Commit graph

2088 commits

Author SHA1 Message Date
m.nabokikh
3d5a3befb4 fix: prevent cross-site scripting for the device flow
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2022-05-20 18:26:49 +04:00
dependabot[bot]
0270536a2e
Merge pull request #2508 from dexidp/dependabot/github_actions/docker/setup-qemu-action-2 2022-05-20 13:55:27 +00:00
dependabot[bot]
d26d4e15bc
Merge pull request #2507 from dexidp/dependabot/github_actions/docker/login-action-2 2022-05-20 13:51:31 +00:00
dependabot[bot]
96e0229205
Merge pull request #2509 from dexidp/dependabot/github_actions/docker/metadata-action-4 2022-05-20 13:50:43 +00:00
dependabot[bot]
866f3e0c76
Merge pull request #2510 from dexidp/dependabot/github_actions/docker/build-push-action-3 2022-05-20 13:50:09 +00:00
dependabot[bot]
47411e9a75
build(deps): bump docker/login-action from 1 to 2
Bumps [docker/login-action](https://github.com/docker/login-action) from 1 to 2.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-20 13:15:47 +00:00
dependabot[bot]
f26181558c
build(deps): bump docker/setup-qemu-action from 1 to 2
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 1 to 2.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-20 13:15:37 +00:00
dependabot[bot]
574650abe3
build(deps): bump docker/metadata-action from 3 to 4
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 3 to 4.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](https://github.com/docker/metadata-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-20 13:14:49 +00:00
Maksim Nabokikh
3a83b6ce39
Merge pull request #2486 from flant/enhancement-template
feat: add enhancement template
2022-05-20 17:11:13 +04:00
dependabot[bot]
a232af7f28
build(deps): bump docker/build-push-action from 2 to 3
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2 to 3.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-20 12:58:44 +00:00
Maksim Nabokikh
c74ad3bb66
Merge pull request #2522 from Blorpy/oidc_refresh_token
OIDC connector: Support cases where there is no id_token when using a refresh_token grant
2022-05-20 16:46:41 +04:00
m.nabokikh
a98ab893c2 fix: Move enhancements to the docs folder
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2022-05-20 16:20:09 +04:00
Maksim Nabokikh
2571ae9096 Apply suggestions from code review
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>

Co-authored-by: Márk Sági-Kazár <sagikazarmark@users.noreply.github.com>
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2022-05-20 16:20:09 +04:00
m.nabokikh
38fe0f5319 feat: add enhancement template
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2022-05-20 16:20:09 +04:00
Márk Sági-Kazár
92161abfdc
Merge pull request #2516 from flant/no-cache-build
chore: do not use caching for docker build
2022-05-20 13:03:15 +02:00
Anthony Brandelli
5fe1647fc7 Fix issues to make the linter happy
Signed-off-by: Anthony Brandelli <abrandel@cisco.com>
2022-05-19 22:35:05 -06:00
Anthony Brandelli
7c335e9337 Add support for IDPs that do not send ID tokens in the reply when using a refresh grant. Add tests for the aforementioned functionality.
Signed-off-by: Anthony Brandelli <abrandel@cisco.com>
2022-05-19 22:13:10 -06:00
m.nabokikh
35f58dca73 chore: do not use caching for docker build
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2022-05-14 17:50:29 +04:00
Maksim Nabokikh
9cd29bdee0
Merge pull request #2511 from Blorpy/remove_hd_oidc
Remove google specific hd / hosted domain claim config from oidc connector
2022-05-13 07:48:14 +04:00
Maksim Nabokikh
997ec94a4a
Merge pull request #2483 from tsl0922/master
Add numeric user ID support for oauth connector
2022-05-11 14:58:58 +04:00
Anthony Brandelli
f07a58a7f1 Remove google specific hd / hosted domain claim config
Signed-off-by: Anthony Brandelli <abrandel@cisco.com>
2022-05-06 13:54:19 -06:00
Shuanglei Tao
691f8be785 Fix unparam lint error in oauth_test
Signed-off-by: Shuanglei Tao <tsl0922@gmail.com>
2022-05-05 16:03:53 +08:00
Maksim Nabokikh
453504c450
Merge pull request #2430 from dhaus67/openshift-connector-system-root-cas
Create setting to allow to trust the system root CAs
2022-05-05 11:37:25 +04:00
dependabot[bot]
fd15dd2248
Merge pull request #2494 from dexidp/dependabot/github_actions/github/codeql-action-2 2022-04-26 09:38:54 +00:00
dependabot[bot]
ebe1c8b14a
build(deps): bump github/codeql-action from 1 to 2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-26 04:09:06 +00:00
Márk Sági-Kazár
5c70f1227f
Merge pull request #2489 from dexidp/use-docker-meta
ci: use docker metadata for build input
2022-04-22 23:31:36 +02:00
Mark Sagi-Kazar
0b5a9581cd
ci: use docker metadata for build input
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2022-04-22 22:16:56 +02:00
Shuanglei Tao
7b75e1e0cc Add numeric user ID support for oauth connector
Signed-off-by: Shuanglei Tao <tsl0922@gmail.com>
2022-04-22 23:18:26 +08:00
Márk Sági-Kazár
6f07a27fad
Merge pull request #2488 from dexidp/docker-meta
Add docker metadata action
2022-04-22 15:32:52 +02:00
Mark Sagi-Kazar
42f8f91ebf
ci: add docker metadata action
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2022-04-22 15:00:13 +02:00
Márk Sági-Kazár
27fb1cf3bd
Merge pull request #2487 from dexidp/revert-docker-matrix
Build multi-platform images in a single build job
2022-04-22 14:59:06 +02:00
Mark Sagi-Kazar
a9fb4ae7ef
revert: move container scan back to the container build step
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2022-04-22 14:21:28 +02:00
Mark Sagi-Kazar
b8f2186593
revert: docker matrix build
Apparently matrix builds don't work with the docker action.

Only reference I found about the topic: https://github.com/docker/build-push-action/issues/130

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2022-04-22 14:15:04 +02:00
Márk Sági-Kazár
ec9a57ee4b
Merge pull request #2480 from dexidp/qemu
Qemu tweaks
2022-04-21 12:02:30 +02:00
Maksim Nabokikh
7c60f79f10
Merge pull request #1789 from techknowlogick/gitea-groups
Feature: groups in Gitea
2022-04-20 10:30:04 +04:00
techknowlogick
1067641e53 Feature: groups in Gitea
Signed-off-by: techknowlogick <techknowlogick@gitea.io>
2022-04-19 16:58:05 -04:00
dependabot[bot]
e9a43bf3cd
Merge pull request #2481 from dexidp/dependabot/github_actions/aquasecurity/trivy-action-0.2.5 2022-04-19 09:59:19 +00:00
dependabot[bot]
75d198bd85
build(deps): bump aquasecurity/trivy-action from 0.2.4 to 0.2.5
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.2.4 to 0.2.5.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.2.4...0.2.5)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-19 04:08:41 +00:00
Mark Sagi-Kazar
c5c88a688b
ci: only enable the necessary platforms for emulation
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2022-04-15 17:45:14 +02:00
Maksim Nabokikh
b26e639515
Merge pull request #2470 from flant/refresh-token-log-only-errors
fix: log only errors on refreshing
2022-04-15 17:20:02 +04:00
m.nabokikh
ad89e01676 fix: log only errors on refreshing
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2022-04-15 10:54:43 +04:00
Márk Sági-Kazár
c8ff7ed40a
Merge pull request #2478 from dexidp/distroless
Publish official distroless images
2022-04-15 08:48:42 +02:00
Mark Sagi-Kazar
3702525c86
ci: disable Docker job on push
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2022-04-14 16:08:39 +02:00
Mark Sagi-Kazar
8b2ce6252d
ci: build distroless images
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2022-04-14 16:07:00 +02:00
Mark Sagi-Kazar
6038af5044
build: help dependabot detect base image versions
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2022-04-14 15:18:28 +02:00
Mark Sagi-Kazar
95e81a925f
ci: update trivy scan job
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2022-04-14 15:08:26 +02:00
Márk Sági-Kazár
4a5f2dbb4d
Merge pull request #2474 from dexidp/artifact-build
New docker image build
2022-04-14 13:38:27 +02:00
Mark Sagi-Kazar
aa35fa6580
ci: wait for container images with container scan
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2022-04-14 12:50:12 +02:00
Mark Sagi-Kazar
0f5481a00a
ci: new docker image build
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2022-04-14 01:44:13 +02:00
Márk Sági-Kazár
783a7621e0
Merge pull request #2471 from MattiasGees/bump-alpine
Bump Alpine to latest version
2022-04-14 01:05:55 +02:00