Giter Site home page Giter Site logo

portcullis's Introduction

portcullis

The goal behind Portcullis is to make it easier for CF service broker admins and CF admins to handle running services in Cloud Foundry. The observation here is that in large Cloud Foundry environments, the people managing services are not typically the same people with the adminstrative rights to Cloud Foundry - and that makes sense. However, this communication can be the bottleneck in getting services up and running. Portcullis seeks to wrap the permissions system of the UAA/Cloud Foundry to provide a handle for which service broker devs/admins can manage the access of their own broker. Also, security groups will be opened to users as bindings are made to service instances.

How Do I Run It?

The dependencies are vendored, so cloning the repo and either go runing the main.go file or go building the project will start the program. A configuration file is required - look in assets/examples for an idea of how to make one (docs at a later time), and set the PORTCULLIS_CONFIG environment variable to the path at which you have created the configuration.

This project is still in early development, so the master branch may contain buggy code until a preliminary set of features has been completed.

portcullis's People

Contributors

cweibel avatar lnguyen avatar geofffranks avatar jhunt avatar

Watchers

Wayne E Seguin avatar Matt Reider avatar David Laing avatar Mevan Samaratunga avatar Joshua Kruck avatar Alex Heneveld avatar Colin Humphreys avatar James Cloos avatar Jared Wray avatar Leandro David Cacciagioni avatar Johannes Hiemer avatar Cornelia Davis avatar Van Nguyen avatar Ronak Banka avatar Takeshi Morikawa avatar Amulya Sharma avatar Chanda Dharap avatar Xiujiao Gao avatar Guillaume Berche avatar Fermin Ordaz avatar avatar clarence avatar avatar Pierre Oblin avatar Arthur Halet avatar Weian Deng avatar Balajee Nagarajan avatar Jian Huang avatar Mo Mo avatar avatar Justin Carter avatar Piotr Milewski avatar Tom Mitchell avatar Chris McGowan avatar avatar Norman Abramovitz avatar avatar avatar

portcullis's Issues

Consider collaboration with sec-group-broker-filter

Thanks for sharing this work.

In case this went unnoticed Orange has contributed very similar work at https://github.com/orange-cloudfoundry/sec-group-broker-filter

If different programming languages (java vs go-lang) are not an obstacle, it would be interesting to consider collaborating since both efforts that seem to address the same use-cases. Note that the sec-group-broker-filter repo also contains start of a generic framework for broker facades/filters for supporting other uses-cases beyond opening security groups.

Focusing on portcullis, I wonder the rationale for the address mapping that is documented at https://github.com/cloudfoundry-community/portcullis/blob/master/docs/broker_communication.png (and the associated operational burden to maintain a db)

Is this mapping necessary to support dynamic mapped service broker registration (that operations would perform through a dashboard UI)?

In sec-group-broker-filter, we're first planning to support multiple mapped service brokers through deploy-time configuration see orange-cloudfoundry/sec-group-broker-filter#19 and thus currently avoid maintaining state within the sec-group-broker-filter (i.e. no DB is required).

We'd be happy to further exchanges on how to collaborate on this idea.

Thanks in advance,

Guillaume.

/CC @s-bortolussi @poblin-orange

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.