identity-server

command module

v0.1.1 Latest Latest Go to latest Published: May 31, 2020 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubeshield/identity-server

README ¶

identity-server

Identity Server implements a Kubernetes "whoami" service.

Deploy into a Kubernetes Cluster

You can deploy Indentity Server using Helm chart found here.

helm repo add appscode https://charts.appscode.com/stable/
helm repo update

helm install identity-server appscode/identity-server

Usage

$ kubectl create -f https://github.com/kubeshield/identity-server/raw/v0.1.1/artifacts/whoami.yaml --v=8

I0414 10:07:56.932224    7000 request.go:1017] Request Body: {"apiVersion":"identity.kubeshield.io/v1alpha1","kind":"WhoAmI"}
I0414 10:07:56.932282    7000 round_trippers.go:423] curl -k -v -XPOST  -H "Content-Type: application/json" -H "User-Agent: kubectl/v1.17.0 (linux/amd64) kubernetes/70132b0" -H "Accept: application/json" 'https://127.0.0.1:32769/apis/identity.kubeshield.io/v1alpha1/whoamis'
I0414 10:07:56.934299    7000 round_trippers.go:443] POST https://127.0.0.1:32769/apis/identity.kubeshield.io/v1alpha1/whoamis 201 Created in 1 milliseconds
I0414 10:07:56.934320    7000 round_trippers.go:449] Response Headers:
I0414 10:07:56.934329    7000 round_trippers.go:452]     Cache-Control: no-cache, private
I0414 10:07:56.934337    7000 round_trippers.go:452]     Content-Type: application/json
I0414 10:07:56.934342    7000 round_trippers.go:452]     Date: Tue, 14 Apr 2020 17:07:56 GMT
I0414 10:07:56.934348    7000 round_trippers.go:452]     Content-Length: 168
I0414 10:07:56.934375    7000 request.go:1017] Response Body: {"kind":"WhoAmI","apiVersion":"identity.kubeshield.io/v1alpha1","response":{"user":{"username":"kubernetes-admin","groups":["system:masters","system:authenticated"]}}}
whoami.identity.kubeshield.io/<unknown> created

How It Woks

Identity Server is a Kubernetes extended apiserver (EAS). As an EAS, it has access to the user who is making an api call to the "whoami" server. You can find the core of the implementation here.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
apis
identity Package api is the internal version of the API.	Package api is the internal version of the API.
identity/fuzzer
identity/install
identity/v1alpha1 Package v1alpha1 is the v1alpha1 version of the API.	Package v1alpha1 is the v1alpha1 version of the API.
client
clientset/versioned This package has the automatically generated clientset.	This package has the automatically generated clientset.
clientset/versioned/fake This package has the automatically generated fake clientset.	This package has the automatically generated fake clientset.
clientset/versioned/scheme This package contains the scheme of the automatically generated clientset.	This package contains the scheme of the automatically generated clientset.
clientset/versioned/typed/identity/v1alpha1 This package has the automatically generated typed clients.	This package has the automatically generated typed clients.
clientset/versioned/typed/identity/v1alpha1/fake Package fake has the automatically generated clients.	Package fake has the automatically generated clients.
openapi
hack
pkg
apiserver
cmds
cmds/server
registry
registry/identity/whoami

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL