cheshire
/
hscloud
forked from hswaw/hscloud
1
0
Fork 0
Code Pull Requests Activity
hscloud/hswaw/capacifier
History
radex f5844311eb */kube: Add kube.SimpleIngress 
Change-Id: Iddcac629b9938f228dd93b32e58bb14606d5c6e5
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1745
Reviewed-by: q3k <q3k@hackerspace.pl>
 		2023-10-28 17:55:48 +00:00
..
BUILD.bazel hswaw/capacifier: deploy 2023-10-28 17:47:07 +00:00
README.md hswaw/capacifier: migrate deployment away from mirko 2023-10-09 21:22:55 +00:00
capacifier.go hswaw/capacifier: remove mirko dependency 2023-10-09 21:23:07 +00:00
prod.jsonnet */kube: Add kube.SimpleIngress 2023-10-28 17:55:48 +00:00

README.md

capacifier

rewrite-in-go of code.hackerspace.pl/tomek/capacifier.

This is one of the oldest API services at the Warsaw hackerspace, and exists solely to provide a generic 'is X a member of Y' functionality. It's generally deprecated (instead OIDC should be used as much as possible), but it's so entrenched into our infra that it's difficult to fully kill.

While the previous implementation had a whole bespoke rule expression language, this implementation is stupidly simple, with all rules hardcoded.

Running

Get the password for the capacifier service account from prod.

Then:

    bazel run //hswaw/capacifier -- --ldap_bind_pw xxx