* fix(go): set persistent keep alive when registering host using sso;
* fix(go): run posture check violations on delete;
* fix(go): upsert node on approving pending host;
* fix(go): resolve concurrency issues during group delete cleanup;
* fix(go): update doc links;
* fix(go): add created and updated fields to host;
* fix(go): skip delete and update superadmin on sync users;
* fix(go): use conn directly for now;
* fix(go): remove acl for idp groups;
* fix(go): quote fields;
* fix(go): use filters with count;
* feat(go): add a search query;
* fix(go): cleanup acls;
* fix(go): review fixes;
* fix(go): remove additional loop;
* fix(go): fix
* v1.5.1: separate out idp sync and reset signals for HA
* v1.5.1: add grps with name for logging
* v1.5.1: clear posture check violations when all checks are deleted
* v1.5.1: set static when default host
* v1.5.1: fix db status check
* rm set max conns
* v1.5.1: reset auto assigned gw when disconnected
* fix(go): skip global network admin and user groups when splitting;
* v1.5.1: fix update node call from client
* fix(go): separate out migration from normal usage;
* fix(go): skip default groups;
* fix(go): create policies for existing groups on network create;
* fix(go): skip fatal log on clickhouse conn;
* fix(go): add posture check cleanup;
---------
Co-authored-by: VishalDalwadi <dalwadivishal26@gmail.com>
Co-authored-by: Vishal Dalwadi <51291657+VishalDalwadi@users.noreply.github.com>
- Replace full table scan in FetchRecord with indexed single-key lookup
(SELECT WHERE key = ?) for PostgreSQL, SQLite, and RQLite backends
- Add in-memory user cache (gated behind CACHING_ENABLED) to eliminate
DB round-trips on the auth hot path (GetUser called per API request)
- Configure PostgreSQL connection pool limits (max open/idle conns,
conn lifetime) to prevent connection churn under load
- Add periodic cleanup of expired SSO state entries to prevent
unbounded table growth
- Route GitHub OAuth user rename through standard logic functions
to keep user cache consistent
* feat: api access tokens
* revoke all user tokens
* redefine access token api routes, add auto egress option to enrollment keys
* fix revoked tokens to be unauthorized
* remove unused functions
* convert access token to sql schema
* switch access token to sql schema
* revoke token generated by an user
* add user token creation restriction by user role
* add forbidden check for access token creation
* revoke user token when group or role is changed
* add default group to admin users on update
* fix token removal on user update
* fix token removal on user update
Abhishek Kondur