forked from hswaw/hscloud
radex
d318d7e6d4
Change-Id: I3afbe1857c321ac6db1255d8a2fe1d9aa3da5c12 Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1689 Reviewed-by: q3k <q3k@hackerspace.pl> |
||
---|---|---|
.. | ||
BUILD.bazel | ||
capacifier.go | ||
prod.jsonnet | ||
README.md |
capacifier
rewrite-in-go of code.hackerspace.pl/tomek/capacifier.
This is one of the oldest API services at the Warsaw hackerspace, and exists solely to provide a generic 'is X a member of Y' functionality. It's generally deprecated (instead OIDC should be used as much as possible), but it's so entrenched into our infra that it's difficult to fully kill.
While the previous implementation had a whole bespoke rule expression language, this implementation is stupidly simple, with all rules hardcoded.
Running
Get the password for the capacifier service account from prod.
Then:
bazel run //hswaw/capacifier -- --ldap_bind_pw xxx