summaryrefslogtreecommitdiff
path: root/pkg
AgeCommit message (Collapse)Author
2025-09-12refactor: extract function to inject project ids headergkg-inject-idsmo khan
2025-09-12feat: inject project ids in request before forwardingmo khan
2025-09-10chore: remove spice_ prefix from log keysmo khan
2025-07-18feat: authorize http resourcesmo khan
2025-07-18refactor: use * to represent publicmo khan
2025-07-18refactor: extract type mappings for check servicemo khan
2025-07-17feat: migrate from Cedar to SpiceDB authorization systemmo khan
This is a major architectural change that replaces the Cedar policy-based authorization system with SpiceDB's relation-based authorization. Key changes: - Migrate from Rust to Go implementation - Replace Cedar policies with SpiceDB schema and relationships - Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks - Update build system and dependencies for Go ecosystem - Maintain Envoy integration for external authorization This change enables more flexible permission modeling through SpiceDB's Google Zanzibar inspired relation-based system, supporting complex hierarchical permissions that were difficult to express in Cedar. Breaking change: Existing Cedar policies and Rust-based configuration will no longer work and need to be migrated to SpiceDB schema.
2025-06-18refactor: switch to a pure rust implementationmo khan
2025-05-24chore: remove default cedar examplesmo khan
2025-05-23chore: append .git to module namemo khan
Apply workaround described in: https://docs.gitlab.com/user/project/use_project_as_go_package/#workaround-use-git-in-the-module-name
2025-05-23chore: update module name to match git locationmo khan
2025-05-02test: fix name in testmo khan
2025-05-02fix: log the cedar policy decisionmo khan
2025-05-02refactor: connect context loggermo khan
2025-05-02refactor: connect logging to http requestsmo khan
2025-05-02feat: add a GET /health endpointmo khan
2025-05-02refactor: remove anything unrelated to the authz daemonmo khan
2025-04-07chore: generate twirp rpc for golangmo khan
2025-04-07chore: add tls configmo khan
2025-04-04refactor: switch to zerolog loggermo khan
2025-04-03refactor: remove slog-httpmo khan
2025-04-02fix: add app to default global idmo khan
2025-04-02fix: switch back to casbinmo khan
2025-04-02refactor: switch from casbin to cedarmo khan
2025-04-02refactor: update gtwy cedar policymo khan
2025-04-02chore: use cedar cli to fix entities.jsonmo khan
2025-04-02test: parse different types of global idmo khan
2025-04-02refactor: attempt to model a public policy in cedarmo khan
2025-04-02refactor: combine cedar policies and add testsmo khan
2025-04-02refactor: update cedar entities to match hierarchy defined in csv filesmo khan
2025-04-02refactor: move policies and entities in policies packagemo khan
2025-04-02refactor: use xlog to log diagnostic datamo khan
2025-04-02refactor: rename handler to servicemo khan
2025-04-02feat: embed cedar policies in policies packagemo khan
2025-04-01refactor: decouple authzd from cedar authorizermo khan
2025-04-01test: start an RPC server and run a smoke testmo khan
2025-03-31test: start rpc server testmo khan
2025-03-28refactor: move authorizers into authz packagemo khan
2025-03-28feat: generate golang rpc client/servermo khan
2025-03-27feat: start to add structured loggingmo khan
2025-03-27refactor: use proxy request to add forwarded headersmo khan
2025-03-20refactor: rename casbin filesmo khan
2025-03-20feat: add a cedar policymo khan
2025-03-15refactor: authorize unsigned JWT in requestsmo khan
2025-03-13refactor: extract authz interface to test out different PaC librariesmo khan
2025-03-13refactor: extract WithRoutes config optionmo khan
2025-03-13feat: add self-signed tls supportmo khan
2025-03-13refactor: extract proxy packagemo khan
2025-03-13refactor: extract cfg packagemo khan
2025-03-13refactor: extract srv packagemo khan
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-02 02:22:36 +0000