Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sync with upstream master #6

Open
wants to merge 852 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 250 commits
Commits
Show all changes
852 commits
Select commit Hold shift + click to select a range
1e76411
build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.12 to 3.5.13
dependabot[bot] Apr 1, 2024
b40f964
build(deps): bump golang from 1.22.1-alpine3.18 to 1.22.2-alpine3.18
dependabot[bot] Apr 4, 2024
9222b70
build(deps): bump golang.org/x/net from 0.22.0 to 0.24.0
dependabot[bot] Apr 5, 2024
65d8125
build(deps): bump golang.org/x/oauth2 from 0.18.0 to 0.19.0 in /examples
dependabot[bot] Apr 5, 2024
af38034
build(deps): bump github/codeql-action from 3.24.8 to 3.24.10
dependabot[bot] Apr 8, 2024
84954fc
use the default cosign version from the action
cpanato Apr 8, 2024
76f2c8b
run release note label ci only in dexidp/dex repo not in forks
cpanato Apr 8, 2024
65c18a1
Merge pull request #3459 from cpanato/update-ci
sagikazarmark Apr 8, 2024
b740a26
build(deps): bump mheap/github-action-required-labels
dependabot[bot] Apr 8, 2024
a3d3f3b
Merge pull request #3458 from cpanato/update-cosign
sagikazarmark Apr 9, 2024
f88b7cf
Merge pull request #3457 from dexidp/dependabot/github_actions/github…
sagikazarmark Apr 9, 2024
b12883c
Merge pull request #3452 from dexidp/dependabot/go_modules/examples/g…
sagikazarmark Apr 9, 2024
0261110
Merge pull request #3451 from dexidp/dependabot/go_modules/golang.org…
sagikazarmark Apr 9, 2024
e5123f1
Merge pull request #3446 from dexidp/dependabot/docker/golang-1.22.2-…
sagikazarmark Apr 9, 2024
3b1b174
Merge pull request #3443 from dexidp/dependabot/go_modules/go.etcd.io…
sagikazarmark Apr 9, 2024
f1772cb
Merge pull request #3440 from dexidp/dependabot/docker/distroless/sta…
sagikazarmark Apr 9, 2024
b2e0f96
Merge pull request #3435 from dexidp/dependabot/github_actions/action…
sagikazarmark Apr 9, 2024
090d3b0
build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.12 to 3.5.13
dependabot[bot] Apr 9, 2024
e53e962
Merge pull request #3434 from dexidp/dependabot/go_modules/github.com…
sagikazarmark Apr 9, 2024
68d8ad0
build(deps): bump google.golang.org/api from 0.171.0 to 0.172.0
dependabot[bot] Apr 9, 2024
231481f
Merge pull request #3430 from dexidp/dependabot/github_actions/mheap/…
sagikazarmark Apr 9, 2024
4078a17
Merge pull request #3428 from dexidp/dependabot/github_actions/docker…
sagikazarmark Apr 9, 2024
ca27d3c
Merge pull request #3442 from dexidp/dependabot/go_modules/go.etcd.io…
sagikazarmark Apr 9, 2024
98980ca
Merge pull request #3438 from dexidp/dependabot/go_modules/google.gol…
sagikazarmark Apr 9, 2024
b13f5ac
build(deps): bump docker/setup-buildx-action from 3.2.0 to 3.3.0
dependabot[bot] Apr 9, 2024
cd693d3
build(deps): bump distroless/static-debian12 from `42c8865` to `e9ac71e`
dependabot[bot] Apr 9, 2024
3705207
Do not escape password for LDAP connectors (#3470)
nabokihms Apr 9, 2024
7cd76c8
build(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0
dependabot[bot] Apr 11, 2024
1ca4583
fix k8s guide link in README (#3474)
elehcim Apr 12, 2024
677ab36
feat: Add support for configurable prompt type for Google connector (…
abhisek Apr 15, 2024
c96c493
build(deps): bump golang.org/x/net in /api/v2 in the go_modules group
dependabot[bot] Apr 19, 2024
d5b22a6
build(deps): bump anchore/sbom-action from 0.15.9 to 0.15.11
dependabot[bot] Apr 29, 2024
d3ae7e2
build(deps): bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 in /examples
dependabot[bot] May 6, 2024
2c74baa
build(deps): bump aquasecurity/trivy-action from 0.18.0 to 0.20.0
dependabot[bot] May 8, 2024
3a541eb
build(deps): bump golang from 1.22.2-alpine3.18 to 1.22.3-alpine3.18
dependabot[bot] May 8, 2024
5e7fb02
build(deps): bump google.golang.org/api from 0.172.0 to 0.179.0
dependabot[bot] May 10, 2024
bdb2836
Merge pull request #3516 from dexidp/dependabot/go_modules/google.gol…
sagikazarmark May 12, 2024
3e13398
Merge pull request #3514 from dexidp/dependabot/docker/golang-1.22.3-…
sagikazarmark May 12, 2024
4129017
Merge pull request #3512 from dexidp/dependabot/github_actions/aquase…
sagikazarmark May 12, 2024
c1caa2f
Merge pull request #3508 from dexidp/dependabot/go_modules/examples/g…
sagikazarmark May 12, 2024
f9c12cb
Merge pull request #3497 from dexidp/dependabot/github_actions/anchor…
sagikazarmark May 12, 2024
c240288
Merge pull request #3483 from dexidp/dependabot/go_modules/api/v2/go_…
sagikazarmark May 12, 2024
d2cce5d
Merge pull request #3472 from dexidp/dependabot/github_actions/sigsto…
sagikazarmark May 12, 2024
d7fb98e
Merge pull request #3469 from dexidp/dependabot/docker/distroless/sta…
sagikazarmark May 12, 2024
c333aee
Merge pull request #3462 from dexidp/dependabot/github_actions/docker…
sagikazarmark May 12, 2024
8288210
build(deps): bump google.golang.org/protobuf in /api/v2
dependabot[bot] May 12, 2024
dbb28db
Merge pull request #3510 from dexidp/dependabot/go_modules/api/v2/goo…
sagikazarmark May 12, 2024
2c93bf2
build(deps): bump google.golang.org/grpc in /examples
dependabot[bot] May 12, 2024
e5de464
build(deps): bump google.golang.org/grpc in /api/v2
dependabot[bot] May 12, 2024
ae016b4
build(deps): bump actions/setup-go from 5.0.0 to 5.0.1
dependabot[bot] May 13, 2024
659784a
build(deps): bump mheap/github-action-required-labels
dependabot[bot] May 13, 2024
8e0aec1
build(deps): bump github/codeql-action from 3.24.10 to 3.25.4
dependabot[bot] May 13, 2024
d6a4d9e
build(deps): bump helm/kind-action from 1.9.0 to 1.10.0
dependabot[bot] May 13, 2024
cfd085e
build(deps): bump actions/dependency-review-action from 4.2.5 to 4.3.2
dependabot[bot] May 13, 2024
76ec7f1
build(deps): bump google.golang.org/api from 0.179.0 to 0.180.0
dependabot[bot] May 13, 2024
7e21fd6
build(deps): bump github.com/prometheus/client_golang
dependabot[bot] May 13, 2024
b1c86e2
Merge pull request #3526 from dexidp/dependabot/go_modules/github.com…
sagikazarmark May 13, 2024
117bb24
Merge pull request #3525 from dexidp/dependabot/go_modules/google.gol…
sagikazarmark May 13, 2024
e695f13
Merge pull request #3524 from dexidp/dependabot/github_actions/action…
sagikazarmark May 13, 2024
0c841ca
Merge pull request #3523 from dexidp/dependabot/github_actions/helm/k…
sagikazarmark May 13, 2024
94e060d
Merge pull request #3522 from dexidp/dependabot/github_actions/github…
sagikazarmark May 13, 2024
e32431a
Merge pull request #3521 from dexidp/dependabot/github_actions/mheap/…
sagikazarmark May 13, 2024
a04fc49
Merge pull request #3520 from dexidp/dependabot/github_actions/action…
sagikazarmark May 13, 2024
4236cb1
Merge pull request #3465 from dexidp/dependabot/go_modules/api/v2/goo…
sagikazarmark May 13, 2024
2e823e3
Merge pull request #3460 from dexidp/dependabot/go_modules/examples/g…
sagikazarmark May 13, 2024
c6fa455
chore: fix function names in comment (#3464)
mountcount May 13, 2024
347beba
Revert autogenerated columnChecker description (#3528)
nabokihms May 13, 2024
369369c
build(deps): bump github.com/beevik/etree from 1.3.0 to 1.4.0
dependabot[bot] May 14, 2024
0088565
build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.1 to 4.0.2
dependabot[bot] May 14, 2024
6951f8d
build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
dependabot[bot] May 14, 2024
524f2b5
build(deps): bump google.golang.org/grpc in /examples
dependabot[bot] May 15, 2024
fca8571
build(deps): bump golang from `4531927` to `ff6ab2b`
dependabot[bot] May 15, 2024
7eadefe
build(deps): bump google.golang.org/api from 0.180.0 to 0.181.0
dependabot[bot] May 17, 2024
7415e88
build(deps): bump actions/checkout from 4.1.2 to 4.1.6
dependabot[bot] May 17, 2024
d3f8c0c
---
dependabot[bot] May 21, 2024
83a8bc6
---
dependabot[bot] May 21, 2024
25959fc
build(deps): bump alpine from 3.19.1 to 3.20.0
dependabot[bot] May 23, 2024
9fd4c74
add provanance
cpanato May 27, 2024
6b21e6a
Merge pull request #3548 from cpanato/attestation
sagikazarmark May 28, 2024
6c49f9f
Merge pull request #3547 from dexidp/dependabot/docker/alpine-3.20.0
sagikazarmark May 28, 2024
0d6861b
Merge pull request #3545 from dexidp/dependabot/github_actions/anchor…
sagikazarmark May 28, 2024
805080c
Merge pull request #3544 from dexidp/dependabot/github_actions/github…
sagikazarmark May 28, 2024
c2b5fd0
Merge pull request #3542 from dexidp/dependabot/github_actions/action…
sagikazarmark May 28, 2024
02424be
Merge pull request #3541 from dexidp/dependabot/go_modules/google.gol…
sagikazarmark May 28, 2024
59f06cf
Merge pull request #3536 from dexidp/dependabot/docker/golang-ff6ab2b
sagikazarmark May 28, 2024
6fd2e9c
Merge pull request #3534 from dexidp/dependabot/github_actions/ossf/s…
sagikazarmark May 28, 2024
4f9398b
Merge pull request #3531 from dexidp/dependabot/go_modules/github.com…
sagikazarmark May 28, 2024
b081933
Merge pull request #3530 from dexidp/dependabot/go_modules/github.com…
sagikazarmark May 28, 2024
a5a47ef
Merge pull request #3535 from dexidp/dependabot/go_modules/examples/g…
sagikazarmark May 28, 2024
088c3e5
build(deps): bump docker/login-action from 3.1.0 to 3.2.0 (#3551)
dependabot[bot] May 29, 2024
b057594
Google: Implement groups fetch by default service account from metada…
vsychov May 29, 2024
bea63b9
build(deps): bump golang from `ff6ab2b` to `d1a601b` (#3550)
dependabot[bot] May 29, 2024
c8187ab
build(deps): bump aquasecurity/trivy-action from 0.20.0 to 0.21.0 (#3…
dependabot[bot] May 29, 2024
cdfe6f5
Fix slight grammar errors. (#3538)
adeinega May 29, 2024
caae8a8
Bump google.golang.org/grpc to v1.64.0 (#3553)
nabokihms May 29, 2024
569e0cc
build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.13 to 3.5.14…
dependabot[bot] May 31, 2024
064a409
OIDC connector option to override jwksURI (#3543)
sohgaura May 31, 2024
d7d82b6
build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.13 to 3.5.14 (#3…
dependabot[bot] May 31, 2024
8e59b6d
Look for secrets before using them (#2918)
jsoref May 31, 2024
0b6a783
use slog for structured logging (#3502)
seankhliao Jun 1, 2024
f3ef7d4
feat: allow domain names or IDs in keystone connector (#3506)
cardoe Jun 3, 2024
7b37bbb
Build containers for branches (#3560)
nabokihms Jun 3, 2024
9769f9b
build(deps): bump github/codeql-action from 3.25.6 to 3.25.7 (#3561)
dependabot[bot] Jun 3, 2024
203b084
Fix slog nil pointer error (#3563)
nabokihms Jun 3, 2024
369707b
Fix trivy scanning job (#3564)
nabokihms Jun 3, 2024
23efe92
Bump gomplate 3.11.8 (#3565)
nabokihms Jun 3, 2024
a174846
Prevent double clicking of the submit button on login (#3554)
pcorliss Jun 13, 2024
50e0892
build(deps): bump github.com/spf13/cobra in /examples (#3582)
dependabot[bot] Jun 17, 2024
17a9c1c
build(deps): bump actions/attest-build-provenance from 1.1.2 to 1.3.1…
dependabot[bot] Jun 17, 2024
1189cc0
build(deps): bump docker/build-push-action from 5.3.0 to 6.3.0
dependabot[bot] Jul 4, 2024
e785de8
build(deps): bump distroless/static-debian12 from `e9ac71e` to `8dd8d3c`
dependabot[bot] Jul 5, 2024
6f809c8
build(deps): bump google.golang.org/grpc
dependabot[bot] Jul 9, 2024
e51440a
build(deps): bump aquasecurity/trivy-action from 0.21.0 to 0.24.0
dependabot[bot] Jul 10, 2024
092f414
build(deps): bump google.golang.org/grpc from 1.64.0 to 1.65.0
dependabot[bot] Jul 10, 2024
3d7370a
build(deps): bump actions/dependency-review-action from 4.3.2 to 4.3.4
dependabot[bot] Jul 12, 2024
deaaa2b
build(deps): bump github/codeql-action from 3.25.7 to 3.25.12
dependabot[bot] Jul 15, 2024
8854ffb
Merge pull request #3619 from dexidp/dependabot/github_actions/github…
sagikazarmark Jul 15, 2024
5f4aa3e
Merge pull request #3618 from dexidp/dependabot/github_actions/action…
sagikazarmark Jul 15, 2024
f334bfb
Merge pull request #3617 from dexidp/dependabot/go_modules/google.gol…
sagikazarmark Jul 15, 2024
68883b3
Merge pull request #3615 from dexidp/dependabot/github_actions/aquase…
sagikazarmark Jul 15, 2024
6aa5ab7
Merge pull request #3612 from dexidp/dependabot/go_modules/examples/g…
sagikazarmark Jul 15, 2024
fddabe1
Merge pull request #3604 from dexidp/dependabot/docker/distroless/sta…
sagikazarmark Jul 15, 2024
fd19c90
build(deps): bump golang.org/x/net from 0.25.0 to 0.27.0
dependabot[bot] Jul 15, 2024
e0433e3
build(deps): bump golang.org/x/crypto from 0.23.0 to 0.25.0
dependabot[bot] Jul 15, 2024
c76a573
Merge pull request #3603 from dexidp/dependabot/github_actions/docker…
sagikazarmark Jul 15, 2024
f4c2e67
build(deps): bump github.com/coreos/go-oidc/v3 in /examples
dependabot[bot] Jul 15, 2024
12c54e2
build(deps): bump alpine from 3.20.0 to 3.20.1
dependabot[bot] Jul 15, 2024
56397a9
Merge pull request #3609 from dexidp/dependabot/go_modules/examples/g…
sagikazarmark Jul 15, 2024
5a27b66
Merge pull request #3606 from dexidp/dependabot/go_modules/golang.org…
sagikazarmark Jul 15, 2024
862317d
Merge pull request #3605 from dexidp/dependabot/go_modules/golang.org…
sagikazarmark Jul 15, 2024
7d27fcc
Merge pull request #3591 from dexidp/dependabot/docker/alpine-3.20.1
sagikazarmark Jul 15, 2024
2f72d20
build(deps): bump google.golang.org/grpc in /examples
dependabot[bot] Jul 15, 2024
2891d29
build(deps): bump golang.org/x/oauth2 from 0.20.0 to 0.21.0
dependabot[bot] Jul 15, 2024
57749f4
Merge pull request #3600 from dexidp/dependabot/go_modules/examples/g…
sagikazarmark Jul 15, 2024
9024d4c
Merge pull request #3567 from dexidp/dependabot/go_modules/golang.org…
sagikazarmark Jul 15, 2024
6fca251
Gracefully handle no args being passed to entrypoint (#3589)
rgmz Jul 15, 2024
bd73825
new Prometheus metrics build_info (#3558)
nlamirault Jul 15, 2024
fb20f3f
fix: always retrieve github emails when `preferredEmailDomain` is set…
thesuperzapper Jul 15, 2024
bacb76f
build(deps): bump github.com/coreos/go-oidc/v3 from 3.10.0 to 3.11.0 …
dependabot[bot] Jul 16, 2024
4c8f5a4
build(deps): bump actions/checkout from 4.1.6 to 4.1.7 (#3621)
dependabot[bot] Jul 16, 2024
f5e1ed8
build(deps): bump docker/setup-qemu-action from 3.0.0 to 3.1.0 (#3625)
dependabot[bot] Jul 16, 2024
2669b61
build(deps): bump actions/attest-build-provenance from 1.3.1 to 1.3.3…
dependabot[bot] Jul 16, 2024
b07e1bc
gRPC Connectors API (#3245)
twoojoo Jul 16, 2024
c4bd537
build(deps): bump google.golang.org/protobuf from 1.34.1 to 1.34.2 (#…
dependabot[bot] Jul 17, 2024
90fa5d7
build(deps): bump anchore/sbom-action from 0.16.0 to 0.17.0 (#3630)
dependabot[bot] Jul 17, 2024
6f952cc
build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.3 (…
dependabot[bot] Jul 17, 2024
b66befa
build(deps): bump actions/setup-go from 5.0.1 to 5.0.2 (#3622)
dependabot[bot] Jul 17, 2024
f4e420d
build(deps): bump docker/build-push-action from 6.3.0 to 6.4.0 (#3623)
dependabot[bot] Jul 17, 2024
9d844a2
build(deps): bump docker/setup-buildx-action from 3.3.0 to 3.4.0 (#3629)
dependabot[bot] Jul 17, 2024
c92ecb5
build(deps): bump github.com/AppsFlyer/go-sundheit from 0.5.0 to 0.5.…
dependabot[bot] Jul 18, 2024
fae1e6c
build(deps): bump docker/build-push-action from 6.4.0 to 6.4.1 (#3633)
dependabot[bot] Jul 18, 2024
23a53a8
build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 (#3634)
dependabot[bot] Jul 18, 2024
849d601
Pass ctx with http.Client to verifier for OIDC connector (#3641)
jack-r-warren Jul 24, 2024
be5fac8
Fix the broken link to v2 page (#3648)
tuladhar Jul 24, 2024
63f4410
Update dependencies before Dex v2.41 (#3637)
nabokihms Jul 26, 2024
02abf83
build(deps): bump alpine from 3.20.1 to 3.20.2 (#3647)
dependabot[bot] Jul 26, 2024
f017295
build(deps): bump google.golang.org/api from 0.182.0 to 0.189.0 (#3646)
dependabot[bot] Jul 26, 2024
ad623a0
build(deps): bump github/codeql-action from 3.25.12 to 3.25.14 (#3651)
dependabot[bot] Jul 26, 2024
4617ded
build(deps): bump actions/upload-artifact from 3.1.3 to 4.3.4 (#3607)
dependabot[bot] Jul 26, 2024
a67e9de
build(deps): bump golang from `8c9183f` to `0d3653d` (#3657)
dependabot[bot] Jul 29, 2024
2ed191c
FIx CVE before Dex v2.41 (#3653)
nabokihms Jul 29, 2024
270023b
Bump gomplate 4.0.1 (#3652)
MoeBensu Jul 30, 2024
2a6ddc1
build(deps): bump github.com/AppsFlyer/go-sundheit from 0.5.1 to 0.6.…
dependabot[bot] Jul 30, 2024
08afaa3
build(deps): bump docker/setup-buildx-action from 3.4.0 to 3.6.1 (#3658)
dependabot[bot] Jul 31, 2024
c3b3120
build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.14 to 3.5.15 (#3…
dependabot[bot] Jul 31, 2024
3f89d4d
build(deps): bump docker/setup-qemu-action from 3.1.0 to 3.2.0 (#3645)
dependabot[bot] Jul 31, 2024
c463f06
build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 (#3656)
dependabot[bot] Jul 31, 2024
ce4be97
build(deps): bump docker/build-push-action from 6.4.1 to 6.5.0 (#3643)
dependabot[bot] Jul 31, 2024
c21ab7e
build(deps): bump docker/login-action from 3.2.0 to 3.3.0 (#3644)
dependabot[bot] Jul 31, 2024
36e6e08
Update README: Add a link to release process in Development section (…
tuladhar Jul 31, 2024
6ceb265
Merge pull request #3063 from jacksonargo/oidc-group-regex
sagikazarmark Aug 1, 2024
2256607
Enrich Dex logs with real IP and request ID (#3661)
nabokihms Aug 1, 2024
81af488
Remove additional features and add a feature flag instead (#3663)
nabokihms Aug 1, 2024
daf32e5
build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.3 to 4.0.4 (…
dependabot[bot] Aug 2, 2024
07a4283
Fix logger.Warnf error after merging 3661 (#3668)
nabokihms Aug 2, 2024
2ca85ca
Migrate to docker compose plugin (#3669)
nabokihms Aug 2, 2024
ec68cf6
build(deps): bump google.golang.org/api from 0.189.0 to 0.190.0 (#3667)
dependabot[bot] Aug 2, 2024
d79e577
build(deps): bump actions/attest-build-provenance from 1.3.3 to 1.4.0…
dependabot[bot] Aug 2, 2024
9986b27
Bump ent v0.14.0 (#3670)
nabokihms Aug 2, 2024
257a821
build(deps): bump github/codeql-action from 3.25.14 to 3.25.15 (#3664)
dependabot[bot] Aug 2, 2024
d2928d3
Fix scheme for DialURL ldap connection (#3677)
nabokihms Aug 6, 2024
5c66c71
Change workdir for gomplate (#3684)
nabokihms Aug 7, 2024
5d57edf
build(deps): bump sigstore/cosign-installer from 3.5.0 to 3.6.0
dependabot[bot] Aug 8, 2024
14d31a7
chore: update nix-direnv from 1.5.0 to 3.0.5 (#3700)
hur Aug 28, 2024
d0f1777
Added Discovery to grpc (#3598)
koendelaat Aug 29, 2024
9048ced
build(deps): bump actions/upload-artifact from 4.3.4 to 4.4.0
dependabot[bot] Sep 2, 2024
bcf62db
build(deps): bump golang from 1.22.5-alpine3.20 to 1.23.1-alpine3.20 …
dependabot[bot] Sep 10, 2024
1cff80d
build(deps): bump alpine from 3.20.2 to 3.20.3 (#3729)
dependabot[bot] Sep 10, 2024
95bf7fa
build(deps): bump golang.org/x/net from 0.27.0 to 0.29.0 (#3726)
dependabot[bot] Sep 10, 2024
81d7dd2
build(deps): bump golang.org/x/oauth2 from 0.21.0 to 0.23.0 in /examp…
dependabot[bot] Sep 10, 2024
f2dcf46
build(deps): bump actions/attest-build-provenance from 1.4.0 to 1.4.3…
dependabot[bot] Sep 10, 2024
f8b37a1
build(deps): bump google.golang.org/grpc in /examples (#3731)
dependabot[bot] Sep 10, 2024
8028737
build(deps): bump distroless/static-debian12 from `8dd8d3c` to `42d15…
dependabot[bot] Sep 10, 2024
f52e3b7
build(deps): bump tonistiigi/xx from 1.4.0 to 1.5.0 (#3705)
dependabot[bot] Sep 10, 2024
20f240c
build(deps): bump google.golang.org/api from 0.190.0 to 0.196.0 (#3721)
dependabot[bot] Sep 10, 2024
b3eb34f
build(deps): bump github.com/dexidp/dex/api/v2 in /examples
dependabot[bot] Sep 11, 2024
b58ba78
build(deps): bump mheap/github-action-required-labels
dependabot[bot] Sep 11, 2024
5d89515
build(deps): bump github.com/mattn/go-sqlite3 from 1.14.22 to 1.14.23
dependabot[bot] Sep 11, 2024
56f0e08
build(deps): bump docker/build-push-action from 6.5.0 to 6.7.0 (#3696)
dependabot[bot] Sep 12, 2024
8333c84
build(deps): bump golang.org/x/oauth2 from 0.21.0 to 0.23.0 (#3723)
dependabot[bot] Sep 17, 2024
3cff303
build(deps): bump google.golang.org/grpc from 1.66.0 to 1.66.2
dependabot[bot] Sep 17, 2024
1a16aa4
feat(metrics): add response_size, request_duration histograms (#3748)
IvoGoman Sep 17, 2024
4f27eec
build(deps): bump distroless/static-debian12 from `42d15c6` to `dcd3f1f`
dependabot[bot] Sep 19, 2024
731a093
Merge pull request #3685 from dexidp/dependabot/github_actions/sigsto…
sagikazarmark Sep 22, 2024
08bdc8f
Merge pull request #3720 from dexidp/dependabot/github_actions/action…
sagikazarmark Sep 22, 2024
7062f95
Merge pull request #3734 from dexidp/dependabot/go_modules/examples/g…
sagikazarmark Sep 22, 2024
563085f
Merge pull request #3735 from dexidp/dependabot/github_actions/mheap/…
sagikazarmark Sep 22, 2024
fc7d1b6
build(deps): bump anchore/sbom-action from 0.17.0 to 0.17.2
dependabot[bot] Sep 22, 2024
50cbb5c
Merge pull request #3738 from dexidp/dependabot/go_modules/github.com…
sagikazarmark Sep 22, 2024
a8ae234
Merge pull request #3742 from dexidp/dependabot/go_modules/google.gol…
sagikazarmark Sep 22, 2024
361d020
Merge pull request #3754 from dexidp/dependabot/docker/distroless/sta…
sagikazarmark Sep 22, 2024
2daa9fe
build(deps): bump github.com/Masterminds/sprig/v3 from 3.2.3 to 3.3.0
dependabot[bot] Sep 22, 2024
7ed5b8a
Merge pull request #3746 from dexidp/dependabot/github_actions/anchor…
sagikazarmark Sep 22, 2024
6c77662
Merge pull request #3753 from dexidp/dependabot/go_modules/github.com…
sagikazarmark Sep 23, 2024
e7c0682
feat: also allow localhost equivalent IP addresses (#3778)
dsonck92 Oct 7, 2024
749bbd5
fix unmarshaling of expanded environment variables with special chara…
tuminoid Oct 14, 2024
fe08a08
saml connector: fix nil pointer on validate saml (#3793)
siarhei-haurylau Oct 14, 2024
c6e15b5
fix: update enhancement proposal link (#3755)
emmanuel-ferdman Oct 14, 2024
4bb97c7
Handle root path better (than nothing) (#3747)
nabokihms Oct 16, 2024
f46adb9
Support base64 encoded and PEM encoded certs (#3751)
nabokihms Oct 18, 2024
93637fb
build(deps): bump aquasecurity/trivy-action from 0.24.0 to 0.28.0 (#3…
dependabot[bot] Oct 18, 2024
4f628bc
build(deps): bump github/codeql-action from 3.25.15 to 3.26.13 (#3795)
dependabot[bot] Oct 18, 2024
7b687e3
build(deps): bump golang from 1.23.1-alpine3.20 to 1.23.2-alpine3.20 …
dependabot[bot] Oct 18, 2024
c5c1052
build(deps): bump distroless/static-debian12 from `dcd3f1f` to `26f9b…
dependabot[bot] Oct 18, 2024
df89714
build(deps): bump cloud.google.com/go/compute/metadata (#3764)
dependabot[bot] Oct 18, 2024
b33cebb
build(deps): bump docker/setup-buildx-action from 3.6.1 to 3.7.1 (#3781)
dependabot[bot] Oct 18, 2024
355bc4e
build(deps): bump google.golang.org/grpc in /examples (#3774)
dependabot[bot] Oct 18, 2024
e1407a4
build(deps): bump docker/build-push-action from 6.7.0 to 6.9.0 (#3772)
dependabot[bot] Oct 18, 2024
9e0dd19
build(deps): bump anchore/sbom-action from 0.17.2 to 0.17.4 (#3801)
dependabot[bot] Oct 21, 2024
b9f9e1c
build(deps): bump github.com/prometheus/client_golang (#3799)
dependabot[bot] Oct 21, 2024
52eab45
build(deps): bump golang.org/x/net from 0.29.0 to 0.30.0 (#3802)
dependabot[bot] Oct 22, 2024
577c2d7
build(deps): bump actions/dependency-review-action from 4.3.4 to 4.3.…
dependabot[bot] Oct 22, 2024
14bf497
build(deps): bump anchore/sbom-action from 0.17.4 to 0.17.5 (#3803)
dependabot[bot] Oct 22, 2024
80be9bc
build(deps): bump sigstore/cosign-installer from 3.6.0 to 3.7.0 (#3800)
dependabot[bot] Oct 22, 2024
5245138
build(deps): bump github.com/mattn/go-sqlite3 from 1.14.23 to 1.14.24…
dependabot[bot] Oct 23, 2024
a37b6e9
build(deps): bump github/codeql-action from 3.26.13 to 3.27.0 (#3806)
dependabot[bot] Oct 23, 2024
3b00bbe
build(deps): bump actions/checkout from 4.1.7 to 4.2.1 (#3785)
dependabot[bot] Oct 23, 2024
2ab83e5
build(deps): bump google.golang.org/api from 0.196.0 to 0.203.0 (#3807)
dependabot[bot] Oct 24, 2024
3e00d33
GitLab connector: add GitLab additional group with role (#2941)
zvlb Oct 24, 2024
b14e628
build(deps): bump actions/checkout from 4.2.1 to 4.2.2 (#3808)
dependabot[bot] Oct 25, 2024
eefa6c1
build(deps): bump actions/dependency-review-action from 4.3.5 to 4.4.…
dependabot[bot] Oct 29, 2024
6c8a9fe
build(deps): bump distroless/static-debian12 from `26f9b99` to `3a03f…
dependabot[bot] Oct 29, 2024
d02035f
build(deps): bump actions/setup-go from 5.0.2 to 5.1.0 (#3809)
dependabot[bot] Oct 31, 2024
8b93966
Support for IssuerAlias and groups as maps (#3676)
meldsza Oct 31, 2024
113751e
Fix trivydb TOOMANYREQUESTS error (#3819)
nabokihms Oct 31, 2024
9243dce
Update trivydb cache on the begging of each day (#3821)
nabokihms Oct 31, 2024
02e5088
build(deps): bump anchore/sbom-action from 0.17.5 to 0.17.6 (#3817)
dependabot[bot] Oct 31, 2024
fa3bfc1
build(deps): bump github.com/fsnotify/fsnotify from 1.7.0 to 1.8.0 (#…
dependabot[bot] Nov 1, 2024
6b4632c
chore: fix url for crowd connector in README.md (#3823)
diafour Nov 2, 2024
b211f55
Skip trivy db updates (#3829)
nabokihms Nov 6, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .github/ISSUE_TEMPLATE/config.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
blank_issues_enabled: false
contact_links:
- name: 📖 Documentation enhancement
url: https://github.com/dexidp/website/issues
about: Suggest an improvement to the documentation

- name: ❓ Ask a question
url: https://github.com/dexidp/dex/discussions/new?category=q-a
about: Ask and discuss questions with other Dex community members
Expand Down
12 changes: 0 additions & 12 deletions .github/PULL_REQUEST_TEMPLATE.md
Original file line number Diff line number Diff line change
Expand Up @@ -21,15 +21,3 @@ Thank you for sending a pull request! Here are some tips for contributors:
-->

#### Special notes for your reviewer

#### Does this PR introduce a user-facing change?

<!--
If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".
-->

```release-note

```
4 changes: 2 additions & 2 deletions .github/SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,10 @@ to confirm receipt of the issue.
## Review Process

Once a maintainer has confirmed the relevance of the report, a draft security
advisory will be created on Github. The draft advisory will be used to discuss
advisory will be created on GitHub. The draft advisory will be used to discuss
the issue with maintainers, the reporter(s).
If the reporter(s) wishes to participate in this discussion, then provide
reporter Github username(s) to be invited to the discussion. If the reporter(s)
reporter GitHub username(s) to be invited to the discussion. If the reporter(s)
does not wish to participate directly in the discussion, then the reporter(s)
can request to be updated regularly via email.

Expand Down
7 changes: 7 additions & 0 deletions .github/dependabot.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,13 @@ updates:
schedule:
interval: "daily"

- package-ecosystem: "gomod"
directory: "/examples"
labels:
- "area/dependencies"
schedule:
interval: "daily"

- package-ecosystem: "docker"
directory: "/"
labels:
Expand Down
47 changes: 47 additions & 0 deletions .github/workflows/analysis-scorecard.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
name: OpenSSF Scorecard

on:
branch_protection_rule:
push:
branches: [ main ]
schedule:
- cron: '30 0 * * 5'

permissions:
contents: read

jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest

permissions:
actions: read
contents: read
id-token: write
security-events: write

steps:
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
persist-credentials: false

- name: Run analysis
uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
with:
results_file: results.sarif
results_format: sarif
publish_results: true

- name: Upload results as artifact
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: OpenSSF Scorecard results
path: results.sarif
retention-days: 5

- name: Upload results to GitHub Security tab
uses: github/codeql-action/upload-sarif@8a470fddafa5cbb6266ee11b37ef4d8aae19c571 # v3.24.6
with:
sarif_file: results.sarif
184 changes: 142 additions & 42 deletions .github/workflows/artifacts.yaml
Original file line number Diff line number Diff line change
@@ -1,97 +1,197 @@
name: Artifacts

on:
push:
branches:
- master
tags:
- v[0-9]+.[0-9]+.[0-9]+
pull_request:
workflow_call:
inputs:
publish:
description: Publish artifacts to the artifact store
default: false
required: false
type: boolean
secrets:
DOCKER_USERNAME:
required: true
DOCKER_PASSWORD:
required: true
outputs:
container-image-name:
description: Container image name
value: ${{ jobs.container-image.outputs.name }}
container-image-digest:
description: Container image digest
value: ${{ jobs.container-image.outputs.digest }}
container-image-ref:
description: Container image ref
value: ${{ jobs.container-image.outputs.ref }}

permissions:
contents: read

jobs:
container-images:
name: Container images
container-image:
name: Container image
runs-on: ubuntu-latest

strategy:
matrix:
variant:
- alpine
- distroless

permissions:
contents: read
packages: write
id-token: write
security-events: write

outputs:
name: ${{ steps.image-name.outputs.value }}
digest: ${{ steps.build.outputs.digest }}
ref: ${{ steps.image-ref.outputs.value }}

steps:
- name: Checkout
uses: actions/checkout@v3
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

- name: Set up QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3.1.0

- name: Set up Syft
uses: anchore/sbom-action/download-syft@9fece9e20048ca9590af301449208b2b8861333b # v0.15.9

- name: Install cosign
uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
with:
cosign-release: 'v2.2.1'

- name: Gather metadata
- name: Set image name
id: image-name
run: echo "value=ghcr.io/${{ github.repository }}" >> "$GITHUB_OUTPUT"

- name: Gather build metadata
id: meta
uses: docker/metadata-action@v4
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
images: |
ghcr.io/dexidp/dex
${{ steps.image-name.outputs.value }}
dexidp/dex
flavor: |
latest = false
tags: |
type=ref,event=branch,enable=${{ matrix.variant == 'alpine' }}
type=ref,event=pr,enable=${{ matrix.variant == 'alpine' }}
type=ref,event=pr,prefix=pr-,enable=${{ matrix.variant == 'alpine' }}
type=semver,pattern={{raw}},enable=${{ matrix.variant == 'alpine' }}
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) && matrix.variant == 'alpine' }}
type=raw,value=latest,enable=${{ github.ref_name == github.event.repository.default_branch && matrix.variant == 'alpine' }}
type=ref,event=branch,suffix=-${{ matrix.variant }}
type=ref,event=pr,suffix=-${{ matrix.variant }}
type=ref,event=pr,prefix=pr-,suffix=-${{ matrix.variant }}
type=semver,pattern={{raw}},suffix=-${{ matrix.variant }}
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }},suffix=-${{ matrix.variant }}
type=raw,value=latest,enable={{is_default_branch}},suffix=-${{ matrix.variant }}
labels: |
org.opencontainers.image.documentation=https://dexidp.io/docs/

- name: Set up QEMU
uses: docker/setup-qemu-action@v2
# Multiple exporters are not supported yet
# See https://github.com/moby/buildkit/pull/2760
- name: Determine build output
uses: haya14busa/action-cond@94f77f7a80cd666cb3155084e428254fea4281fd # v1.2.1
id: build-output
with:
platforms: all

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
cond: ${{ inputs.publish }}
if_true: type=image,push=true
if_false: type=oci,dest=image.tar

- name: Login to GitHub Container Registry
uses: docker/login-action@v2
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
username: ${{ github.actor }}
password: ${{ github.token }}
if: github.event_name == 'push'
if: inputs.publish

- name: Login to Docker Hub
uses: docker/login-action@v2
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
if: github.event_name == 'push'
if: inputs.publish

- name: Build and push
uses: docker/build-push-action@v3
- name: Build and push image
id: build
uses: docker/build-push-action@af5a7ed5ba88268d5278f7203fb52cd833f66d6e # v5.2.0
with:
context: .
platforms: linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le
# cache-from: type=gha
# cache-to: type=gha,mode=max
push: ${{ github.event_name == 'push' }}
platforms: linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x
tags: ${{ steps.meta.outputs.tags }}
build-args: |
BASE_IMAGE=${{ matrix.variant }}
VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
COMMIT_HASH=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
BUILD_DATE=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
labels: ${{ steps.meta.outputs.labels }}
# cache-from: type=gha
# cache-to: type=gha,mode=max
outputs: ${{ steps.build-output.outputs.value }}
# push: ${{ inputs.publish }}

- name: Sign the images with GitHub OIDC Token
run: |
cosign sign --yes ${{ steps.image-name.outputs.value }}@${{ steps.build.outputs.digest }}
if: inputs.publish

- name: Set image ref
id: image-ref
run: echo "value=${{ steps.image-name.outputs.value }}@${{ steps.build.outputs.digest }}" >> "$GITHUB_OUTPUT"

- name: Fetch image
run: skopeo --insecure-policy copy docker://${{ steps.image-ref.outputs.value }} oci-archive:image.tar
if: inputs.publish

# Uncomment the following lines for debugging:
# - name: Upload image as artifact
# uses: actions/upload-artifact@v3
# with:
# name: "[${{ github.job }}] OCI tarball"
# path: image.tar

- name: Extract OCI tarball
run: |
mkdir -p image
tar -xf image.tar -C image

# - name: List tags
# run: skopeo --insecure-policy list-tags oci:image
#
# # See https://github.com/anchore/syft/issues/1545
# - name: Extract image from multi-arch image
# run: skopeo --override-os linux --override-arch amd64 --insecure-policy copy oci:image:${{ steps.image-name.outputs.value }}:${{ steps.meta.outputs.version }} docker-archive:docker.tar
#
# - name: Generate SBOM
# run: syft -o spdx-json=sbom-spdx.json docker-archive:docker.tar
#
# - name: Upload SBOM as artifact
# uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
# with:
# name: "[${{ github.job }}] SBOM"
# path: sbom-spdx.json
# retention-days: 5

- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@0.7.1
uses: aquasecurity/trivy-action@062f2592684a31eb3aa050cc61e7ca1451cecd3d # 0.18.0
with:
input: image
format: sarif
output: trivy-results.sarif

- name: Upload Trivy scan results as artifact
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
image-ref: "ghcr.io/dexidp/dex:${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}"
format: "sarif"
output: "trivy-results.sarif"
if: github.event_name == 'push'
name: "[${{ github.job }}] Trivy scan results"
path: trivy-results.sarif
retention-days: 5

- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
uses: github/codeql-action/upload-sarif@8a470fddafa5cbb6266ee11b37ef4d8aae19c571 # v3.24.6
with:
sarif_file: "trivy-results.sarif"
if: github.event_name == 'push'
sarif_file: trivy-results.sarif
5 changes: 4 additions & 1 deletion .github/workflows/checks.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,17 @@ on:
pull_request:
types: [opened, labeled, unlabeled, synchronize]

permissions:
contents: read

jobs:
release-label:
name: Release note label
runs-on: ubuntu-latest

steps:
- name: Check minimum labels
uses: mheap/github-action-required-labels@v2
uses: mheap/github-action-required-labels@80a96a4863886addcbc9f681b5b295ba7f5424e1 # v5.3.0
with:
mode: minimum
count: 1
Expand Down
Loading