-by: Rui Yang <ruiya@vmware.com>
Signed-off-by: Rui Yang <ruiya@vmware.com>
xtremerui
force-pushed
the
pr/oidc-CA-configure-sync
branch
from
9b00836
to
67d9142
Compare
|
@xtremerui Thanks for your work, and sorry for this PR being delayed for so long. My apologies. I am ready to merge this. Could you please fix the conflicts? |
Signed-off-by: Rui Yang <ruiya@vmware.com>
|
@nabokihms thx its done. |
iamazzeez
added a commit
to chef/dex-1
that referenced
this pull request
Nov 22, 2022
* feat: Add acr_values support for OIDC Signed-off-by: Engin Diri <engin.diri@mail.schwarz> * build(deps): bump golang from 1.17.7-alpine3.14 to 1.17.8-alpine3.14 Bumps golang from 1.17.7-alpine3.14 to 1.17.8-alpine3.14. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * fix: Implicit Grant discovery Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> * build(deps): bump github.com/spf13/cobra from 1.3.0 to 1.4.0 Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.3.0 to 1.4.0. - [Release notes](https://github.com/spf13/cobra/releases) - [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md) - [Commits](https://github.com/spf13/cobra/compare/v1.3.0...v1.4.0) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.0 to 1.7.1. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.7.0...v1.7.1) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump alpine from 3.15.0 to 3.15.1 Bumps alpine from 3.15.0 to 3.15.1. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * chore: update alpine version Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * build(deps): bump alpine from 3.15.1 to 3.15.3 Bumps alpine from 3.15.1 to 3.15.3. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump google.golang.org/api from 0.70.0 to 0.74.0 Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.70.0 to 0.74.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.70.0...v0.74.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump alpine from 3.15.3 to 3.15.4 Bumps alpine from 3.15.3 to 3.15.4. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump google.golang.org/protobuf from 1.27.1 to 1.28.0 Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go) from 1.27.1 to 1.28.0. - [Release notes](https://github.com/protocolbuffers/protobuf-go/releases) - [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash) - [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.27.1...v1.28.0) --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * feat: update entgo library Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * feat: update generated storage files Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * feat: use the new atlas engine for migrations Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * fix: define milisecond precision for postgres Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * revert: atlas and precision change Looks like Atlas (the new migration library under Ent) cannot handle precision properly. An issue has been reported to Ent: https://github.com/ent/ent/issues/2454 Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * build(deps): bump aquasecurity/trivy-action from 0.2.2 to 0.2.3 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.2.2 to 0.2.3. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.2.2...0.2.3) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump actions/setup-go from 2 to 3 Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 3. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * feat: enable profiling endpoints Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> * Create setting to allow to trust the system root CAs Previously, when rootCA was set, the trusted system root CAs were ignored. Now, allow for both being able to be configured and used Signed-off-by: Daniel Haus <dhaus@redhat.com> * Remove external setting, enable injection of HTTP client to config. Signed-off-by: Daniel Haus <dhaus@redhat.com> * Bump Alpine to latest version Signed-off-by: Mattias Gees <mattias.gees@gmail.com> * ci: new docker image build Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * ci: wait for container images with container scan Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * ci: update trivy scan job Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * build: help dependabot detect base image versions Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * ci: build distroless images Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * ci: disable Docker job on push Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * fix: log only errors on refreshing Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> * ci: only enable the necessary platforms for emulation Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * build(deps): bump aquasecurity/trivy-action from 0.2.4 to 0.2.5 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.2.4 to 0.2.5. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.2.4...0.2.5) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Feature: groups in Gitea Signed-off-by: techknowlogick <techknowlogick@gitea.io> * revert: docker matrix build Apparently matrix builds don't work with the docker action. Only reference I found about the topic: https://github.com/docker/build-push-action/issues/130 Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * revert: move container scan back to the container build step Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * ci: add docker metadata action Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * Add numeric user ID support for oauth connector Signed-off-by: Shuanglei Tao <tsl0922@gmail.com> * ci: use docker metadata for build input Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * build(deps): bump github/codeql-action from 1 to 2 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v1...v2) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Fix unparam lint error in oauth_test Signed-off-by: Shuanglei Tao <tsl0922@gmail.com> * Remove google specific hd / hosted domain claim config Signed-off-by: Anthony Brandelli <abrandel@cisco.com> * chore: do not use caching for docker build Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> * Add support for IDPs that do not send ID tokens in the reply when using a refresh grant. Add tests for the aforementioned functionality. Signed-off-by: Anthony Brandelli <abrandel@cisco.com> * Fix issues to make the linter happy Signed-off-by: Anthony Brandelli <abrandel@cisco.com> * feat: add enhancement template Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> * Apply suggestions from code review Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> Co-authored-by: Márk Sági-Kazár <sagikazarmark@users.noreply.github.com> Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> * fix: Move enhancements to the docs folder Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> * build(deps): bump docker/build-push-action from 2 to 3 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2 to 3. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v2...v3) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump docker/metadata-action from 3 to 4 Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 3 to 4. - [Release notes](https://github.com/docker/metadata-action/releases) - [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md) - [Commits](https://github.com/docker/metadata-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump docker/setup-qemu-action from 1 to 2 Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 1 to 2. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](https://github.com/docker/setup-qemu-action/compare/v1...v2) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump docker/login-action from 1 to 2 Bumps [docker/login-action](https://github.com/docker/login-action) from 1 to 2. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v1...v2) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump docker/setup-buildx-action from 1 to 2 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 1 to 2. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v1...v2) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump lint timeout to reduce the number of failed executions Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> * fix: prevent cross-site scripting for the device flow Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> * Limit the amount of objects we attempt to GC on each cycle If something causes the number k8s resources to increase beyond a certain threshold, garbage collection can fail because the query to retrieve those resources will time out, resulting in a perpetual cycle of being unable to garbage collect resources. In lieu of trying to get *every* object each cycle, we can limit the number of resources retrieved per GC cycle to some reasonable number. Signed-off-by: Michael Kelly <mkelly@arista.com> * build(deps): bump aquasecurity/trivy-action from 0.2.5 to 0.3.0 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.2.5 to 0.3.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.2.5...0.3.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump alpine from 3.15.4 to 3.16.0 Bumps alpine from 3.15.4 to 3.16.0. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * chore: Go mod update 1.17 Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> * build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.2 to 3.5.4 Bumps [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd) from 3.5.2 to 3.5.4. - [Release notes](https://github.com/etcd-io/etcd/releases) - [Changelog](https://github.com/etcd-io/etcd/blob/main/Dockerfile-release.amd64) - [Commits](https://github.com/etcd-io/etcd/compare/v3.5.2...v3.5.4) --- updated-dependencies: - dependency-name: go.etcd.io/etcd/client/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump google.golang.org/grpc from 1.45.0 to 1.46.2 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.45.0 to 1.46.2. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.45.0...v1.46.2) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump github.com/coreos/go-oidc/v3 from 3.1.0 to 3.2.0 Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](https://github.com/coreos/go-oidc/compare/v3.1.0...v3.2.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump github.com/prometheus/client_golang Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.12.1 to 1.12.2. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/client_golang/compare/v1.12.1...v1.12.2) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump github.com/felixge/httpsnoop from 1.0.2 to 1.0.3 Bumps [github.com/felixge/httpsnoop](https://github.com/felixge/httpsnoop) from 1.0.2 to 1.0.3. - [Release notes](https://github.com/felixge/httpsnoop/releases) - [Commits](https://github.com/felixge/httpsnoop/compare/v1.0.2...v1.0.3) --- updated-dependencies: - dependency-name: github.com/felixge/httpsnoop dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump google.golang.org/api from 0.74.0 to 0.81.0 Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.74.0 to 0.81.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.74.0...v0.81.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump google.golang.org/grpc in /api/v2 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.44.0 to 1.46.2. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.44.0...v1.46.2) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * feat: upgrade Go to 1.18 Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * chore: upgrade linter Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * build(deps): bump google.golang.org/protobuf in /api/v2 Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go) from 1.27.1 to 1.28.0. - [Release notes](https://github.com/protocolbuffers/protobuf-go/releases) - [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash) - [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.27.1...v1.28.0) --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * chore: fix lint violations Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * build(deps): bump golang from 1.18.0-alpine3.15 to 1.18.2-alpine3.15 Bumps golang from 1.18.0-alpine3.15 to 1.18.2-alpine3.15. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * chore: release note configuration Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * Add the comment about groups request notification Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> * Fixes https://github.com/dexidp/dex/issues/2537 Signed-off-by: Shivansh Vij <shivanshvij@outlook.com> * Updating test cases Fixes https://github.com/dexidp/dex/issues/2537 Signed-off-by: Shivansh Vij <shivanshvij@outlook.com> * build(deps): bump golang from 1.18.2-alpine3.15 to 1.18.3-alpine3.15 Bumps golang from 1.18.2-alpine3.15 to 1.18.3-alpine3.15. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump google.golang.org/api from 0.81.0 to 0.82.0 Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.81.0 to 0.82.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.81.0...v0.82.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump google.golang.org/grpc from 1.46.2 to 1.47.0 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.46.2 to 1.47.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.46.2...v1.47.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2 Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.1 to 1.7.2. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.7.1...v1.7.2) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): update grpc Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * chore: update gitignore Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * s/getUrl/getURL golang prefers URL not Url Signed-off-by: Michael Kelly <mkelly@arista.com> * Tweaks based on review comments Signed-off-by: Michael Kelly <mkelly@arista.com> * Fix formatting Signed-off-by: Michael Kelly <mkelly@arista.com> * build(deps): bump helm/kind-action from 1.2.0 to 1.3.0 Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.2.0 to 1.3.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/v1.2.0...v1.3.0) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump aquasecurity/trivy-action from 0.3.0 to 0.4.0 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.3.0 to 0.4.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.3.0...0.4.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump mheap/github-action-required-labels from 1 to 2 Bumps [mheap/github-action-required-labels](https://github.com/mheap/github-action-required-labels) from 1 to 2. - [Release notes](https://github.com/mheap/github-action-required-labels/releases) - [Commits](https://github.com/mheap/github-action-required-labels/compare/v1...v2) --- updated-dependencies: - dependency-name: mheap/github-action-required-labels dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump google.golang.org/api from 0.82.0 to 0.86.0 Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.82.0 to 0.86.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.82.0...v0.86.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump aquasecurity/trivy-action from 0.4.0 to 0.5.1 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.4.0 to 0.5.1. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.4.0...0.5.1) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump github.com/stretchr/testify from 1.7.2 to 1.8.0 Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.2 to 1.8.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.7.2...v1.8.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0 Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.4.0 to 1.5.0. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](https://github.com/spf13/cobra/compare/v1.4.0...v1.5.0) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Add expiry.refreshToken settings to config.yaml.dist Signed-off-by: Chance Zibolski <chance.zibolski@gmail.com> * Use GitLab's refresh_token during Refresh. (#2352) Signed-off-by: Daniel Haus <dhaus@redhat.com> * build(deps): bump aquasecurity/trivy-action from 0.5.1 to 0.6.0 (#2602) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.5.1 to 0.6.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.5.1...0.6.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump alpine from 3.16.0 to 3.16.1 (#2598) Bumps alpine from 3.16.0 to 3.16.1. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump golang from 1.18.3-alpine3.15 to 1.18.4-alpine3.15 (#2592) Bumps golang from 1.18.3-alpine3.15 to 1.18.4-alpine3.15. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add domainHint parameter to Microsoft Connector (#2586) Signed-off-by: Joe Knight <josephtknight@users.noreply.github.com> * grpc-client: Do not crash on empty response (#2584) Signed-off-by: Björn Busse <bj.rn@baerlin.eu> * build(deps): bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0 (#2599) Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.8.1 to 1.9.0. - [Release notes](https://github.com/sirupsen/logrus/releases) - [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md) - [Commits](https://github.com/sirupsen/logrus/compare/v1.8.1...v1.9.0) --- updated-dependencies: - dependency-name: github.com/sirupsen/logrus dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add PKCE support to device code flow (#2575) Signed-off-by: Bob Callaway <bobcallaway@users.noreply.github.com> * add config to explicitly set scopes for microsoft connector (#2582) Signed-off-by: Bob Callaway <bcallaway@google.com> * build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.2 to 3.4.4 (#2606) Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.4.2 to 3.4.4. - [Release notes](https://github.com/go-ldap/ldap/releases) - [Commits](https://github.com/go-ldap/ldap/compare/v3.4.2...v3.4.4) --- updated-dependencies: - dependency-name: github.com/go-ldap/ldap/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump google.golang.org/api from 0.86.0 to 0.89.0 (#2605) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.86.0 to 0.89.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.86.0...v0.89.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump aquasecurity/trivy-action from 0.6.0 to 0.6.1 (#2604) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.6.0 to 0.6.1. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.6.0...0.6.1) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add HMAC protection on /approval endpoint Signed-off-by: Bob Callaway <bcallaway@google.com> * build(deps): bump alpine from 3.16.1 to 3.16.2 Bumps alpine from 3.16.1 to 3.16.2. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump github.com/prometheus/client_golang (#2623) Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.12.2 to 1.13.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/client_golang/compare/v1.12.2...v1.13.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * updated gomplate version and added ppc64le support Signed-off-by: mayurwaghmode <waghmodemayur17@gmail.com> * build(deps): bump aquasecurity/trivy-action from 0.6.1 to 0.7.0 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.6.1 to 0.7.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.6.1...0.7.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump google.golang.org/api from 0.89.0 to 0.93.0 Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.89.0 to 0.93.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.89.0...v0.93.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump github.com/mattn/go-sqlite3 from 1.14.11 to 1.14.15 Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.11 to 1.14.15. - [Release notes](https://github.com/mattn/go-sqlite3/releases) - [Commits](https://github.com/mattn/go-sqlite3/compare/v1.14.11...v1.14.15) --- updated-dependencies: - dependency-name: github.com/mattn/go-sqlite3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump aquasecurity/trivy-action from 0.7.0 to 0.7.1 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.7.0 to 0.7.1. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.7.0...0.7.1) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * fix: Fallback when group claim is a string instead of an array of strings (#2639) Signed-off-by: Joost Buskermolen <joost@buskervezel.nl> Co-authored-by: Michiel van Pouderoijen <michiel@pouderoijen.nl> * build(deps): bump google.golang.org/api from 0.93.0 to 0.94.0 (#2637) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.93.0 to 0.94.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.93.0...v0.94.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump google.golang.org/protobuf in /api/v2 Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go) from 1.28.0 to 1.28.1. - [Release notes](https://github.com/protocolbuffers/protobuf-go/releases) - [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash) - [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.28.0...v1.28.1) --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * chore: Bump ent to 0.11.2 (#2640) Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> * chore: Bump Go 1.19 (#2641) Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> * feat(connector/authproxy): support multiple groups (#2643) Signed-off-by: Marcelo Clavel <mclavel00@gmail.com> * build(deps): bump github.com/coreos/go-oidc/v3 from 3.2.0 to 3.3.0 (#2646) Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](https://github.com/coreos/go-oidc/compare/v3.2.0...v3.3.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump google.golang.org/grpc from 1.47.0 to 1.49.0 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.47.0 to 1.49.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.47.0...v1.49.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build: bump Go version to 1.19 in Nix Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * build(deps): bump golang from 1.19.0-alpine3.15 to 1.19.1-alpine3.15 Bumps golang from 1.19.0-alpine3.15 to 1.19.1-alpine3.15. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump google.golang.org/api from 0.94.0 to 0.95.0 Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.94.0 to 0.95.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.94.0...v0.95.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Implement Application Default Credentials for the google connector (#2530) Signed-off-by: Trung <trung.hoang@pricehubble.com> * chore: update alpine version in Go image Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * build(deps): bump github.com/coreos/go-oidc/v3 from 3.3.0 to 3.4.0 Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.3.0 to 3.4.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](https://github.com/coreos/go-oidc/compare/v3.3.0...v3.4.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump github.com/lib/pq from 1.10.5 to 1.10.7 (#2651) Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.5 to 1.10.7. - [Release notes](https://github.com/lib/pq/releases) - [Commits](https://github.com/lib/pq/compare/v1.10.5...v1.10.7) --- updated-dependencies: - dependency-name: github.com/lib/pq dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump google.golang.org/grpc in /api/v2 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.47.0 to 1.49.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.47.0...v1.49.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Reduce HTTP client creations in the Keystone connector (#2659) Signed-off-by: erwinvaneyk <erwinvaneyk@gmail.com> * build(deps): bump google.golang.org/api from 0.95.0 to 0.97.0 (#2677) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.95.0 to 0.97.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.95.0...v0.97.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.4 to 3.5.5 Bumps [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd) from 3.5.4 to 3.5.5. - [Release notes](https://github.com/etcd-io/etcd/releases) - [Changelog](https://github.com/etcd-io/etcd/blob/main/Dockerfile-release.amd64) - [Commits](https://github.com/etcd-io/etcd/compare/v3.5.4...v3.5.5) --- updated-dependencies: - dependency-name: go.etcd.io/etcd/client/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump helm/kind-action from 1.3.0 to 1.4.0 Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.3.0 to 1.4.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/v1.3.0...v1.4.0) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * address review comments Signed-off-by: Bob Callaway <bcallaway@google.com> * build(deps): bump google.golang.org/api from 0.97.0 to 0.98.0 Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.97.0 to 0.98.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.97.0...v0.98.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fix: check for no serviceAccountFilePath and no email (#2679) Signed-off-by: Bob Callaway <bcallaway@google.com> * fix: supply HMACKey in test case (#2683) Signed-off-by: Bob Callaway <bcallaway@google.com> * build(deps): bump entgo.io/ent from 0.11.2 to 0.11.3 Bumps [entgo.io/ent](https://github.com/ent/ent) from 0.11.2 to 0.11.3. - [Release notes](https://github.com/ent/ent/releases) - [Commits](https://github.com/ent/ent/compare/v0.11.2...v0.11.3) --- updated-dependencies: - dependency-name: entgo.io/ent dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): update golang.org/x packages Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * Add Argo CD to list of Dex adopters Signed-off-by: Jann Fischer <jfischer@redhat.com> * fix: refresh token only once for all concurrent requests Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> * Revert "fix: check for no serviceAccountFilePath and no email (#2679)" This reverts commit 49477729ce24448c2895ec8c98f2c61c646de884. Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * fix(connector/google): make admin email optional for default creds Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * build(deps): bump golang from 1.19.1-alpine3.16 to 1.19.2-alpine3.16 Bumps golang from 1.19.1-alpine3.16 to 1.19.2-alpine3.16. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * fix(connector/google): only initialize admin service if necessary Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> * fix: Update gomplate version to 3.11.3 fix CVE-2022-27665 (#2705) Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> * build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 (#2708) Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.5.0 to 1.6.0. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](https://github.com/spf13/cobra/compare/v1.5.0...v1.6.0) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 (#2715) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.0 to 1.8.1. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.8.0...v1.8.1) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump google.golang.org/api from 0.98.0 to 0.101.0 (#2720) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.98.0 to 0.101.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.98.0...v0.101.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump github.com/mattn/go-sqlite3 from 1.14.15 to 1.14.16 (#2721) Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.15 to 1.14.16. - [Release notes](https://github.com/mattn/go-sqlite3/releases) - [Commits](https://github.com/mattn/go-sqlite3/compare/v1.14.15...v1.14.16) --- updated-dependencies: - dependency-name: github.com/mattn/go-sqlite3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump aquasecurity/trivy-action from 0.7.1 to 0.8.0 (#2723) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.7.1 to 0.8.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.7.1...0.8.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump github.com/spf13/cobra from 1.6.0 to 1.6.1 (#2718) Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.6.0 to 1.6.1. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](https://github.com/spf13/cobra/compare/v1.6.0...v1.6.1) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump golang from 1.19.2-alpine3.16 to 1.19.3-alpine3.16 (#2724) Bumps golang from 1.19.2-alpine3.16 to 1.19.3-alpine3.16. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * TLS configure for OIDC connector (#1632) Signed-off-by: Rui Yang <ruiya@vmware.com> * Add icon for gitea (#2733) Signed-off-by: Pablo Ovelleiro Corral <mail@pablo.tools> Signed-off-by: Engin Diri <engin.diri@mail.schwarz> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> Signed-off-by: Daniel Haus <dhaus@redhat.com> Signed-off-by: Mattias Gees <mattias.gees@gmail.com> Signed-off-by: techknowlogick <techknowlogick@gitea.io> Signed-off-by: Shuanglei Tao <tsl0922@gmail.com> Signed-off-by: Anthony Brandelli <abrandel@cisco.com> Signed-off-by: Michael Kelly <mkelly@arista.com> Signed-off-by: Shivansh Vij <shivanshvij@outlook.com> Signed-off-by: Chance Zibolski <chance.zibolski@gmail.com> Signed-off-by: Joe Knight <josephtknight@users.noreply.github.com> Signed-off-by: Björn Busse <bj.rn@baerlin.eu> Signed-off-by: Bob Callaway <bobcallaway@users.noreply.github.com> Signed-off-by: Bob Callaway <bcallaway@google.com> Signed-off-by: mayurwaghmode <waghmodemayur17@gmail.com> Signed-off-by: Joost Buskermolen <joost@buskervezel.nl> Signed-off-by: Marcelo Clavel <mclavel00@gmail.com> Signed-off-by: Trung <trung.hoang@pricehubble.com> Signed-off-by: erwinvaneyk <erwinvaneyk@gmail.com> Signed-off-by: Jann Fischer <jfischer@redhat.com> Signed-off-by: Rui Yang <ruiya@vmware.com> Signed-off-by: Pablo Ovelleiro Corral <mail@pablo.tools> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Engin Diri <engin.diri@mail.schwarz> Co-authored-by: Maksim Nabokikh <maksim.nabokikh@flant.com> Co-authored-by: Márk Sági-Kazár <sagikazarmark@users.noreply.github.com> Co-authored-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com> Co-authored-by: Daniel Haus <dhaus@redhat.com> Co-authored-by: Mattias Gees <mattias.gees@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Shuanglei Tao <tsl0922@gmail.com> Co-authored-by: Anthony Brandelli <abrandel@cisco.com> Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com> Co-authored-by: Michael Kelly <mkelly@arista.com> Co-authored-by: Shivansh Vij <shivanshvij@loopholelabs.io> Co-authored-by: Bob Callaway <bcallaway@google.com> Co-authored-by: Chance Zibolski <chance.zibolski@gmail.com> Co-authored-by: Joe Knight <knightjp@mail.uc.edu> Co-authored-by: Björn Busse <bj.rn@baerlin.eu> Co-authored-by: Bob Callaway <bobcallaway@users.noreply.github.com> Co-authored-by: mayurwaghmode <waghmodemayur17@gmail.com> Co-authored-by: Joost Buskermolen <joostbuskermolen@hotmail.com> Co-authored-by: Michiel van Pouderoijen <michiel@pouderoijen.nl> Co-authored-by: Marcelo Clavel <mclavel00@gmail.com> Co-authored-by: Hoang Quoc Trung <quoctrunghoang1998@gmail.com> Co-authored-by: Erwin van Eyk <erwinvaneyk@gmail.com> Co-authored-by: Jann Fischer <jfischer@redhat.com> Co-authored-by: Rui Yang <ruiya@vmware.com> Co-authored-by: Pablo Ovelleiro Corral <github@pablo.tools>
xtremerui
pushed a commit
to concourse/dex
that referenced
this pull request
May 25, 2023
The official container image for this release can be pulled from ``` ghcr.io/dexidp/dex:v2.36.0 ``` <!-- Release notes generated using configuration in .github/release.yml at v2.36.0 --> ## What's Changed ### Enhancements 🚀 * TLS configure for OIDC connector by @xtremerui in dexidp#1632 * Add icon for gitea by @pinpox in dexidp#2733 * fix: Do not use connector data from the refresh token field by @nabokihms in dexidp#2729 * Add preferredEmailDomain config option for GitHub connector by @nobuyo in dexidp#2740 * Move unique functionality into getGroups to reduce calls to google by @snuggie12 in dexidp#2628 * fix: prevent server-side request forgery using Kubernetes storage by @nabokihms in dexidp#2479 * fix: return 401 if password is invalid by @nabokihms in dexidp#2796 * feat: Add default robots.txt by @nabokihms in dexidp#2834 * Skip redirection to approval when it is not required (dexidp#2686) by @nobuyo in dexidp#2805 * feat: Bump dependencies and Makefile refactoring by @nabokihms in dexidp#2844 ### Bug Fixes 🐛 * Make admin email optional when no service account path is configured by @sagikazarmark in dexidp#2695 * Only initialize google admin service if necessary by @sagikazarmark in dexidp#2700 ### Dependency Updates ⬆️ * build(deps): bump golang from 1.19.1-alpine3.16 to 1.19.2-alpine3.16 by @dependabot in dexidp#2697 * fix: Update gomplate version to 3.11.3 fix CVE-2022-27665 by @nabokihms in dexidp#2705 * build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 by @dependabot in dexidp#2708 * build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 by @dependabot in dexidp#2715 * build(deps): bump google.golang.org/api from 0.98.0 to 0.101.0 by @dependabot in dexidp#2720 * build(deps): bump github.com/mattn/go-sqlite3 from 1.14.15 to 1.14.16 by @dependabot in dexidp#2721 * build(deps): bump aquasecurity/trivy-action from 0.7.1 to 0.8.0 by @dependabot in dexidp#2723 * build(deps): bump github.com/spf13/cobra from 1.6.0 to 1.6.1 by @dependabot in dexidp#2718 * build(deps): bump golang from 1.19.2-alpine3.16 to 1.19.3-alpine3.16 by @dependabot in dexidp#2724 * build(deps): bump alpine from 3.16.2 to 3.17.0 by @dependabot in dexidp#2746 * build(deps): bump github.com/prometheus/client_golang from 1.13.0 to 1.14.0 by @dependabot in dexidp#2735 * build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.5 to 3.5.6 by @dependabot in dexidp#2744 * build(deps): bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3 by @dependabot in dexidp#2751 * build(deps): bump golang from 1.19.3-alpine3.16 to 1.19.4-alpine3.16 by @dependabot in dexidp#2750 * build(deps): bump golang.org/x/crypto from 0.3.0 to 0.4.0 by @dependabot in dexidp#2755 * build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.5 to 3.5.6 by @dependabot in dexidp#2743 * build(deps): bump github.com/go-sql-driver/mysql from 1.6.0 to 1.7.0 by @dependabot in dexidp#2754 * build(deps): bump helm/kind-action from 1.4.0 to 1.5.0 by @dependabot in dexidp#2758 * build(deps): bump google.golang.org/grpc from 1.50.1 to 1.51.0 by @dependabot in dexidp#2741 * build(deps): bump google.golang.org/api from 0.101.0 to 0.104.0 by @dependabot in dexidp#2753 * build(deps): bump google.golang.org/grpc from 1.49.0 to 1.51.0 in /api/v2 by @dependabot in dexidp#2742 * build(deps): bump golang.org/x/net from 0.3.0 to 0.4.0 by @dependabot in dexidp#2761 * build(deps): bump entgo.io/ent from 0.11.3 to 0.11.4 by @dependabot in dexidp#2725 * build(deps): bump google.golang.org/api from 0.104.0 to 0.105.0 by @dependabot in dexidp#2760 * build(deps): bump golang.org/x/net from 0.4.0 to 0.5.0 by @dependabot in dexidp#2774 * build(deps): bump google.golang.org/api from 0.105.0 to 0.106.0 by @dependabot in dexidp#2772 * build(deps): bump github.com/coreos/go-oidc/v3 from 3.4.0 to 3.5.0 by @dependabot in dexidp#2770 * build(deps): bump golang.org/x/crypto from 0.4.0 to 0.5.0 by @dependabot in dexidp#2773 * build(deps): bump golang.org/x/oauth2 from 0.3.0 to 0.4.0 by @dependabot in dexidp#2777 * build(deps): bump entgo.io/ent from 0.11.4 to 0.11.5 by @dependabot in dexidp#2779 * build(deps): bump alpine from 3.17.0 to 3.17.1 by @dependabot in dexidp#2780 * build(deps): bump mheap/github-action-required-labels from 2 to 3 by @dependabot in dexidp#2769 * build(deps): bump google.golang.org/api from 0.106.0 to 0.107.0 by @dependabot in dexidp#2788 * build(deps): bump golang from 1.19.4-alpine3.16 to 1.19.5-alpine3.16 by @dependabot in dexidp#2782 * build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 by @dependabot in dexidp#2783 * build(deps): bump google.golang.org/api from 0.107.0 to 0.108.0 by @dependabot in dexidp#2793 * build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 in /api/v2 by @dependabot in dexidp#2784 * chore: Upgrade golangci-lint to v1.50.1 from v1.46.0 by @dlipovetsky in dexidp#2790 * ci: Use go 1.19 by @dlipovetsky in dexidp#2791 * build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.6 to 3.5.7 by @dependabot in dexidp#2798 * build(deps): bump docker/build-push-action from 3 to 4 by @dependabot in dexidp#2807 * build(deps): bump golang from 1.19.5-alpine3.16 to 1.20.0-alpine3.16 by @dependabot in dexidp#2811 * build(deps): bump aquasecurity/trivy-action from 0.8.0 to 0.9.0 by @dependabot in dexidp#2810 * build(deps): bump alpine from 3.17.1 to 3.17.2 by @dependabot in dexidp#2821 * build(deps): bump aquasecurity/trivy-action from 0.9.0 to 0.9.1 by @dependabot in dexidp#2822 * build(deps): bump entgo.io/ent from 0.11.5 to 0.11.8 by @dependabot in dexidp#2823 * build(deps): bump golang.org/x/crypto from 0.5.0 to 0.6.0 by @dependabot in dexidp#2818 * build(deps): bump golang.org/x/net from 0.5.0 to 0.7.0 by @dependabot in dexidp#2828 * build(deps): bump golang.org/x/net from 0.4.0 to 0.7.0 in /api/v2 by @dependabot in dexidp#2832 * build(deps): bump golang.org/x/sys from 0.0.0-20220114195835-da31bd327af9 to 0.1.0 in /examples by @dependabot in dexidp#2837 * build(deps): bump golang.org/x/net from 0.0.0-20220114011407-0dd24b26b47d to 0.7.0 in /examples by @dependabot in dexidp#2846 * build(deps): bump golang from 1.20.0-alpine3.16 to 1.20.1-alpine3.16 by @dependabot in dexidp#2827 * build(deps): bump aquasecurity/trivy-action from 0.9.1 to 0.9.2 by @dependabot in dexidp#2850 * build(deps): bump golang from 1.20.1-alpine3.16 to 1.20.2-alpine3.16 by @dependabot in dexidp#2849 * feat: Bump gomplate 3.11.4 by @nabokihms in dexidp#2840 * build(deps): bump golang.org/x/crypto from 0.6.0 to 0.7.0 by @dependabot in dexidp#2856 * build(deps): bump golang.org/x/oauth2 from 0.4.0 to 0.6.0 by @dependabot in dexidp#2847 * build(deps): bump google.golang.org/api from 0.108.0 to 0.112.0 by @dependabot in dexidp#2853 * build(deps): bump google.golang.org/api from 0.112.0 to 0.114.0 by @dependabot in dexidp#2869 * build(deps): bump actions/setup-go from 3 to 4 by @dependabot in dexidp#2863 * build(deps): bump github.com/russellhaering/goxmldsig from 1.2.0 to 1.3.0 by @dependabot in dexidp#2862 * build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 by @dependabot in dexidp#2866 * build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.30.0 in /api/v2 by @dependabot in dexidp#2867 * build(deps): bump golang.org/x/crypto from 0.0.0-20220112180741-5e0467b6c7ce to 0.1.0 in /examples by @dependabot in dexidp#2845 * build(deps): bump google.golang.org/grpc from 1.52.0 to 1.53.0 in /api/v2 by @dependabot in dexidp#2816 * chore: upgrade tools by @sagikazarmark in dexidp#2870 ### Other Changes * Bump image in examples/k8s/dex.yaml to v2.32.0 by @stealthybox in dexidp#2569 ## New Contributors * @pinpox made their first contribution in dexidp#2733 * @nobuyo made their first contribution in dexidp#2740 * @dlipovetsky made their first contribution in dexidp#2790 * @seankhliao made their first contribution in dexidp#2812 * @stealthybox made their first contribution in dexidp#2569 **Full Changelog**: dexidp/dex@v2.35.3...v2.36.0
palexster
pushed a commit
to palexster/dex
that referenced
this pull request
Oct 4, 2023
Signed-off-by: Rui Yang <ruiya@vmware.com>
michaelliau
pushed a commit
to FlockFreight/dex
that referenced
this pull request
Oct 4, 2023
Signed-off-by: Rui Yang <ruiya@vmware.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds two configurable fiels
RootCAsandInsecureSkipVerifyto OIDC connector. When openning a connection to OIDC connect provider, it will use a httpclient based on these two fields.