self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-21 09:44:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
13747 commits 3228 branches 4169 tags 1.3 GiB
Commit graph

594 commits

Author SHA1 Message Date
Steven Martin 32a6e6a5d1
remove sentence fragment and link (#28367) 2023-06-29 17:16:25 +00:00
Alex Fornuto 18b84bdc53
Docs: Update Google Workspace SSO Guide (#28117) 
* Improved Google SSO Connector Documentation.

- Tweaked gworkspace-connector-inline.yaml to improve tokens.
- Tweaked gworkspace-connector.yaml to improve tokens.
- Improved verbiage around required scopes.
- Improved oAuth client URL so it scopes to cloud.

* Fix typo.

* update google workspace SSO guide

* remove 3080 from examples

* Update to prefer embedded JSON

* Update examples/resources/gworkspace-connector.yaml

Co-authored-by: Krzysztof Skrzętnicki <krzysztof.skrzetnicki@goteleport.com>

* standardize user vars

* formatting

* Apply suggestions from code review

Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>

* Update docs/pages/access-controls/sso/google-workspace.mdx

---------

Co-authored-by: Travis Swientek <tswientek@goteleport.com>
Co-authored-by: Krzysztof Skrzętnicki <krzysztof.skrzetnicki@goteleport.com>
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
 2023-06-29 15:51:12 +00:00
Tobiasz Heller 3df7896643
Fix flaky athena tests (#28283) 2023-06-28 14:32:01 +00:00
teleport-post-release-automation[bot] b7240b8bdb
[auto] Update AMI IDs for 13.1.5 (#28388) 
Co-authored-by: GitHub <noreply@github.com>
 2023-06-27 19:53:51 +00:00
Michael Wilson 46f8fbe0c8
k8s operator supports Okta import rules. (#28158) 
* k8s operator supports Okta import rules.

The k8s operator now supports Okta import rules, which will allow users to
use native k8s CRDs to provision Okta import rules in k8s environments.

* Fix helm test.

* Remove unneeded proto files.

* Use additionalProperties in the okta import rules CRD instead of properties.
 2023-06-27 14:16:53 +00:00
Nic Klaassen 9cec75f1db
feat: add support for label expressions to k8s operator (#28074) 
This is the result of running `make manifests` in integrations/operator
to update the CRDs with the latest role spec definition, which includes
label expressions.
 2023-06-22 16:25:58 +00:00
teleport-post-release-automation[bot] d356febf3c
[auto] Update AMI IDs for 13.1.2 (#28148) 
Co-authored-by: GitHub <noreply@github.com>
 2023-06-22 15:16:14 +00:00
Tobiasz Heller c5486d15a7
athena audit logs - add migration script (#27099) 2023-06-22 10:45:47 +00:00
Gus Luxton 2dd03761ca
helm: Use local auth server address in auth pod to prevent extra connections (#27871) 
* helm: Use local auth server address to prevent extra connections

* Update snapshots
 2023-06-16 23:25:46 +00:00
teleport-post-release-automation[bot] 4901bb3815
[auto] Update AMI IDs for 13.1.1 (#27870) 
Co-authored-by: GitHub <noreply@github.com>
 2023-06-15 21:49:55 +00:00
Hugo Shaka ad3038663f
helm: add hostAliases support (#27620) 
* helm: add hostAliases support

* docs: remove reference to a `custom` mode for agent
 2023-06-14 20:25:15 +00:00
Gus Luxton a9e4284255
helm: Add conditional RBAC/ServiceAccount to teleport-kube-agent post-delete hook (#27436) 
* helm: Add conditional RBAC/ServiceAccount to post-delete hook

* Add unit tests

* Remove unnecessary documentIndex

* Template service account name

* Additional fixes for service account name

* Add unit test for default case

* Order isn't important

* Fix documentIndex

* Remove blanket snapshots and tidy up documentIndex

* Clean up comments on documentIndex
 2023-06-08 17:40:33 +00:00
Yael Jay Perez a81210b5dc
Update to Readme for Teleport Usage (#24899) 
* Update to Readme for Teleport Usage

Cleaning up the Readme. Removing the prompt option as it is no longer an option. Also clarifying where to find the container image version. Lastly, reordered the docker command to be backwards compatible on Docker.

* Update examples/teleport-usage/README.md

Co-authored-by: Zac Bergquist <zac.bergquist@goteleport.com>

* Update examples/teleport-usage/README.md

Co-authored-by: Zac Bergquist <zac.bergquist@goteleport.com>

---------

Co-authored-by: Zac Bergquist <zac.bergquist@goteleport.com>
 2023-06-07 16:36:48 +00:00
Walt fa2b9dea69
Fix the default teleport-kube-agent upgrade server (#27504) 
updates.gravitational.io does not exist, but
`updates.releases.teleport.dev does, and is the correct endpoint.
 2023-06-07 15:29:03 +00:00
teleport-post-release-automation[bot] 7c66bb8e24
[auto] Update AMI IDs for 13.1.0 (#27440) 
Co-authored-by: GitHub <noreply@github.com>
 2023-06-06 14:56:23 +00:00
Forrest 2ec7490283
loadtesting automation improvements (#25366) 
* move existing loadtest assets

* new loadtest automation helpers

* ignore sourcing uncovered files
 2023-06-05 23:11:56 +00:00
teleport-post-release-automation[bot] 057f272a17
[auto] Update AMI IDs for 13.0.4 (#27210) 
Co-authored-by: GitHub <noreply@github.com>
 2023-06-01 16:16:58 +00:00
Mike Jensen a410acef01
Dependency updates for examples (#26947) 
* Bump golang.org/x/net in /examples/desktop-registration

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.5.0 to 0.7.0.
- [Commits](https://github.com/golang/net/compare/v0.5.0...v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/aws/aws-sdk-go in /examples/teleport-usage

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.224 to 1.44.269.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG_PENDING.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.224...v1.44.269)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump google.golang.org/grpc in /examples/service-discovery-api-client

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.53.0 to 1.55.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.53.0...v1.55.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/google/uuid from 1.1.2 to 1.3.0 in /examples/go-client

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.1.2 to 1.3.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Commits](https://github.com/google/uuid/compare/v1.1.2...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump google.golang.org/grpc in /examples/api-sync-roles

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.53.0 to 1.55.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.53.0...v1.55.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/stretchr/testify in /examples/teleport-usage

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.2...v1.8.3)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/docker/docker in /examples/service-discovery-api-client

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.6+incompatible to 24.0.1+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v23.0.6...v24.0.1)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump k8s.io/apimachinery in /examples/api-sync-roles

Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.26.3 to 0.27.2.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.26.3...v0.27.2)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump k8s.io/client-go from 0.26.3 to 0.27.2 in /examples/api-sync-roles

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.26.3 to 0.27.2.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.26.3...v0.27.2)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-30 22:26:10 +00:00
Noah Stride 33cc58da54
Switch to recommending identity file in terraform guide (#26995) 2023-05-26 20:45:34 +00:00
Brian Joerger dbb9a0443e
Remove workflows API example. (#26850) 2023-05-26 18:54:11 +00:00
Steven Martin 9333665340
update ui and config to refer to service as Teleport Service (#26654) 
* update to refer to service as Teleport Service

* update references to Teleport SSH Service to Teleport Service

* lint fix
 2023-05-26 13:24:00 +00:00
teleport-post-release-automation[bot] ef5d120a81
[auto] Update AMI IDs for 13.0.3 (#26985) 
Co-authored-by: GitHub <noreply@github.com>
 2023-05-26 01:03:04 +00:00
Gus Luxton a005cdeeec
helm: Fail to install if clusterName contains a colon (#26615) 
* helm: Fail install if clusterName contains a port

* Colons should not be allowed at all as they break public address templating
 2023-05-25 22:22:56 +00:00
Hugo Shaka 37aa916859
operator: ProvisionToken support (#18718) 
* crdgen: properly index nested types

* integrations/operator: Add ProvisionTokenV2 CRD

* integrations/operator: regenerate CRDs

* integrations/operator: Add provisiontoken controller

* helm: update snapshots to include provisiontoken crs
 2023-05-19 15:56:25 +00:00
teleport-post-release-automation[bot] 50343d3417
[auto] Update AMI IDs for 13.0.2 (#26483) 
Co-authored-by: GitHub <noreply@github.com>
 2023-05-17 21:46:16 +00:00
dependabot-batcher[bot] 15aba3c190
Batched Dependabot updates (#26209) 
* Bump github.com/docker/distribution

Bumps [github.com/docker/distribution](https://github.com/docker/distribution) from 2.8.1+incompatible to 2.8.2+incompatible.
- [Release notes](https://github.com/docker/distribution/releases)
- [Commits](https://github.com/docker/distribution/compare/v2.8.1...v2.8.2)

---
updated-dependencies:
- dependency-name: github.com/docker/distribution
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/docker/distribution in /integrations/kube-agent-updater

Bumps [github.com/docker/distribution](https://github.com/docker/distribution) from 2.8.1+incompatible to 2.8.2+incompatible.
- [Release notes](https://github.com/docker/distribution/releases)
- [Commits](https://github.com/docker/distribution/compare/v2.8.1...v2.8.2)

---
updated-dependencies:
- dependency-name: github.com/docker/distribution
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump golang.org/x/net from 0.9.0 to 0.10.0 in /api

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.9.0 to 0.10.0.
- [Commits](https://github.com/golang/net/compare/v0.9.0...v0.10.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump libc from 0.2.143 to 0.2.144

Bumps [libc](https://github.com/rust-lang/libc) from 0.2.143 to 0.2.144.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.143...0.2.144)

---
updated-dependencies:
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump rsa from 0.9.1 to 0.9.2

Bumps [rsa](https://github.com/RustCrypto/RSA) from 0.9.1 to 0.9.2.
- [Changelog](https://github.com/RustCrypto/RSA/blob/master/CHANGELOG.md)
- [Commits](https://github.com/RustCrypto/RSA/compare/v0.9.1...v0.9.2)

---
updated-dependencies:
- dependency-name: rsa
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/aws/aws-sdk-go-v2/service/sts from 1.18.11 to 1.19.0

Bumps [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) from 1.18.11 to 1.19.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.18.11...service/s3/v1.19.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump golang.org/x/sys from 0.7.0 to 0.8.0

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.7.0 to 0.8.0.
- [Commits](https://github.com/golang/sys/compare/v0.7.0...v0.8.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/aws/aws-sdk-go-v2/config from 1.18.23 to 1.18.25

Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.18.23 to 1.18.25.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.18.23...config/v1.18.25)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.5.0 to 1.6.0

Bumps [github.com/Azure/azure-sdk-for-go/sdk/azcore](https://github.com/Azure/azure-sdk-for-go) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md)
- [Commits](https://github.com/Azure/azure-sdk-for-go/compare/sdk/azcore/v1.5.0...sdk/azcore/v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azcore
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/aws/aws-sdk-go from 1.44.244 to 1.44.262

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.244 to 1.44.262.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.244...v1.44.262)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump google.golang.org/api from 0.118.0 to 0.122.0

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.118.0 to 0.122.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.118.0...v0.122.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump go.etcd.io/etcd/client/v3 from 3.5.8 to 3.5.9

Bumps [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd) from 3.5.8 to 3.5.9.
- [Release notes](https://github.com/etcd-io/etcd/releases)
- [Commits](https://github.com/etcd-io/etcd/compare/v3.5.8...v3.5.9)

---
updated-dependencies:
- dependency-name: go.etcd.io/etcd/client/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/beevik/etree from 1.1.0 to 1.2.0

Bumps [github.com/beevik/etree](https://github.com/beevik/etree) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/beevik/etree/releases)
- [Changelog](https://github.com/beevik/etree/blob/master/RELEASE_NOTES.md)
- [Commits](https://github.com/beevik/etree/compare/v1.1.0...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/beevik/etree
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump go.opentelemetry.io/otel/sdk from 1.14.0 to 1.15.1

Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.14.0 to 1.15.1.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.14.0...v1.15.1)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* go mod tidy

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot-batcher[bot] <122306277+dependabot-batcher[bot]@users.noreply.github.com>
Co-authored-by: Tim Ross <tim.ross@goteleport.com>
 2023-05-15 16:52:30 +00:00
Tiago Silva 5627c2aa2f
Fix Helm chart Join token secret creation (#26055) 
* Fix Helm chart Join token secret creation

Since #20763 was merged, we lost the ability of the chart reusing the
externally created secrets for join token.

This PR changes the logic and allows to control the secret creation
using the `joinTokenSecret.create` boolean and the secret name with
`joinTokenSecret.name`.

Fixes #20763

* Add changelog
 2023-05-12 21:39:36 +00:00
teleport-post-release-automation[bot] 630c1126dc
[auto] Update AMI IDs for 13.0.0 (#25869) 
Co-authored-by: GitHub <noreply@github.com>
 2023-05-09 19:19:43 +00:00
dependabot-batcher[bot] 7506a16ad0
Batched Dependabot updates (#25784) 
* Bump k8s.io/klog/v2 from 2.90.1 to 2.100.1

Bumps [k8s.io/klog/v2](https://github.com/kubernetes/klog) from 2.90.1 to 2.100.1.
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes/klog/compare/v2.90.1...v2.100.1)

---
updated-dependencies:
- dependency-name: k8s.io/klog/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/aws/aws-sdk-go-v2/service/sns from 1.20.8 to 1.20.10

Bumps [github.com/aws/aws-sdk-go-v2/service/sns](https://github.com/aws/aws-sdk-go-v2) from 1.20.8 to 1.20.10.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/emr/v1.20.8...service/emr/v1.20.10)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sns
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/aws/aws-sdk-go-v2/service/rds from 1.43.1 to 1.43.3

Bumps [github.com/aws/aws-sdk-go-v2/service/rds](https://github.com/aws/aws-sdk-go-v2) from 1.43.1 to 1.43.3.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/ec2/v1.43.1...service/rds/v1.43.3)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/rds
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/aws/aws-sdk-go-v2/service/athena from 1.25.2 to 1.26.1

Bumps [github.com/aws/aws-sdk-go-v2/service/athena](https://github.com/aws/aws-sdk-go-v2) from 1.25.2 to 1.26.1.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/fsx/v1.25.2...service/s3/v1.26.1)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/athena
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/moby/term

Bumps [github.com/moby/term](https://github.com/moby/term) from 0.0.0-20221128092401-c43b287e0e0f to 0.5.0.
- [Commits](https://github.com/moby/term/commits/v0.5.0)

---
updated-dependencies:
- dependency-name: github.com/moby/term
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/russellhaering/goxmldsig from 1.3.0 to 1.4.0

Bumps [github.com/russellhaering/goxmldsig](https://github.com/russellhaering/goxmldsig) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/russellhaering/goxmldsig/releases)
- [Commits](https://github.com/russellhaering/goxmldsig/compare/v1.3.0...v1.4.0)

---
updated-dependencies:
- dependency-name: github.com/russellhaering/goxmldsig
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump go.etcd.io/etcd/client/v3 from 3.5.7 to 3.5.8

Bumps [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd) from 3.5.7 to 3.5.8.
- [Release notes](https://github.com/etcd-io/etcd/releases)
- [Commits](https://github.com/etcd-io/etcd/compare/v3.5.7...v3.5.8)

---
updated-dependencies:
- dependency-name: go.etcd.io/etcd/client/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump google.golang.org/grpc from 1.54.0 to 1.55.0 in /api

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.54.0 to 1.55.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.54.0...v1.55.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump libc from 0.2.142 to 0.2.143

Bumps [libc](https://github.com/rust-lang/libc) from 0.2.142 to 0.2.143.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.142...0.2.143)

---
updated-dependencies:
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump rsa from 0.9.0 to 0.9.1

Bumps [rsa](https://github.com/RustCrypto/RSA) from 0.9.0 to 0.9.1.
- [Changelog](https://github.com/RustCrypto/RSA/blob/master/CHANGELOG.md)
- [Commits](https://github.com/RustCrypto/RSA/compare/v0.9.0...v0.9.1)

---
updated-dependencies:
- dependency-name: rsa
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/sigstore/rekor in /integrations/kube-agent-updater

Bumps [github.com/sigstore/rekor](https://github.com/sigstore/rekor) from 1.0.1 to 1.1.1.
- [Release notes](https://github.com/sigstore/rekor/releases)
- [Changelog](https://github.com/sigstore/rekor/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sigstore/rekor/compare/v1.0.1...v1.1.1)

---
updated-dependencies:
- dependency-name: github.com/sigstore/rekor
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* Tidy modules

* Bump github.com/docker/docker to v23.0.6+incompatible

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alan Parra <alan.parra@goteleport.com>
 2023-05-09 16:53:12 +00:00
Steven Martin 4494e1cec9
enable acl in single aws terraform s3 (#25847) 
* update single aws terraform s3

* terraform lint fix
 2023-05-08 20:19:22 +00:00
Hugo Shaka 2b0532b347
helm: warn about teleportVersionOverride and scratch risks (#25601) 2023-05-05 22:14:03 +00:00
teleport-post-release-automation[bot] e741c646fc
[auto] Update AMI IDs for 12.3.2 (#25674) 
Co-authored-by: GitHub <noreply@github.com>
 2023-05-05 01:47:09 +00:00
Steven Martin b40f915a85
Fix kube agent names (#25583) 2023-05-03 20:03:35 +00:00
teleport-post-release-automation[bot] 66c0a9b289
[auto] Update AMI IDs for 12.3.1 (#25532) 
Co-authored-by: GitHub <noreply@github.com>
 2023-05-03 15:15:37 +00:00
Hugo Shaka 6d92c7f935
helm: fix updater readiness port (#25323) 2023-04-28 19:30:52 +00:00
Hugo Shaka 2966623cd0
terraform: enable ACLs in the certs bucket (#25113) 2023-04-28 16:42:39 +00:00
Hugo Shaka 6d78efb4b0
helm: mount kube ca certs through projected volumes (#25034) 
* helm: mount kube ca certs through projected volumes

* fixup! helm: mount kube ca certs through projected volumes
 2023-04-24 19:43:05 +00:00
teleport-post-release-automation[bot] 0f183f9398
[auto] Update AMI IDs for 12.2.4 (#24903) 
Co-authored-by: GitHub <noreply@github.com>
 2023-04-20 16:54:41 +00:00
Hugo Shaka 68bf10d3d1
Fixes for teleport-kube-agent-updater (#24746) 
* integrations/updater: disable CGO to ensure static builds

* helm: fix updater selectors in `teleport-kube-agent`

* helm: fix updater flags

* helm: make the updater able to watch secrets, create events and acquire leases

* integrations/updater: add dummy healthz route

* integrations/updater: fix typo in DEBUG instructions

* helm: update test snapshots
 2023-04-20 13:17:03 +00:00
Steven Martin bebef91be8
docs: make consistent access request plugins helm configuration and instructions (#24654) 
* docs: make consistent helm configuration and instructions

* Language updates and identity file fix

* fix identity file refs

* label as Teleport Enterprise Cloud, not Teleport Cloud
 2023-04-18 19:26:51 +00:00
Roman Tkachenko 6c05c054e9
Bump dev version to 14 (#24704) 2023-04-18 06:49:34 +00:00
Hugo Shaka e1f3fb8e4d
helm: default to distroless images (#24706) 2023-04-18 01:08:44 +00:00
Hugo Shaka 90b627b445
helm: mount token through projected volumes when available (#20744) 
* helm: mount token through projected volumes when available

Mounting ServiceAccount tokens through projected volumes instead of the
regular automout allows to reduce the token TTL from 1 year to 1 hour
when the `BoundServiceAccountTokenVolume` feature gate is on.
This helps mitigating the impact of token exfiltration (even though the
token valid 1 year still got revoked on pod termination).

Kubernetes running version 1.20 and above must
support `TokenRequest/TokenRequestProjection` (GA in 1.20). This is the
capability required to mount tokens through projected volumes. While EKS
and GKE might have supported this earlier, kubeadm, kubespray, minikube
and AKS only turned the flag on in 1.20.

Kubernetes running version 1.22 and above must support
`BoundServiceAccountTokenVolume` (beta in 1.21, GA in 1.22). This is the
capability required to issue short-lived and pod-bound tokens.

* helm: mount auth token through projected volumes when available

* fix-templates
 2023-04-17 20:51:22 +00:00
Hugo Shaka 00f99f4788
[buddy] Reworked AWS launch_configuration to launch_templates (#24675) 
* Reworked AWS launch_configuration to launch_templates

* fixup! Reworked AWS launch_configuration to launch_templates

---------

Co-authored-by: Filip Van Houtryve <filip.van.houtryve@sentia.com>
 2023-04-17 17:40:25 +00:00
Nic Klaassen 03e361b6b3
docs: Login Rules Terraform docs (#23855) 2023-04-17 16:20:35 +00:00
Yael Jay Perez a35383ad2f
Add SSL Certificates to Usage Script (#24443) 
* Added SSL Certificate install

* Update examples/teleport-usage/Dockerfile

Co-authored-by: Russell Jones <russjones@users.noreply.github.com>

* Update examples/teleport-usage/Dockerfile

Co-authored-by: Russell Jones <russjones@users.noreply.github.com>

---------

Co-authored-by: Russell Jones <russjones@users.noreply.github.com>
 2023-04-14 20:40:29 +00:00
teleport-post-release-automation[bot] 9a0a8bae58
[auto] Update AMI IDs for 12.2.3 (#24587) 
Co-authored-by: GitHub <noreply@github.com>
 2023-04-14 03:40:30 +00:00
Hugo Shaka 7ee8b90d13
helm: fix teleport-kube-agent telemetry (#24471) 
* helm: fix `teleport-kube-agent` telemetry

* Update examples/chart/teleport-kube-agent/templates/deployment.yaml
 2023-04-13 17:03:39 +00:00
Hugo Shaka eb209f0698
kube-agent-updater fixes (#24468) 
* helm: set TELEPORT_EXT_UPGRADER when updater is enabled

* integrations/updater: exit when agent name or namespace is missing
 2023-04-12 19:53:20 +00:00
Logan Davis 6d4575affd
Update Teleport Usage README container image badge (#24421) 
This PR adds a Container Image badge to allow users to check out the latest published image for the teleport usages script.

CC: @yjperez
 2023-04-11 21:13:58 +00:00