Skip to content
/ kubeidentity Public

KubeIdentity allowes you to create and manage Kubernetes Service Accounts with RBAC based on the OAuth GitHub Team membership.

License

Apache-2.0 license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

natrontech/kubeidentity

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

86 Commits
.github
.github
 
 
assets
assets
 
 
kubernetes
kubernetes
 
 
src
src
 
 
.DS_Store
.DS_Store
 
 
.gitignore
.gitignore
 
 
CODEOWNERS
CODEOWNERS
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 

Repository files navigation

KubeIdentity

A
OAuth Connector
for handling GitHub OAuth in your Kubernets cluster.

Build Sponsors License CodeFactor

KubeIdentity allowes you to create and manage Kubernetes Service Accounts with RBAC based on the OAuth GitHub Team membership.

Check out the company behind KubeIdentity – https://natron.io

 

Everything you would expect

It's a simple web app

You can deploy it inside your Kubernetes cluster.
Make sure to create a Github OAuth client in your GitHub organization.
It will be used to authenticate your users.
The web app will then show you the list of teams you are a member of.
When you sign in, it will automatically create a Service Account (default namespace: kubeidentity) for you. And it will create RBAC rules for you (default cluster role binding: edit). After that, you can copy the Token or download the Kubeconfig file.

It's free

Everything is free.
If you want to support us, you can buy us a beer with a Github Sponsorship or contribute some code.

Open Source

Trust me, I'm open source.
You can find the source code on Github.
The frontend is written in Next.js and the backend in GoLang.
License: Apache 2.0

 

Setup

You can deploy KubeIdentity in your Kubernetes cluster, but you have to set all the env variables.

Environment Variables

Frontend

  • ENV_GITHUB_CLIENT_ID (required): Set the GitHub client ID.
  • ENV_GITHUB_REDIRECT_URI (required): Set the GitHub redirect URI. (e.g. https://<url-from-frontend>)
  • ENV_GITHUB_OAUTH_URI (required): Set the GitHub OAuth URI. (e.g. https://<url-from-backend>/api/auth/github)

Backend

  • CORS (optional): Set CORS headers for the API.
    Default: *
  • JWT_SECRET_KEY (optional): Set the JWT secret key.
    Default: random string of 32 characters.
  • GITHUB_CALLBACK_URL (optional): Set the callback URL for the GitHub OAuth.
    Default: http://localhost:8000/auth/github/callback
  • GITHUB_CLIENT_ID (required): Set the GitHub client ID.
  • GITHUB_CLIENT_SECRET (required): Set the GitHub client secret.
  • GITHUB_ORGANIZATION (required): Set the GitHub organization.
  • KUBEIDENTITY_NAMESPACE (optional): Set the Kubernetes namespace, where the Service Accounts will be created. (it will be created if it doesn't exist)
    Default: kubeidentity
  • DEFAULT_CLUSTER_ROLE (optional): Set the default cluster role which gets assigned to every ServiceAccount.
    Default: edit

About

KubeIdentity allowes you to create and manage Kubernetes Service Accounts with RBAC based on the OAuth GitHub Team membership.

Topics

kubernetes permissions

Resources

Readme

License

Apache-2.0 license

Security policy

Security policy
Activity
Custom properties

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 12

KubeIdentity v0.1.11 Latest
Sep 22, 2022
+ 11 releases

Packages

 
 
 

Languages