Merged
Conversation
- combine windows and linux configs into a single matrix, now that actions/cache handles file paths properly - update to latest actions/checkout and codecov actions
This is necessary when specifying options as environment variables. Also add documentation for using multiple signature keys.
this is an optional feature which is disabled by default, since it is only needed in a few select cases and risks accidentally exposing internal URLs. Fixes willnorris#216
Make names a little more consistent and align with naming docs at https://prometheus.io/docs/practices/naming/
Thanks to @Fieldistor for the reminder that gorilla/mux allows you to disable cleaning request URLs, which was causing problems with signature verification for some URLs. Fixes willnorris#215 Fixes willnorris#212
- build docker image with go1.14 - test with go1.14 and go1.13 - also run `go mod tidy` to pick up a missed go.sum record
codecov is sometimes slow to respond, and it's not worth holding up the test suite for.
The current link goes to a blank page for me.
…illnorris#238) Using .Host allows you to get around an allowHosts or denyHosts entry by adding a port
- fix URL for CI badge in README - add actions workflow to push 'main' branch to 'latest' docker image
- handle errors where possible - explicitly ignore errors where it makes sense to - fix deprecations and unused var
go back to remote-only build for fly deploy, but use buildx v0.9.1 for building the docker image. Also add manual trigger for fly deploy action.
Bumps [golang.org/x/image](https://github.com/golang/image) from 0.3.0 to 0.5.0. - [Release notes](https://github.com/golang/image/releases) - [Commits](golang/image@v0.3.0...v0.5.0) --- updated-dependencies: - dependency-name: golang.org/x/image dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
This has begun failing with the error:
error generating coverage report: write |1: file already closed
I'm not 100% sure what's causing this, but this test isn't actually
covering very much, and trying to test a main function is often fraught
anyway, so it's not worth the hassle.
not all configuration options are exposed yet
When following redirects, ensure that the final URL is not in the configured DenyHosts list, but do not further enforce presence in the AllowHosts list. This was initially added in willnorris#237, and the original use case was about protecting against redirects being used to bypass denied hosts. They were using URL signatures and deny lists (for localhost, etc), but not allow lists. So really, checking against the deny list is all that was needed in that case. This came up recently for me as I was trying to proxy images on a remote host that redirects to Amazon S3. Even though the original URL was signed, the redirect was being denied because s3-us-west-2.amazonaws.com isn't on of my allowed host. But I don't want to allow all of S3, just the signed URLs.
I'm honestly not sure which formatter this is using. Probably something from the markdown LSP server I'm using. Maybe something built in to neovim or that ships with LazyVim?
This allows a little more control over which version of go we're using.
I'm not entirely sure why I had this in the first place... probably just a misunderstanding at the time of what a mux did and when it is helpful. In this case, it serves no purpose.
This requires updating to a more recent version of golangci-lint, which has some new failures. This removes those failing linters, and I'll need to come back and look at those problems in a followup change.
I believe chainguard no longer supports arm/v7. This was added at a user's request I think that was running imageproxy on a raspberry pi or something. I might switch to a different base image that does have support, though it's annoying to have to do so. In the meantime, users can always built the image themselves for other platforms.
beattyml1
commented
Apr 25, 2025
Author
beattyml1
left a comment
beattyml1
left a comment
There was a problem hiding this comment.
This is from main to feature and requires no review
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
13 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.