mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 10:18:54 +00:00
c80132f3d510ef0bee2ec46452f2191eec790bda
3463 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Jamil
|
c80132f3d5 |
fix(docs): Fix Docsearch recordExtractors, sitemap, and cookie banner script load (#3512)
Fixes #1685 |
||
|
dependabot[bot]
|
d36b4da81d |
build(deps): Bump the google group in /terraform/environments/production with 2 updates (#3504)
Bumps the google group in /terraform/environments/production with 2 updates: [hashicorp/google](https://github.com/hashicorp/terraform-provider-google) and [hashicorp/google-beta](https://github.com/hashicorp/terraform-provider-google-beta). Updates `hashicorp/google` from 5.10.0 to 5.14.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/hashicorp/terraform-provider-google/releases">hashicorp/google's releases</a>.</em></p> <blockquote> <h2>v5.14.0</h2> <p>FEATURES:</p> <ul> <li><strong>New Resource:</strong> <code>google_discovery_engine_data_store</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17084">#17084</a>)</li> <li><strong>New Resource:</strong> <code>google_securityposture_posture_deployment</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17085">#17085</a>)</li> <li><strong>New Resource:</strong> <code>google_securityposture_posture</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17079">#17079</a>)</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>artifactregistry: promoted <code>cleanup_policies</code> and <code>cleanup_policy_dry_run</code> fields to GA for <code>google_artifactregistry_repository</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17074">#17074</a>)</li> <li>composer: added <code>data_retention_config</code> field to <code>google_composer_environment</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17050">#17050</a>)</li> <li>logging: updated the <code>google_logging_project_bucket_config</code> resource to be created using the asynchronous create method (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17067">#17067</a>)</li> <li>pubsub: added <code>use_table_schema</code> field to <code>google_pubsub_subscription</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17054">#17054</a>)</li> <li>workflows: added <code>call_log_level</code> field to <code>google_workflows_workflow</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17051">#17051</a>)</li> </ul> <p>BUG FIXES:</p> <ul> <li>cloudfunctions2: fixed permadiff when <code>build_config.docker_repository</code> field is not specified on <code>google_cloudfunctions2_function</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17072">#17072</a>)</li> <li>compute: fixed error when <code>iap</code> field is unset for <code>google_compute_region_backend_service</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17071">#17071</a>)</li> <li>eventarc: fixed error when setting <code>destination.cloud_function</code> field on <code>google_eventarc_trigger</code> resource by making it output-only (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17052">#17052</a>)</li> </ul> <h2>v5.13.0</h2> <p>NOTES:</p> <ul> <li>cloudbuildv2: changed underlying actuation engine for <code>google_cloudbuildv2_repository</code>, there should be no user-facing impact (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16969">#16969</a>)</li> <li>provider: added support for in-place update for <code>labels</code> and <code>terraform_labels</code> fields in immutable resources (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17016">#17016</a>)</li> </ul> <p>FEATURES:</p> <ul> <li><strong>New Resource:</strong> <code>google_netapp_backup_policy</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16962">#16962</a>)</li> <li><strong>New Resource:</strong> <code>google_netapp_volume</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16990">#16990</a>)</li> <li><strong>New Resource:</strong> <code>google_network_security_address_group_iam_*</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17013">#17013</a>)</li> <li><strong>New Resource:</strong> <code>google_vertex_ai_feature_group_feature</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17015">#17015</a>)</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>alloydb: allowed <code>database_version</code> as an input on <code>google_alloydb_cluster</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16967">#16967</a>)</li> <li>bigquery: added <code>spark_options</code> field to <code>google_bigquery_routine</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17028">#17028</a>)</li> <li>cloudrunv2: added <code>nfs</code> and <code>gcs</code> fields to <code>google_cloud_run_v2_service.template.volumes</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16972">#16972</a>)</li> <li>cloudrunv2: added <code>tcp_socket</code> field to <code>google_cloud_run_v2.template.containers.liveness_probe</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16972">#16972</a>)</li> <li>compute: added <code>enable_confidential_compute</code> field to <code>google_compute_instance.boot_disk.initialize_params</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16968">#16968</a>)</li> <li>compute: added <code>enable_confidential_compute</code> field to <code>google_compute_disk</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16968">#16968</a>)</li> <li>gkehub2: added <code>clusterupgrade</code> field to <code>google_gke_hub_feature</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16951">#16951</a>)</li> <li>notebooks: allowed <code>machine_type</code> and <code>accelerator_config</code> to be updatable on <code>google_notebooks_runtime</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16993">#16993</a>)</li> </ul> <p>BUG FIXES:</p> <ul> <li>compute: fixed the bug that <code>max_ttl</code> is sent in API calls even it is removed from configuration when changing cache_mode to FORCE_CACHE_ALL in <code>google_compute_backend_bucket</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16976">#16976</a>)</li> <li>networkservices: fixed a perma-diff on <code>addresses</code> field in <code>google_network_services_gateway</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17035">#17035</a>)</li> <li>provider: fixed <code>universe_domain</code> behavior to correctly throw an error when explicitly configured <code>universe_domain</code> values did not match credentials assumed to be in the default universe (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17014">#17014</a>)</li> <li>spanner: fixed error when adding <code>autoscaling_config</code> to an existing <code>google_spanner_instance</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17033">#17033</a>)</li> </ul> <h2>v5.12.0</h2> <p>FEATURES:</p> <ul> <li><strong>New Data Source:</strong> <code>google_dns_managed_zones</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16949">#16949</a>)</li> <li><strong>New Data Source:</strong> <code>google_filestore_instance</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16931">#16931</a>)</li> <li><strong>New Data Source:</strong> <code>google_vmwareengine_external_access_rule</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16912">#16912</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/hashicorp/terraform-provider-google/blob/main/CHANGELOG.md">hashicorp/google's changelog</a>.</em></p> <blockquote> <h2>5.14.0 (Unreleased)</h2> <h2>5.13.0 (Jan 22, 2024)</h2> <p>NOTES:</p> <ul> <li>cloudbuildv2: changed underlying actuation engine for <code>google_cloudbuildv2_repository</code>, there should be no user-facing impact (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16969">#16969</a>)</li> <li>provider: added support for in-place update for <code>labels</code> and <code>terraform_labels</code> fields in immutable resources (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17016">#17016</a>)</li> </ul> <p>FEATURES:</p> <ul> <li><strong>New Resource:</strong> <code>google_netapp_backup_policy</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16962">#16962</a>)</li> <li><strong>New Resource:</strong> <code>google_netapp_volume</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16990">#16990</a>)</li> <li><strong>New Resource:</strong> <code>google_network_security_address_group_iam_*</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17013">#17013</a>)</li> <li><strong>New Resource:</strong> <code>google_vertex_ai_feature_group_feature</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17015">#17015</a>)</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>alloydb: allowed <code>database_version</code> as an input on <code>google_alloydb_cluster</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16967">#16967</a>)</li> <li>bigquery: added <code>spark_options</code> field to <code>google_bigquery_routine</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17028">#17028</a>)</li> <li>cloudrunv2: added <code>nfs</code> and <code>gcs</code> fields to <code>google_cloud_run_v2_service.template.volumes</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16972">#16972</a>)</li> <li>cloudrunv2: added <code>tcp_socket</code> field to <code>google_cloud_run_v2.template.containers.liveness_probe</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16972">#16972</a>)</li> <li>compute: added <code>enable_confidential_compute</code> field to <code>google_compute_instance.boot_disk.initialize_params</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16968">#16968</a>)</li> <li>compute: added <code>enable_confidential_compute</code> field to <code>google_compute_disk</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16968">#16968</a>)</li> <li>gkehub2: added <code>clusterupgrade</code> field to <code>google_gke_hub_feature</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16951">#16951</a>)</li> <li>notebooks: allowed <code>machine_type</code> and <code>accelerator_config</code> to be updatable on <code>google_notebooks_runtime</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16993">#16993</a>)</li> </ul> <p>BUG FIXES:</p> <ul> <li>compute: fixed the bug that <code>max_ttl</code> is sent in API calls even it is removed from configuration when changing cache_mode to FORCE_CACHE_ALL in <code>google_compute_backend_bucket</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16976">#16976</a>)</li> <li>networkservices: fixed a perma-diff on <code>addresses</code> field in <code>google_network_services_gateway</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17035">#17035</a>)</li> <li>provider: fixed <code>universe_domain</code> behavior to correctly throw an error when explicitly configured <code>universe_domain</code> values did not match credentials assumed to be in the default universe (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17014">#17014</a>)</li> <li>spanner: fixed error when adding <code>autoscaling_config</code> to an existing <code>google_spanner_instance</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17033">#17033</a>)</li> </ul> <h2>5.12.0 (Jan 16, 2024)</h2> <p>FEATURES:</p> <ul> <li><strong>New Data Source:</strong> <code>google_dns_managed_zones</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16949">#16949</a>)</li> <li><strong>New Data Source:</strong> <code>google_filestore_instance</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16931">#16931</a>)</li> <li><strong>New Data Source:</strong> <code>google_vmwareengine_external_access_rule</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16912">#16912</a>)</li> <li><strong>New Resource:</strong> <code>google_clouddomains_registration</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16947">#16947</a>)</li> <li><strong>New Resource:</strong> <code>google_netapp_kmsconfig</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16945">#16945</a>)</li> <li><strong>New Resource:</strong> <code>google_vertex_ai_feature_online_store_featureview</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16930">#16930</a>)</li> <li><strong>New Resource:</strong> <code>google_vmwareengine_external_access_rule</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16912">#16912</a>)</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>compute: added <code>md5_authentication_key</code> field to <code>google_compute_router_peer</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16923">#16923</a>)</li> <li>compute: added in-place update support to <code>params.resource_manager_tags</code> field in <code>google_compute_instance</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16942">#16942</a>)</li> <li>compute: added in-place update support to <code>description</code> field in <code>google_compute_instance</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16900">#16900</a>)</li> <li>gkehub: added <code>policycontroller</code> field to <code>google_gke_hub_feature_membership</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16916">#16916</a>)</li> <li>gkehub2: added <code>clusterupgrade</code> field to <code>google_gke_hub_feature</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16951">#16951</a>)</li> <li>gkeonprem: added in-place update support to <code>vsphere_config</code> field and added <code>host_groups</code> field in <code>google_gkeonprem_vmware_node_pool</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16896">#16896</a>)</li> <li>iam: added <code>create_ignore_already_exists</code> field to <code>google_service_account</code> resource. If <code>ignore_create_already_exists</code> is set to true, resource creation would succeed when response error is 409 <code>ALREADY_EXISTS</code>. (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16927">#16927</a>)</li> <li>servicenetworking: added field <code>deletion_policy</code> to <code>google_service_networking_connection</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16944">#16944</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
51a05a205d |
build(deps): Bump the google group in /terraform/environments/staging with 2 updates (#3510)
Bumps the google group in /terraform/environments/staging with 2 updates: [hashicorp/google](https://github.com/hashicorp/terraform-provider-google) and [hashicorp/google-beta](https://github.com/hashicorp/terraform-provider-google-beta). Updates `hashicorp/google` from 5.10.0 to 5.14.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/hashicorp/terraform-provider-google/releases">hashicorp/google's releases</a>.</em></p> <blockquote> <h2>v5.14.0</h2> <p>FEATURES:</p> <ul> <li><strong>New Resource:</strong> <code>google_discovery_engine_data_store</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17084">#17084</a>)</li> <li><strong>New Resource:</strong> <code>google_securityposture_posture_deployment</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17085">#17085</a>)</li> <li><strong>New Resource:</strong> <code>google_securityposture_posture</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17079">#17079</a>)</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>artifactregistry: promoted <code>cleanup_policies</code> and <code>cleanup_policy_dry_run</code> fields to GA for <code>google_artifactregistry_repository</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17074">#17074</a>)</li> <li>composer: added <code>data_retention_config</code> field to <code>google_composer_environment</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17050">#17050</a>)</li> <li>logging: updated the <code>google_logging_project_bucket_config</code> resource to be created using the asynchronous create method (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17067">#17067</a>)</li> <li>pubsub: added <code>use_table_schema</code> field to <code>google_pubsub_subscription</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17054">#17054</a>)</li> <li>workflows: added <code>call_log_level</code> field to <code>google_workflows_workflow</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17051">#17051</a>)</li> </ul> <p>BUG FIXES:</p> <ul> <li>cloudfunctions2: fixed permadiff when <code>build_config.docker_repository</code> field is not specified on <code>google_cloudfunctions2_function</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17072">#17072</a>)</li> <li>compute: fixed error when <code>iap</code> field is unset for <code>google_compute_region_backend_service</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17071">#17071</a>)</li> <li>eventarc: fixed error when setting <code>destination.cloud_function</code> field on <code>google_eventarc_trigger</code> resource by making it output-only (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17052">#17052</a>)</li> </ul> <h2>v5.13.0</h2> <p>NOTES:</p> <ul> <li>cloudbuildv2: changed underlying actuation engine for <code>google_cloudbuildv2_repository</code>, there should be no user-facing impact (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16969">#16969</a>)</li> <li>provider: added support for in-place update for <code>labels</code> and <code>terraform_labels</code> fields in immutable resources (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17016">#17016</a>)</li> </ul> <p>FEATURES:</p> <ul> <li><strong>New Resource:</strong> <code>google_netapp_backup_policy</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16962">#16962</a>)</li> <li><strong>New Resource:</strong> <code>google_netapp_volume</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16990">#16990</a>)</li> <li><strong>New Resource:</strong> <code>google_network_security_address_group_iam_*</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17013">#17013</a>)</li> <li><strong>New Resource:</strong> <code>google_vertex_ai_feature_group_feature</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17015">#17015</a>)</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>alloydb: allowed <code>database_version</code> as an input on <code>google_alloydb_cluster</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16967">#16967</a>)</li> <li>bigquery: added <code>spark_options</code> field to <code>google_bigquery_routine</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17028">#17028</a>)</li> <li>cloudrunv2: added <code>nfs</code> and <code>gcs</code> fields to <code>google_cloud_run_v2_service.template.volumes</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16972">#16972</a>)</li> <li>cloudrunv2: added <code>tcp_socket</code> field to <code>google_cloud_run_v2.template.containers.liveness_probe</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16972">#16972</a>)</li> <li>compute: added <code>enable_confidential_compute</code> field to <code>google_compute_instance.boot_disk.initialize_params</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16968">#16968</a>)</li> <li>compute: added <code>enable_confidential_compute</code> field to <code>google_compute_disk</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16968">#16968</a>)</li> <li>gkehub2: added <code>clusterupgrade</code> field to <code>google_gke_hub_feature</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16951">#16951</a>)</li> <li>notebooks: allowed <code>machine_type</code> and <code>accelerator_config</code> to be updatable on <code>google_notebooks_runtime</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16993">#16993</a>)</li> </ul> <p>BUG FIXES:</p> <ul> <li>compute: fixed the bug that <code>max_ttl</code> is sent in API calls even it is removed from configuration when changing cache_mode to FORCE_CACHE_ALL in <code>google_compute_backend_bucket</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16976">#16976</a>)</li> <li>networkservices: fixed a perma-diff on <code>addresses</code> field in <code>google_network_services_gateway</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17035">#17035</a>)</li> <li>provider: fixed <code>universe_domain</code> behavior to correctly throw an error when explicitly configured <code>universe_domain</code> values did not match credentials assumed to be in the default universe (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17014">#17014</a>)</li> <li>spanner: fixed error when adding <code>autoscaling_config</code> to an existing <code>google_spanner_instance</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17033">#17033</a>)</li> </ul> <h2>v5.12.0</h2> <p>FEATURES:</p> <ul> <li><strong>New Data Source:</strong> <code>google_dns_managed_zones</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16949">#16949</a>)</li> <li><strong>New Data Source:</strong> <code>google_filestore_instance</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16931">#16931</a>)</li> <li><strong>New Data Source:</strong> <code>google_vmwareengine_external_access_rule</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16912">#16912</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/hashicorp/terraform-provider-google/blob/main/CHANGELOG.md">hashicorp/google's changelog</a>.</em></p> <blockquote> <h2>5.14.0 (Unreleased)</h2> <h2>5.13.0 (Jan 22, 2024)</h2> <p>NOTES:</p> <ul> <li>cloudbuildv2: changed underlying actuation engine for <code>google_cloudbuildv2_repository</code>, there should be no user-facing impact (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16969">#16969</a>)</li> <li>provider: added support for in-place update for <code>labels</code> and <code>terraform_labels</code> fields in immutable resources (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17016">#17016</a>)</li> </ul> <p>FEATURES:</p> <ul> <li><strong>New Resource:</strong> <code>google_netapp_backup_policy</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16962">#16962</a>)</li> <li><strong>New Resource:</strong> <code>google_netapp_volume</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16990">#16990</a>)</li> <li><strong>New Resource:</strong> <code>google_network_security_address_group_iam_*</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17013">#17013</a>)</li> <li><strong>New Resource:</strong> <code>google_vertex_ai_feature_group_feature</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17015">#17015</a>)</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>alloydb: allowed <code>database_version</code> as an input on <code>google_alloydb_cluster</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16967">#16967</a>)</li> <li>bigquery: added <code>spark_options</code> field to <code>google_bigquery_routine</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17028">#17028</a>)</li> <li>cloudrunv2: added <code>nfs</code> and <code>gcs</code> fields to <code>google_cloud_run_v2_service.template.volumes</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16972">#16972</a>)</li> <li>cloudrunv2: added <code>tcp_socket</code> field to <code>google_cloud_run_v2.template.containers.liveness_probe</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16972">#16972</a>)</li> <li>compute: added <code>enable_confidential_compute</code> field to <code>google_compute_instance.boot_disk.initialize_params</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16968">#16968</a>)</li> <li>compute: added <code>enable_confidential_compute</code> field to <code>google_compute_disk</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16968">#16968</a>)</li> <li>gkehub2: added <code>clusterupgrade</code> field to <code>google_gke_hub_feature</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16951">#16951</a>)</li> <li>notebooks: allowed <code>machine_type</code> and <code>accelerator_config</code> to be updatable on <code>google_notebooks_runtime</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16993">#16993</a>)</li> </ul> <p>BUG FIXES:</p> <ul> <li>compute: fixed the bug that <code>max_ttl</code> is sent in API calls even it is removed from configuration when changing cache_mode to FORCE_CACHE_ALL in <code>google_compute_backend_bucket</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16976">#16976</a>)</li> <li>networkservices: fixed a perma-diff on <code>addresses</code> field in <code>google_network_services_gateway</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17035">#17035</a>)</li> <li>provider: fixed <code>universe_domain</code> behavior to correctly throw an error when explicitly configured <code>universe_domain</code> values did not match credentials assumed to be in the default universe (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17014">#17014</a>)</li> <li>spanner: fixed error when adding <code>autoscaling_config</code> to an existing <code>google_spanner_instance</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/17033">#17033</a>)</li> </ul> <h2>5.12.0 (Jan 16, 2024)</h2> <p>FEATURES:</p> <ul> <li><strong>New Data Source:</strong> <code>google_dns_managed_zones</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16949">#16949</a>)</li> <li><strong>New Data Source:</strong> <code>google_filestore_instance</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16931">#16931</a>)</li> <li><strong>New Data Source:</strong> <code>google_vmwareengine_external_access_rule</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16912">#16912</a>)</li> <li><strong>New Resource:</strong> <code>google_clouddomains_registration</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16947">#16947</a>)</li> <li><strong>New Resource:</strong> <code>google_netapp_kmsconfig</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16945">#16945</a>)</li> <li><strong>New Resource:</strong> <code>google_vertex_ai_feature_online_store_featureview</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16930">#16930</a>)</li> <li><strong>New Resource:</strong> <code>google_vmwareengine_external_access_rule</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16912">#16912</a>)</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>compute: added <code>md5_authentication_key</code> field to <code>google_compute_router_peer</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16923">#16923</a>)</li> <li>compute: added in-place update support to <code>params.resource_manager_tags</code> field in <code>google_compute_instance</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16942">#16942</a>)</li> <li>compute: added in-place update support to <code>description</code> field in <code>google_compute_instance</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16900">#16900</a>)</li> <li>gkehub: added <code>policycontroller</code> field to <code>google_gke_hub_feature_membership</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16916">#16916</a>)</li> <li>gkehub2: added <code>clusterupgrade</code> field to <code>google_gke_hub_feature</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16951">#16951</a>)</li> <li>gkeonprem: added in-place update support to <code>vsphere_config</code> field and added <code>host_groups</code> field in <code>google_gkeonprem_vmware_node_pool</code> resource (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16896">#16896</a>)</li> <li>iam: added <code>create_ignore_already_exists</code> field to <code>google_service_account</code> resource. If <code>ignore_create_already_exists</code> is set to true, resource creation would succeed when response error is 409 <code>ALREADY_EXISTS</code>. (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16927">#16927</a>)</li> <li>servicenetworking: added field <code>deletion_policy</code> to <code>google_service_networking_connection</code> (<a href="https://redirect.github.com/hashicorp/terraform-provider-google/pull/16944">#16944</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Andrew Dryga
|
a211f96109 |
feat(portal): Broadcast state changes to connected clients and gateways (#2240)
# Gateways - [x] When Gateway Group is deleted all gateways should be disconnected - [x] When Gateway Group is updated (eg. routing) broadcast to all affected gateway to disconnect all the clients - [x] When Gateway is deleted it should be disconnected - [x] When Gateway Token is revoked all gateways that use it should be disconnected # Relays - [x] When Relay Group is deleted all relays should be disconnected - [x] When Relay is deleted it should be disconnected - [x] When Relay Token is revoked all gateways that use it should be disconnected # Clients - [x] Remove Delete Client button, show clients using the token on the Actors page (#2669) - [x] When client is deleted disconnect it - [ ] ~When Gateway is offline broadcast to the Clients connected to it it's status~ - [x] Persist `last_used_token_id` in Clients and show it in tokens UI # Resources - [x] When Resource is deleted it should be removed from all gateways and clients - [x] When Resource connection is removed it should be deleted from removed gateway groups - [x] When Resource is updated (eg. traffic filters) all it's authorizations should removed # Authentication - [x] When Token is deleted related sessions are terminated - [x] When an Actor is deleted or disabled it should be disconnected from browser and client - [x] When Identity is deleted it's sessions should be disconnected from browser and client - [x] ^ Ensure the same happens for identities during IdP sync - [x] When IdP is disabled act like all actors for it are disabled? - [x] When IdP is deleted act like all actors for it are deleted? # Authorization - [x] When Policy is created clients that gain access to a resource should get an update - [x] When Policy is deleted we need to all authorizations it's made - [x] When Policy is disabled we need to all authorizations it's made - [x] When Actor Group adds or removes a user, related policies should be re-evaluated - [x] ^ Ensure the same happens for identities during IdP sync # Settings - [x] Re-send init message to Client when DNS settings change # Code - [x] Crear way to see all available topics and messages, do not use binary topics any more --------- Co-authored-by: conectado <gabrielalejandro7@gmail.com> |
||
|
Jamil
|
717198e95b | fix(android): Fix typo from refactor (#3511) | ||
|
Jamil
|
48e94a4a38 | chore(ci): Update dependabot android groups (#3501) | ||
|
Jamil
|
6d9260b363 |
refactor(website): Add punchier website headline (#3473)
Had some feedback from a couple folks that it wasn't clear what Firezone was. How could they. |
||
|
dependabot[bot]
|
0cc8243b64 |
build(deps): Bump tailwindcss from 3.4.0 to 3.4.1 in /website (#3490)
Bumps [tailwindcss](https://github.com/tailwindlabs/tailwindcss) from 3.4.0 to 3.4.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/tailwindcss/releases">tailwindcss's releases</a>.</em></p> <blockquote> <h2>v3.4.1</h2> <h3>Fixed</h3> <ul> <li>Don't remove keyframe stops when using important utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/12639">#12639</a>)</li> <li>Don't add spaces to gradients and grid track names when followed by <code>calc()</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/12704">#12704</a>)</li> <li>Restore old behavior for <code>class</code> dark mode strategy (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/12717">#12717</a>)</li> </ul> <h3>Added</h3> <ul> <li>Add new <code>selector</code> and <code>variant</code> strategies for dark mode (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/12717">#12717</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Support <code>rtl</code> and <code>ltr</code> variants on same element as <code>dir</code> attribute (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/12717">#12717</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/tailwindcss/blob/master/CHANGELOG.md">tailwindcss's changelog</a>.</em></p> <blockquote> <h2>[3.4.1] - 2024-01-05</h2> <h3>Fixed</h3> <ul> <li>Don't remove keyframe stops when using important utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/12639">#12639</a>)</li> <li>Don't add spaces to gradients and grid track names when followed by <code>calc()</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/12704">#12704</a>)</li> <li>Restore old behavior for <code>class</code> dark mode strategy (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/12717">#12717</a>)</li> </ul> <h3>Added</h3> <ul> <li>Add new <code>selector</code> and <code>variant</code> strategies for dark mode (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/12717">#12717</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Support <code>rtl</code> and <code>ltr</code> variants on same element as <code>dir</code> attribute (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/12717">#12717</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
5600e3ef9c |
build(deps): Bump gradle/gradle-build-action from 2 to 3 (#3480)
Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action) from 2 to 3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gradle/gradle-build-action/releases">gradle/gradle-build-action's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <p>This is the first release of <code>gradle/gradle-build-action</code> available with the <code>v3</code> version tag.</p> <blockquote> <p>[!IMPORTANT] As of <code>v3</code> this action has been superceded by <code>gradle/actions/setup-gradle</code>. Any workflow that uses <code>gradle/gradle-build-action@v3</code> will transparently delegate to <code>gradle/actions/setup-gradle@v3</code>.</p> <p>Users are encouraged to update their workflows, replacing:</p> <pre><code>uses: gradle/gradle-build-action@v3 </code></pre> <p>with</p> <pre><code>uses: gradle/actions/setup-gradle@v3 </code></pre> <p>See the <a href="https://github.com/gradle/actions/tree/main/setup-gradle">setup-gradle documentation</a> for up-to-date documentation for <code>gradle/actions/setup-gradle</code>.</p> </blockquote> <h2>Changes from <code>gradle-build-action@v2</code></h2> <p>This release brings some useful and much requested features, including:</p> <ul> <li>save and restore the Gradle configuration-cache data</li> <li>add the Job summary content as a PR comment</li> <li>easily publish Build Scans® to the free <a href="https://scans.gradle.com">Gradle Build Scan service</a></li> <li>compatibility with Node 20</li> </ul> <p>The only major breaking change from <code>gradle-build-action@v2.12.0</code> is the update to require a Node 20 runtime environment. Aside from that change, this release should generally serve as a drop-in replacement for <code>gradle-build-action@v2</code>.</p> <h3>Changelog</h3> <ul> <li>[NEW] - Run with NodeJs 20.x (<a href="https://redirect.github.com/gradle/gradle-build-action/issues/946">gradle/gradle-build-action#946</a>)</li> <li>[NEW] - Support for save & restore of configuration-cache data (<a href="https://redirect.github.com/gradle/gradle-build-action/issues/966">gradle/gradle-build-action#966</a>)</li> <li>[NEW] - Support for automatic adding PR comment with Job Summary content (<a href="https://redirect.github.com/gradle/gradle-build-action/issues/1020">gradle/gradle-build-action#1020</a>)</li> <li>[NEW] - Make it easy to publish a Build Scan® to <a href="https://scans.gradle.com">https://scans.gradle.com</a> (<a href="https://redirect.github.com/gradle/gradle-build-action/issues/1044">gradle/gradle-build-action#1044</a>)</li> <li>[NEW] - Added <code>dependency-graph-continue-on-failure</code> input, which can be set to <code>false</code> to force the Job to fail when dependency graph submission fails (<a href="https://redirect.github.com/gradle/gradle-build-action/issues/1036">gradle/gradle-build-action#1036</a>). Failure modes include: <ul> <li>Fail build step if version of Gradle being executed is not supported for dependency-graph generation (<a href="https://redirect.github.com/gradle/gradle-build-action/issues/1034">gradle/gradle-build-action#1034</a>)</li> <li>Fail job if permissions are insufficient to submit dependency graph via Dependency Submission API (<a href="https://redirect.github.com/gradle/gradle-build-action/issues/997">gradle/gradle-build-action#997</a>)</li> </ul> </li> <li>[NEW] - Add <code>dependency-graph: clear</code> option to clear any dependency-graph previously submitted by the job</li> <li>[FIX] Allow cache entries to be reused by jobs with the same ID in different workflows (<a href="https://redirect.github.com/gradle/gradle-build-action/issues/1017">gradle/gradle-build-action#1017</a>) <ul> <li>Workflow name remains part of the cache key, but cache entries generated by the same job id in a different workflow may be restored</li> </ul> </li> <li>[FIX] Register pre-installed JDKs in Maven toolchains.xml file (<a href="https://redirect.github.com/gradle/gradle-build-action/issues/1024">gradle/gradle-build-action#1024</a>) <ul> <li>This allows pre-installed JDKs to be auto-detected by Gradle Toolchain support on Windows</li> </ul> </li> <li>[FIX] - Update the Gradle Enterprise injection configuration for product rename to Develocity (<a href="https://redirect.github.com/gradle/gradle-build-action/issues/995">gradle/gradle-build-action#995</a>)</li> <li>[FIX] - Avoid submitting an empty dependency graph when state is loaded from configuration-cache</li> <li>[FIX] - Update to <code>GitHub Dependency Graph Gradle Plugin</code> <a href="https://github.com/gradle/github-dependency-graph-gradle-plugin/releases/tag/v1.2.0">v1.2.0</a></li> <li>[DEPRECATION] - Deprecation of the arguments parameter (<a href="https://redirect.github.com/gradle/gradle-build-action/issues/996">gradle/gradle-build-action#996</a>)</li> <li>[BREAKING CHANGE] - Remove the <code>gradle-executable</code> input parameter. Use a separate workflow Step to execute a Gradle from a custom location.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
71afc6d9ff |
fix(snownet): don't try to allocate a new channel if we already have one (#3476)
Currently, we always try to allocate a channel when the user calls `bind_channel`. This is a problem if we try to re-connect to a peer. The channel binding will still be active so `bind_channel` needs to be a no-op. Resolves: #3475. |
||
|
Thomas Eizinger
|
49ceb8ae83 |
fix(snownet): don't use unbound channels for relaying (#3474)
Currently, the `bound` flag is not considered when attempting to relay data. This isn't actively harmful because the relay will drop them but it causes warnings in the logs. This PR adds a check to make sure we only try to relay data via channels that are bound. Additionally, we now handle failed channel bind requests by clearing the local state. |
||
|
Thomas Eizinger
|
84b3ac50ca |
fix(relay): correctly separate channel state for different peers (#3472)
Currently, there is a bug in the relay where the channel state of different peers overlaps because the data isn't indexed correctly by both peers and clients. This PR fixes this, introduces more debug assertions (this bug was caught by one) and also adds some new-type wrappers to avoid conflating peers with clients. |
||
|
Reactor Scram
|
a5a6d81eb1 |
refactor(windows): change some anyhow errors into thiserror errors (#3461)
This is part of handling the WebView-not-installed error, #3451 |
||
|
Reactor Scram
|
33a95932dc |
ci(windows): hide bare Windows exe from releases page (#3471)
The MSI is needed to install WebView2, otherwise the exe will crash, per #3451 . We don't have any manual way to install WebView2, and the MSI also makes sure the exe goes into Program Files as it should, so I don't think users will need the bare exe. It'll still be produced in CI runs for devs / superusers to look at if they really need. |
||
|
Reactor Scram
|
e35dd53649 |
ci(windows): Upload Windows debug symbols (#3467)
Closes #3450 I was able to get stacktraces from a crash generated inside my VM. It picked out the correct line in gui.rs where the crash was triggered.   |
||
|
Reactor Scram
|
e2efd725e3 |
feat(firezone-tunnel): sort resources alphabetically (#3465)
Closes #3217. I just now noticed that one was assigned to me  The sorting is naive, just sorts the UTF-8 encoded bytes, so lowercase resources come after all uppercase resources, and it's probably very wrong for anything outside Latin-1 and English locale. If the names are identical, resource ID tie-breaks. |
||
|
Jamil
|
355029f88f |
chore(ci): Bump sccache; remove IPC debug build (#3468)
Attempt #1 to speed up slow builds: - kotlin - tauri refs #3456 |
||
|
Reactor Scram
|
966432da5b | refactor(windows): remove IPC code which is now unused (#3469) | ||
|
Jamil
|
52971cdce3 |
refactor: Remove user-facing parts of STUN-only feature (#3453)
Fixes #3353 |
||
|
Reactor Scram
|
5ef6e97f4d |
fix(windows): don't crash if the saved log filter is invalid (#3460)
Closes #3452 |
||
|
Jason Elie Bou Kheir
|
76f554b75d |
feat(android): Add Android Headless Operation (#3438)
Signed-off-by: Jamil <jamilbk@users.noreply.github.com> Co-authored-by: Jamil <jamilbk@users.noreply.github.com> |
||
|
Jamil
|
2098060dcc |
feat(ci): Standardize matrix job names to prevent dupes, move jobs to macos-14 (#3447)
This should be faster than the Intel runners. Seems to be at least twice as fast for uncached builds compared to `ubuntu-22.04`. - [x] ~~Move elixir checks to `macos-14`~~ can't; Depends on `docker` and `erlef/setup-beam` - [x] Add macOS targets to rust checks - [x] Move swift build to macos-14 - [x] Move kotlin build to macos-14 - [x] Name all jobs that are required for merge group to not depend on job config - [x] Update PR branch protection rules |
||
|
Reactor Scram
|
d9ac4fa443 |
fix(windows): CSS nit (#3463)
Before this change, some of the background was (252, 252, 252) (#fcfcfc, bg-neutral-50) and some was #ffffff white  After this change, all the background is (248, 247, 247) (#f8f7f7, bg-neutral-100)  "Before" with exaggerated contrast:  |
||
|
Jamil
|
2fba4406a6 |
fix(windows): Take the default button shade darker a notch (#3462)
<img width="688" alt="Screenshot 2024-01-31 at 11 16 11 AM" src="https://github.com/firezone/firezone/assets/167144/891af931-9ff5-4975-8222-027e081e7ae6"> <img width="679" alt="Screenshot 2024-01-31 at 11 16 22 AM" src="https://github.com/firezone/firezone/assets/167144/f84f886a-f7d9-428b-9199-3214a3002682"> |
||
|
Roopesh Chander
|
d87cd375db |
Apple: Add 'debug' to network extension name in debug configuration (#3459)
Supersedes PR #3395. When testing this, might have to remove the tunnel config in Settings.app before running this. --------- Co-authored-by: Jamil <jamilbk@users.noreply.github.com> |
||
|
Jamil
|
6cd4b46008 |
fix(ci): Fix perf test names (#3454)
Comments weren't being found and updated due to the change in test names from here: https://github.com/firezone/firezone/pull/3376 |
||
|
Jamil
|
cd1f047575 |
fix(connlib): handle null-termination of TUN device path string correctly (#3449)
Credit to @Intuinewin from #3445 --------- Signed-off-by: Thomas Eizinger <thomas@eizinger.io> Co-authored-by: Thomas Eizinger <thomas@eizinger.io> |
||
|
Thomas Eizinger
|
ab7c947d0f |
fix(connection): only emit Transmit.src that correspond to local sockets (#3411)
It turns out that we need to do some post-processing of the `Transmit.source` attribute from `str0m`. In its current state, `str0m` may also set that to a server-reflexive address which is **not** a local socket. There is a longer discussion around this here: https://github.com/algesten/str0m/issues/453. This depends on an unmerged PR in `str0m`: https://github.com/algesten/str0m/pull/455. |
||
|
Thomas Eizinger
|
3f8c6cb6eb |
feat(relay): allow channel bindings to IPv6 addresses (#3434)
Previously, we still had a hard-coded rule in the relay that would not allow us to relay to an IPv6 peer. We can remove that and properly check this based on the allocated addresses. Resolves: #3405. |
||
|
Thomas Eizinger
|
6a33516460 |
feat(connection): rebrand to snownet (#3435)
`firezone-connection` was a working title that I never really quite liked. Here is a proposal to rebrand it to `snownet`. That is a lot more concise and derived from the fact that we are established a network of connections using ICE. |
||
|
Jamil
|
b2d7b95091 | feat(docs): Add docs overview content (#3440) | ||
|
Reactor Scram
|
6c16d795e9 | docs(windows): Update docs for Windows VM testing / resetting files Firezone creates (#3448) | ||
|
Reactor Scram
|
f2f8464f02 |
fix(windows): use a well-known path for the crash handler socket (#3444)
I didn't notice that the socket is a Unix domain socket, and not a named pipe, so it shows up in the normal Windows filesystem. Since I'm trying to get rid of the `set_current_dir` call at startup, this needs to use a well-known path instead of a relative path. (https://github.com/firezone/firezone/pull/3430/files#diff-8ee58783aeb973dcbf764b93d3038dd0133d981cc0caae8c5429020eb002a52eL62) So I stuck it in `%LOCALAPPDATA%/data/`.  I manually tested and made sure that the crash dump is written when we pass `--crash-on-purpose`, so the client and server are able to reach each other correctly. --------- Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com> Co-authored-by: Thomas Eizinger <thomas@eizinger.io> |
||
|
Reactor Scram
|
9096eee396 |
feat(windows): enable crash handling on release builds (#3441)
Since #3263 closed, we could enable crash handling for release builds on Windows, too. This should get rid of a dead code warning in CI:  Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com> |
||
|
Reactor Scram
|
aa25a46b72 |
refactor(windows): handle tray menu events in the main loop (#3446)
Closes #2983 |
||
|
Reactor Scram
|
b2b03744b0 |
fix(windows): Ensure production exes / MSIs don't show "-modified" Git versions (#3432)
Fixes #3384 |
||
|
Reactor Scram
|
9078b72e9b | refactor(windows): use 'use' statements better in crash handling (#3442) | ||
|
Thomas Eizinger
|
9f7080b669 |
feat(connection): allocate IPv6 address (#3436)
Resolve the two TODOs mentioned in the code. As part of #3399, we correctly are handling different combinations of available sockets and requested addresses in the relay more gracefully. In particular, we return whatever addresses we could allocate and only fail if we couldn't allocate any at all. The `Allocation` struct will extract whatever allocated addresses are present in the response. Thus, it is safe for us to **always** request both, an IPv4 and IPv6 address. A relay that only operates on one of them will just return that one address. Resolves: #3406. |
||
|
Thomas Eizinger
|
e02aa2eb1f | chore(relay): update docs in regards to spec-compliance (#3437) | ||
|
Roopesh Chander
|
875f31a5a6 |
feat(apple): Write app and tunnel log to disk (#3322)
Fixes #2721. Under `~/Library/Group Containers/<container>/Library/Caches/logs/`: - App logs are written to `app/app.0.log` - Tunnel process' Swift code's logs are written to `tunnel/tunnel.0.log` dir These and connlib logs are part of exporting logs and clearing logs. The log entries are written to human-readable text files, one log entry per line. Once a file exceeeds 1 MB, it starts writing to the next file (like `app.1.log`). After it reaches past `app.4.log`, it overwrites `app.0.log`. The current log index is maintained in a separate file. While it's opening the next log file, log calls are not kept waiting -- log entries are written to a buffer temporarily, and once the next log file is open, the buffered logs are dumped into it. |
||
|
Brian Manifold
|
48ae811e21 |
Add SSH public key to AWS Terraform (#3439)
Why: * The SSH key used for the EC2 hosts in AWS was created outside of the terraform in the mono repo. Now that the previous AWS infra has been torn down, the SSH key needed to be recreated. |
||
|
Reactor Scram
|
f23e77e412 |
refactor(windows): set absolute paths for logs and wintun.dll (#3428)
This is part of fixing #3425 Until now I changed the app's working directory into our %LOCALAPPDATA% folder and then used relative paths. But this causes two problems: - Passing `.\wintun.dll` when loading the DLL can cause Windows to search for the DLL. We don't want it to search, we want to put the DLL in one place and make sure it uses that, since that's the version we'll be updating - It means I've been using the app's current working dir as de-facto global mutable state The reason I could not fix it sooner is that it needed the bundle ID to be available before Tauri starts. --------- Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com> Co-authored-by: Gabi <gabrielalejandro7@gmail.com> |
||
|
Thomas Eizinger
|
2bad4c617f |
feat(phoenix-channel): reconnect on missed heartbeat from portal (#3410)
In case the portal does not reply to our heartbeat when we are about to send the next one, we try to reconnect. For now, this affects only the relay and the gateway but will be used in the clients in the future too. Resolves: #2916. |
||
|
Reactor Scram
|
471729c73d |
fix(windows): Show "Signing in..." menu during auto-sign-in (#3431)
closes #3403 Given the token is saved on disk, when we start Firezone, then the menu will show "Signing in..." while connlib connects. |
||
|
dependabot[bot]
|
3948470539 |
build(deps): Bump serde from 1.0.195 to 1.0.196 in /rust (#3421)
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.195 to 1.0.196. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/serde/releases">serde's releases</a>.</em></p> <blockquote> <h2>v1.0.196</h2> <ul> <li>Improve formatting of "invalid type" error messages involving floats (<a href="https://redirect.github.com/serde-rs/serde/issues/2682">#2682</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Reactor Scram
|
3d8ed7f10e |
fix(windows): move crash dumps into logs dir so they get exported in the zip, closes #3263 (#3426)
  Screenshots taken on 33737b3a38f7 I also refactored some of the related code. |
||
|
dependabot[bot]
|
0a01d6c03f |
build(deps): Bump keyring from 2.3.1 to 2.3.2 in /rust (#3419)
Bumps [keyring](https://github.com/hwchen/keyring-rs) from 2.3.1 to 2.3.2. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/hwchen/keyring-rs/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Thomas Eizinger
|
c9834ee8ee |
feat(relay): print stats every 10s (#3408)
In #3400, a discussion started on what the correct log level would be for the production relay. Currently, the relay logs some stats about each packet on debug, i.e. where it came from, where it is going to and how big it is. This isn't very useful in production though and will fill up our log disk quickly. This PR introduces a stats timer like we already have it in other components. We print the number of allocations, how many channels we have and how much data we relayed over all these channels since we last printed. The interval is currently set to 10 seconds. Here is what this output could look like (captured locally using `relay/run_smoke_test.sh`, although slightly tweaked, printing ever 2s, using release mode and larger packets on the clients): ``` 2024-01-26T05:01:02.445555Z INFO relay: Seeding RNG from '0' 2024-01-26T05:01:02.445580Z WARN relay: No portal token supplied, starting standalone mode 2024-01-26T05:01:02.445827Z INFO relay: Listening for incoming traffic on UDP port 3478 2024-01-26T05:01:02.447035Z INFO Eventloop::poll: relay: num_allocations=0 num_channels=0 throughput=0.00 B/s 2024-01-26T05:01:02.649194Z INFO Eventloop::poll:handle_client_input{sender=127.0.0.1:39092 transaction_id="8f20177512495fcb563c60de" allocation=AID-1}: relay: Created new allocation first_relay_address=127.0.0.1 lifetime=600s 2024-01-26T05:01:02.650744Z INFO Eventloop::poll:handle_client_input{sender=127.0.0.1:39092 transaction_id="6445943a353d5e8c262a821f" allocation=AID-1 peer=127.0.0.1:41094 channel=16384}: relay: Successfully bound channel 2024-01-26T05:01:04.446317Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=631.54 MB/s 2024-01-26T05:01:06.446319Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=698.73 MB/s 2024-01-26T05:01:08.446325Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=708.98 MB/s 2024-01-26T05:01:10.446324Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=690.79 MB/s 2024-01-26T05:01:12.446316Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=715.53 MB/s 2024-01-26T05:01:14.446315Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=706.90 MB/s 2024-01-26T05:01:16.446313Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=712.03 MB/s 2024-01-26T05:01:18.446319Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=717.54 MB/s 2024-01-26T05:01:20.446316Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=690.74 MB/s 2024-01-26T05:01:22.446313Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=705.08 MB/s 2024-01-26T05:01:24.446311Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=700.41 MB/s 2024-01-26T05:01:26.446319Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=717.57 MB/s 2024-01-26T05:01:28.446320Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=688.82 MB/s 2024-01-26T05:01:30.446329Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=696.35 MB/s 2024-01-26T05:01:32.446317Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=724.03 MB/s 2024-01-26T05:01:34.446320Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=713.46 MB/s 2024-01-26T05:01:36.446314Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=716.13 MB/s 2024-01-26T05:01:38.446327Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=687.16 MB/s 2024-01-26T05:01:40.446315Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=708.20 MB/s 2024-01-26T05:01:42.446314Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=689.36 MB/s 2024-01-26T05:01:44.446314Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=698.62 MB/s 2024-01-26T05:01:46.446315Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=696.21 MB/s 2024-01-26T05:01:48.446378Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=696.36 MB/s 2024-01-26T05:01:50.446314Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=709.47 MB/s 2024-01-26T05:01:52.446319Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=714.48 MB/s 2024-01-26T05:01:54.446323Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=690.71 MB/s 2024-01-26T05:01:56.446313Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=692.70 MB/s 2024-01-26T05:01:58.446321Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=687.87 MB/s 2024-01-26T05:02:00.446316Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=682.11 MB/s 2024-01-26T05:02:02.446312Z INFO Eventloop::poll: relay: num_allocations=1 num_channels=1 throughput=700.07 MB/s ``` |
||
|
Jamil
|
d043f81e95 |
fix(ci): Increase test nonce length to reduce collisions (#3373)
Looks like there's a small chance for collision with our test string and the base64-encoded token (what are the odds): https://github.com/firezone/firezone/actions/runs/7633757802/job/20796573898 |
||
|
Jamil
|
7f88b7ce70 |
feat(ops): Add support provisioning helper (#3422)
Helpful when debugging Enterprise customer's accounts. Use with caution. |