Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Final Submission for GSOC 2022 #2

Closed
12 tasks done
ComradeProgrammer opened this issue Jun 19, 2022 · 0 comments
Closed
12 tasks done

Final Submission for GSOC 2022 #2

ComradeProgrammer opened this issue Jun 19, 2022 · 0 comments
Assignees
@hsluoyz @sagilio
Labels
enhancement New feature or request

Comments

@ComradeProgrammer
Copy link
Member

ComradeProgrammer commented Jun 19, 2022
edited
Loading

Final Submission for GSOC 2022

This issue will be used as final submission for GSOC 2022, in order to demonstrate the work that was done during the program. My work during GSOC 2022 consists of 2 parts: A. Build K8s-gatekeeper and B. Push forward the development of Casdoor

A. Build K8s-gatekeeper

1. Overview of design of k8s-gatekeeper

K8s-gatekeeper is an admission webhook for k8s, using Casbin to apply arbitrary user-defined access control rules to help prevent any operation on k8s which administrator doesn't want.

overview

2 Steps to build k8s-gatekeeper

1. Set up basic scaffold

  • 1.1 set up basic project structure
  • 1.2 create CRD resources for casbin model and policy
  • 1.4 generate clients for CRD resources of casbin model and policy with k8s's official tools
  • 1.3 create adaptor for CRD resources of casbin model and policy

2. Impelement rules and policies

  • 2.1 implement the webhook
  • 2.2 implement Access and other functions for casbin enforcer
  • 2.3 set up unit tests
  • 2.4 implement rules and policies
  • 2.5 set up E2E tests

3. Clients

  • 3.1 implement clients

4. Pack into helm

  • 4.1 Pack into helm

5. Rewrite documents

  • 5.1 rewrite README.md

3. PRs for this project

#3 feat: set up basic project structure
#4 feat: generate client for crd resources
#5 feat: implement casbin CRD adaptor
#6 feat: add admission webhook hanlder
#7 feat: add e2e test kit
#10 feat: implement allowed_repo rule
#11 feat: add github ci
#12 feat: implement some common rules
#15 docs: add readme
#16 fix: fix expired certificate for unit test
#17 feat: rewrite e2e test with go test
#19 feat: implement other rules
#20 feat: add managent api
#21 feat: add dockerfile and internal deployments
#25 docs: fill in blanks in the doc
#22 feat: implement helm support
#24 feat: optimize ${OBJECT}&${NAMESPACE}&${RESOURCE}

B. Push forward the development of Casdoor

In the community's requiremenst of this GSOC project, another task was mentioned, which is to push forward the development of Casdoor. Casdoor is also an important part of Casbin community, which is an Identity and Access Management (IAM) / Single-Sign-On (SSO) platform.

Here are my contributes to this task.
casdoor/casdoor#770 fix: trigger missing webhook
casdoor/casdoor#795 feat: fix incorrect CAS url concatenation
casdoor/casdoor#847 fix: fix cors filter
casdoor/casdoor#866 feat: fix dockerfile
casdoor/casdoor#960 fix: fix webauthn entry cannot be added
casdoor/casdoor#1096 fix: fix bugs about 3rd-party login in cas flow
@casbin-bot casbin-bot added the question Further information is requested label Jun 19, 2022
@ComradeProgrammer ComradeProgrammer mentioned this issue Jun 19, 2022
Closed
@sagilio sagilio self-assigned this Jun 19, 2022
@sagilio sagilio added enhancement New feature or request and removed question Further information is requested labels Jun 19, 2022
@hsluoyz hsluoyz transferred this issue from casbin/k8s-authz Jun 19, 2022
@casbin-bot casbin-bot added the question Further information is requested label Jun 19, 2022
@hsluoyz hsluoyz removed the question Further information is requested label Jun 19, 2022
@ComradeProgrammer ComradeProgrammer changed the title Proposal: Roadmap to enhancement k8s-authz Proposal: Roadmap to build k8s-gatekeeper Sep 11, 2022
@ComradeProgrammer ComradeProgrammer changed the title Proposal: Roadmap to build k8s-gatekeeper Proposal: Roadmap to build K8s-gatekeeper Sep 11, 2022
@casbin casbin deleted a comment from casbin-bot Sep 11, 2022
@casbin casbin deleted a comment from casbin-bot Sep 11, 2022
@ComradeProgrammer ComradeProgrammer changed the title Proposal: Roadmap to build K8s-gatekeeper Roadmap to build K8s-gatekeeper (Final Submission for GSOC 2022) Sep 12, 2022
@ComradeProgrammer ComradeProgrammer changed the title Roadmap to build K8s-gatekeeper (Final Submission for GSOC 2022) Final Submission for GSOC 2022 Sep 12, 2022
@hsluoyz hsluoyz closed this as completed Jan 5, 2023
@hsluoyz hsluoyz removed this from Casbin + Cloud Native in Casbin Easy Tasks for Beginners/Student Applicants Jan 5, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hsluoyz hsluoyz

@sagilio sagilio

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@hsluoyz @sagilio @ComradeProgrammer @casbin-bot