polarctos

Original support for `SsoCredentialsProvider` was added in PR: https://github.com/aws/aws-sdk-java-v2/pull/2118

[Cloudflare’s Authenticated Origin Pulls](https://developers.cloudflare.com/ssl/origin-configuration/authenticated-origin-pull/) is using mTLS. This means mTLS support would be needed in kamal-proxy. There is a discussion here about adding it, including a workaround of using another...

> A low hanging fruit would be to add security header check first, so that in the absence of the header the proxy would return 404 (same as with invalid...

> > Such a HTTP header check is already possible to do in the application itself > > We want to pretend the host is not served by the server,...

To execute binaries for different processor architectures than your runner, a QEMU `binfmt` setup is needed. [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) does just that for you with [tonistiigi/binfmt](https://github.com/tonistiigi/binfmt) There is a full example of...