You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This issue will be used as final submission for GSOC 2022, in order to demonstrate the work that was done during the program. My work during GSOC 2022 consists of 2 parts: A. Build K8s-gatekeeper and B. Push forward the development of Casdoor
A. Build K8s-gatekeeper
1. Overview of design of k8s-gatekeeper
K8s-gatekeeper is an admission webhook for k8s, using Casbin to apply arbitrary user-defined access control rules to help prevent any operation on k8s which administrator doesn't want.
2 Steps to build k8s-gatekeeper
1. Set up basic scaffold
1.1 set up basic project structure
1.2 create CRD resources for casbin model and policy
1.4 generate clients for CRD resources of casbin model and policy with k8s's official tools
1.3 create adaptor for CRD resources of casbin model and policy
2. Impelement rules and policies
2.1 implement the webhook
2.2 implement Access and other functions for casbin enforcer
2.3 set up unit tests
2.4 implement rules and policies
2.5 set up E2E tests
3. Clients
3.1 implement clients
4. Pack into helm
4.1 Pack into helm
5. Rewrite documents
5.1 rewrite README.md
3. PRs for this project
#3 feat: set up basic project structure #4 feat: generate client for crd resources #5 feat: implement casbin CRD adaptor #6 feat: add admission webhook hanlder #7 feat: add e2e test kit #10 feat: implement allowed_repo rule #11 feat: add github ci #12 feat: implement some common rules #15 docs: add readme #16 fix: fix expired certificate for unit test #17 feat: rewrite e2e test with go test #19 feat: implement other rules #20 feat: add managent api #21 feat: add dockerfile and internal deployments #25 docs: fill in blanks in the doc #22 feat: implement helm support #24 feat: optimize ${OBJECT}&${NAMESPACE}&${RESOURCE}
B. Push forward the development of Casdoor
In the community's requiremenst of this GSOC project, another task was mentioned, which is to push forward the development of Casdoor. Casdoor is also an important part of Casbin community, which is an Identity and Access Management (IAM) / Single-Sign-On (SSO) platform.
ComradeProgrammer
changed the title
Proposal: Roadmap to build K8s-gatekeeper
Roadmap to build K8s-gatekeeper (Final Submission for GSOC 2022)
Sep 12, 2022
ComradeProgrammer
changed the title
Roadmap to build K8s-gatekeeper (Final Submission for GSOC 2022)
Final Submission for GSOC 2022
Sep 12, 2022
Final Submission for GSOC 2022
This issue will be used as final submission for GSOC 2022, in order to demonstrate the work that was done during the program. My work during GSOC 2022 consists of 2 parts: A. Build K8s-gatekeeper and B. Push forward the development of Casdoor
A. Build K8s-gatekeeper
1. Overview of design of k8s-gatekeeper
K8s-gatekeeper is an admission webhook for k8s, using Casbin to apply arbitrary user-defined access control rules to help prevent any operation on k8s which administrator doesn't want.
2 Steps to build k8s-gatekeeper
1. Set up basic scaffold
2. Impelement rules and policies
Access
and other functions for casbin enforcer3. Clients
4. Pack into helm
5. Rewrite documents
3. PRs for this project
#3 feat: set up basic project structure
#4 feat: generate client for crd resources
#5 feat: implement casbin CRD adaptor
#6 feat: add admission webhook hanlder
#7 feat: add e2e test kit
#10 feat: implement allowed_repo rule
#11 feat: add github ci
#12 feat: implement some common rules
#15 docs: add readme
#16 fix: fix expired certificate for unit test
#17 feat: rewrite e2e test with go test
#19 feat: implement other rules
#20 feat: add managent api
#21 feat: add dockerfile and internal deployments
#25 docs: fill in blanks in the doc
#22 feat: implement helm support
#24 feat: optimize
${OBJECT}&${NAMESPACE}&${RESOURCE}
B. Push forward the development of Casdoor
In the community's requiremenst of this GSOC project, another task was mentioned, which is to push forward the development of Casdoor. Casdoor is also an important part of Casbin community, which is an Identity and Access Management (IAM) / Single-Sign-On (SSO) platform.
Here are my contributes to this task.
casdoor/casdoor#770 fix: trigger missing webhook
casdoor/casdoor#795 feat: fix incorrect CAS url concatenation
casdoor/casdoor#847 fix: fix cors filter
casdoor/casdoor#866 feat: fix dockerfile
casdoor/casdoor#960 fix: fix webauthn entry cannot be added
casdoor/casdoor#1096 fix: fix bugs about 3rd-party login in cas flow
The text was updated successfully, but these errors were encountered: