v0.23.0 adds the ability to use client certificates stored in the Windows certificate store or Keychain (on macOS).
See https://www.pomerium.com/docs/capabilities/tcp#client-certificates for more information.
What's Changed
- vendor internal/signer from enterprise-certificate-proxy by @kenjenkins in #334
- integrate with system cert store by @kenjenkins in #314
- api: integrate with system trust store by @kenjenkins in #337
- update version command by @kenjenkins in #343
- ncrypt: open cert store in readonly mode by @kenjenkins in #344
- api: discard unknown config proto fields by @kenjenkins in #353
- cli/go: upgrade go by @calebdoxsey in #356
- update Go base docker image by @kenjenkins in #371
- expand client cert search capabilities by @kenjenkins in #380
- cli/cmd: add commands for viewing the cache location and clearing it by @calebdoxsey in #384
- api: expand client cert search capabilities by @kenjenkins in #395
- ci: upgrade Go to 1.22 by @wasaga in #406
Dependency updates
- build(deps): bump distroless/static from
a01d47dto7198a35by @dependabot in #272 - build(deps): bump distroless/base from
357bc96toba4cde5by @dependabot in #271 - build(deps): bump golang.org/x/sync from 0.1.0 to 0.2.0 by @dependabot in #277
- build(deps): bump github.com/pomerium/pomerium from 0.22.0 to 0.22.1 by @dependabot in #275
- build(deps): bump golang from 1.20.3-buster to 1.20.4-buster by @dependabot in #274
- build(deps): bump github.com/getsentry/sentry-go from 0.20.0 to 0.21.0 by @dependabot in #273
- build(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 by @dependabot in #276
- build(deps): bump actions/setup-go from 4.0.0 to 4.0.1 by @dependabot in #278
- build(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 by @dependabot in #280
- build(deps): bump actions/setup-python from 4.6.0 to 4.6.1 by @dependabot in #282
- build(deps): bump golang from
4cf6dc4to6be6011by @dependabot in #283 - build(deps): bump github.com/pomerium/pomerium from 0.22.1 to 0.22.2 by @dependabot in #281
- build(deps): bump docker/login-action from 2.1.0 to 2.2.0 by @dependabot in #289
- build(deps): bump docker/setup-buildx-action from 2.5.0 to 2.6.0 by @dependabot in #288
- build(deps): bump docker/metadata-action from 4.4.0 to 4.5.0 by @dependabot in #287
- build(deps): bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0 by @dependabot in #286
- build(deps): bump github.com/golangci/golangci-lint from 1.52.2 to 1.53.2 by @dependabot in #285
- build(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 by @dependabot in #284
- build(deps): bump golang from 1.20.4-buster to 1.20.5-buster by @dependabot in #291
- build(deps): bump actions/checkout from 3.5.2 to 3.5.3 by @dependabot in #290
- build(deps): bump golang from
b0f97bftoeb3f9acby @dependabot in #293 - build(deps): bump docker/build-push-action from 4.0.0 to 4.1.1 by @dependabot in #294
- build(deps): bump docker/setup-buildx-action from 2.6.0 to 2.7.0 by @dependabot in #295
- build(deps): bump docker/metadata-action from 4.5.0 to 4.6.0 by @dependabot in #296
- build(deps): bump docker/setup-qemu-action from 2.1.0 to 2.2.0 by @dependabot in #297
- build(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.0 by @dependabot in #298
- build(deps): bump github.com/getsentry/sentry-go from 0.21.0 to 0.22.0 by @dependabot in #299
- build(deps): bump github.com/golangci/golangci-lint from 1.53.2 to 1.53.3 by @dependabot in #301
- build(deps): bump golang.org/x/sync from 0.2.0 to 0.3.0 by @dependabot in #300
- build(deps): bump google.golang.org/protobuf from 1.30.0 to 1.31.0 by @dependabot in #304
- build(deps): bump docker/setup-buildx-action from 2.7.0 to 2.8.0 by @dependabot in #302
- build(deps): bump google.golang.org/grpc from 1.56.0 to 1.56.1 by @dependabot in #303
- build(deps): bump docker/setup-buildx-action from 2.8.0 to 2.9.0 by @dependabot in #305
- build(deps): bump actions/setup-python from 4.6.1 to 4.7.0 by @dependabot in #306
- build(deps): bump docker/setup-buildx-action from 2.9.0 to 2.9.1 by @dependabot in #307
- build(deps): bump google.golang.org/grpc from 1.56.1 to 1.57.0 by @dependabot in #312
- build(deps): bump github.com/rs/zerolog from 1.29.1 to 1.30.0 by @dependabot in #310
- build(deps): bump github.com/getsentry/sentry-go from 0.22.0 to 0.23.0 by @dependabot in #309
- build(deps): bump github.com/go-chi/chi/v5 from 5.0.8 to 5.0.10 by @dependabot in #311
- build(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot in #320
- build(deps): bump docker/setup-buildx-action from 2.9.1 to 2.10.0 by @dependabot in #319
- build(deps): bump tibdex/github-app-token from 1.8.0 to 1.8.2 by @dependabot in #318
- build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot in #317
- build(deps): bump goreleaser/goreleaser-action from 4.3.0 to 4.4.0 by @dependabot in #316
- build(deps): bump github.com/golangci/golangci-lint from 1.53.3 to 1.54.2 by @dependabot in #324
- build(deps): bump github.com/google/uuid from 1.3.0 to 1.3.1 by @dependabot in #323
- build(deps): bump distroless/static from
7198a35toe7e79fbby @dependabot in #321 - build(deps): bump github.com/pomerium/pomerium from 0.22.2 to 0.23.0 by @dependabot in #322
- update github.com/elazarl/goproxy by @kenjenkins in #326
- build(deps): bump goreleaser/goreleaser-action from 4.4.0 to 4.6.0 by @dependabot in #329
- build(deps): bump actions/cache from 3.3.1 to 3.3.2 by @dependabot in #330
- build(deps): bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot in #328
- build(deps): bump tibdex/github-app-token from 1.8.2 to 2.0.0 by @dependabot in #331
- build(deps): bump goreleaser/goreleaser-action from 4.6.0 to 5.0.0 by @dependabot in #333
- build(deps): bump docker/build-push-action from 4.1.1 to 5.0.0 by @dependabot in #339
- build(deps): bump docker/setup-buildx-action from 2.10.0 to 3.0.0 by @dependabot in #342
- build(deps): bump docker/setup-qemu-action from 2.2.0 to 3.0.0 by @dependabot in #341
- build(deps): bump docker/login-action from 2.2.0 to 3.0.0 by @dependabot in #340
- build(deps): bump docker/metadata-action from 4.6.0 to 5.0.0 by @dependabot in #338
- build(deps): bump distroless/base from
ba4cde5to80c68f0by @dependabot in #352 - build(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in #351
- build(deps): bump tibdex/github-app-token from 2.0.0 to 2.1.0 by @dependabot in #350
- build(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.2 by @dependabot in #349
- build(deps): bump golang.org/x/sys from 0.11.0 to 0.12.0 by @dependabot in #348
- build(deps): bump github.com/rs/zerolog from 1.30.0 to 1.31.0 by @dependabot in #347
- build(deps): bump golang.org/x/crypto from 0.12.0 to 0.13.0 by @dependabot in #346
- build(deps): bump github.com/getsentry/sentry-go from 0.23.0 to 0.24.1 by @dependabot in #345
- build(deps): bump golang.org/x/net from 0.14.0 to 0.17.0 by @dependabot in #354
- build(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 by @dependabot in #355
- build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 by @dependabot in #369
- build(deps): bump golang.org/x/sys from 0.13.0 to 0.15.0 by @dependabot in #379
- build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in #378
- build(deps): bump docker/build-push-action from 5.0.0 to 5.1.0 by @dependabot in #374
- build(deps): bump golang from 1.21.3-bookworm to 1.21.4-bookworm by @dependabot in #372
- build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in #364
- build(deps): bump actions/setup-python from 4.7.0 to 4.7.1 by @dependabot in #363
- build(deps): bump distroless/static from
e7e79fbto6706c73by @dependabot in #365 - build(deps): bump distroless/base-debian12 from
d2890b2to5e24c7aby @dependabot in #367 - build(deps): bump docker/metadata-action from 5.0.0 to 5.2.0 by @dependabot in #373
- build(deps): bump golang.org/x/sync from 0.3.0 to 0.5.0 by @dependabot in #377
- build(deps): bump github.com/getsentry/sentry-go from 0.24.1 to 0.25.0 by @dependabot in #361
- build(deps): bump github.com/google/uuid from 1.3.1 to 1.4.0 by @dependabot in #359
- build(deps): bump google.golang.org/grpc from 1.58.3 to 1.59.0 by @dependabot in #358
- build(deps): bump golang.org/x/crypto from 0.14.0 to 0.16.0 by @dependabot in #376
- build(deps): bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by @dependabot in #357
- build(deps): bump github.com/golangci/golangci-lint from 1.54.2 to 1.55.2 by @dependabot in #370
- build(deps): bump github.com/pomerium/pomerium from 0.23.0 to 0.24.0 by @dependabot in #375
- cli/ci: upgrade golangci-lint by @calebdoxsey in #382
- build(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0 by @dependabot in #383
- build(deps): bump docker/metadata-action from 5.2.0 to 5.4.0 by @dependabot in #394
- build(deps): bump actions/setup-go from 4.1.0 to 5.0.0 by @dependabot in #393
- build(deps): bump actions/setup-python from 4.7.1 to 5.0.0 by @dependabot in #392
- build(deps): bump github.com/google/uuid from 1.4.0 to 1.5.0 by @dependabot in #391
- build(deps): bump google.golang.org/protobuf from 1.31.0 to 1.32.0 by @dependabot in #390
- build(deps): bump google.golang.org/grpc from 1.59.0 to 1.60.1 by @dependabot in #388
- build(deps): bump github.com/go-chi/chi/v5 from 5.0.10 to 5.0.11 by @dependabot in #389
- build(deps): bump distroless/static from
6706c73to9be3fccby @dependabot in #387 - build(deps): bump distroless/base-debian12 from
5e24c7ato996c583by @dependabot in #386 - build(deps): bump golang from 1.21.4-bookworm to 1.21.5-bookworm by @dependabot in #385
- build(deps): bump docker/metadata-action from 5.4.0 to 5.5.1 by @dependabot in #405
- build(deps): bump actions/cache from 3.3.2 to 4.0.0 by @dependabot in #404
- build(deps): bump golang from 1.21.5-bookworm to 1.21.6-bookworm by @dependabot in #403
- build(deps): bump github.com/google/uuid from 1.5.0 to 1.6.0 by @dependabot in #402
- build(deps): bump golang.org/x/sys from 0.15.0 to 0.16.0 by @dependabot in #401
- build(deps): bump github.com/getsentry/sentry-go from 0.25.0 to 0.26.0 by @dependabot in #400
- build(deps): bump golang.org/x/crypto from 0.17.0 to 0.18.0 by @dependabot in #396
- build(deps): bump golang.org/x/sync from 0.5.0 to 0.6.0 by @dependabot in #398
- build(deps): bump github.com/pomerium/pomerium from 0.24.0 to 0.25.0 by @dependabot in #399
- build(deps): bump google.golang.org/grpc from 1.60.1 to 1.61.0 by @dependabot in #397
- build(deps): bump distroless/base-debian12 from
996c583to1d91d5fby @dependabot in #407 - build(deps): bump distroless/static from
9be3fccto072d78bby @dependabot in #408 - build(deps): bump pre-commit/action from 3.0.0 to 3.0.1 by @dependabot in #409
- build(deps): bump actions/cache from 4.0.0 to 4.0.1 by @dependabot in #410
- build(deps): bump docker/setup-buildx-action from 3.0.0 to 3.1.0 by @dependabot in #411
- build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in #412
- build(deps): bump golang.org/x/sys from 0.16.0 to 0.17.0 by @dependabot in #413
- build(deps): bump google.golang.org/grpc from 1.61.0 to 1.62.0 by @dependabot in #414
- build(deps): bump github.com/rs/zerolog from 1.31.0 to 1.32.0 by @dependabot in #416
- build(deps): bump github.com/getsentry/sentry-go from 0.26.0 to 0.27.0 by @dependabot in #417
- build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 by @dependabot in #419
- build(deps): bump golang.org/x/crypto from 0.18.0 to 0.21.0 by @dependabot in #421
- build(deps): bump github.com/go-chi/chi/v5 from 5.0.11 to 5.0.12 by @dependabot in #418
- build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.2 by @dependabot in #420
- build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.2 to 3.0.3 by @dependabot in #422
- build(deps): bump the docker group with 2 updates by @dependabot in #424
- build(deps): bump the github-actions group with 1 update by @dependabot in #425
- build(deps): bump the go group with 2 updates by @dependabot in #427
- build(deps): bump the go group with 2 updates by @dependabot in #428
- build(deps): bump the docker group with 3 updates by @dependabot in #429
- build(deps): bump the github-actions group with 6 updates by @dependabot in #430
New Contributors
- @kenjenkins made their first contribution in #315
Full Changelog: v0.22.0...v0.23.0
Contributors
calebdoxsey, wasaga, and 2 other contributors