casbin / k8s-gatekeeper Goto Github PK
View Code? Open in Web Editor NEWKubernetes (k8s) admission controller webhook based on Casbin
License: Apache License 2.0
Kubernetes (k8s) admission controller webhook based on Casbin
License: Apache License 2.0
Add to: https://casbin.io/docs/k8s
Currently, this PR: casbin/k8s-authz#29 has nearly refactored everything existed in old k8s-authz. The old k8s-authz is already a complete work, made by our GSoC 2021 student, including code, README and Casbin.org docs. I tend not to break it if possible. So maybe we should just create a new project for @ComradeProgrammer 's contribution. The next ongoing contributions of Casbin + Cloud Native will be put into this repo instead.
Required by: https://v2ex.com/t/872898#r_11997527
k8s-gatekeeper should be a middleware connecting k8s with both Casbin + Casdoor
How to introduce users to use this project?
This issue will be used as final submission for GSOC 2022, in order to demonstrate the work that was done during the program. My work during GSOC 2022 consists of 2 parts: A. Build K8s-gatekeeper and B. Push forward the development of Casdoor
K8s-gatekeeper is an admission webhook for k8s, using Casbin to apply arbitrary user-defined access control rules to help prevent any operation on k8s which administrator doesn't want.
Access
and other functions for casbin enforcer#3 feat: set up basic project structure
#4 feat: generate client for crd resources
#5 feat: implement casbin CRD adaptor
#6 feat: add admission webhook hanlder
#7 feat: add e2e test kit
#10 feat: implement allowed_repo rule
#11 feat: add github ci
#12 feat: implement some common rules
#15 docs: add readme
#16 fix: fix expired certificate for unit test
#17 feat: rewrite e2e test with go test
#19 feat: implement other rules
#20 feat: add managent api
#21 feat: add dockerfile and internal deployments
#25 docs: fill in blanks in the doc
#22 feat: implement helm support
#24 feat: optimize ${OBJECT}&${NAMESPACE}&${RESOURCE}
In the community's requiremenst of this GSOC project, another task was mentioned, which is to push forward the development of Casdoor. Casdoor is also an important part of Casbin community, which is an Identity and Access Management (IAM) / Single-Sign-On (SSO) platform.
Here are my contributes to this task.
casdoor/casdoor#770 fix: trigger missing webhook
casdoor/casdoor#795 feat: fix incorrect CAS url concatenation
casdoor/casdoor#847 fix: fix cors filter
casdoor/casdoor#866 feat: fix dockerfile
casdoor/casdoor#960 fix: fix webauthn entry cannot be added
casdoor/casdoor#1096 fix: fix bugs about 3rd-party login in cas flow
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.