Upgrade to Pro — share decks privately, control downloads, hide ads and more …

GitHub as an Authenticator

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for Shimpei Otsubo Shimpei Otsubo
June 12, 2018
Technology
750
3

GitHub as an Authenticator

Avatar for Shimpei Otsubo

Shimpei Otsubo

June 12, 2018

More Decks by Shimpei Otsubo

See All by Shimpei Otsubo
Copy Kubernetes Clusters Really Fast
Avatar for Shimpei Otsubo potsbo
3
5.2k
Go と Wantedly の関係 / How Wantedly uses Go
Avatar for Shimpei Otsubo potsbo
1
910
Deploy Flow at Wantedly
Avatar for Shimpei Otsubo potsbo
2
1.1k
Wrap every method with just one line
Avatar for Shimpei Otsubo potsbo
1
5.6k
Zero yen Keyboard
Avatar for Shimpei Otsubo potsbo
6
3.3k
Kube - The core tool at Wantedly
Avatar for Shimpei Otsubo potsbo
1
8.3k
k8s - Kubernetes 8 Factors
Avatar for Shimpei Otsubo potsbo
12
11k
コンテンツ作成に集中するためのプレゼンテーション Tips / Presentation with Confidence
Avatar for Shimpei Otsubo potsbo
7
42k
ConfigMap vs Secret #k8sjp
Avatar for Shimpei Otsubo potsbo
1
1.5k

Other Decks in Technology

See All in Technology
FPGAの開発コンペでZephyrを使ってみた
Avatar for misoji engineer iotengineer22
0
150
2026TECHFRESH畢業分享會 - AI 時代的人生存檔點
Avatar for LINE Developers Taiwan line_developers_tw
PRO
0
1.3k
20260619 私の日常業務での生成 AI 活用
Avatar for Masaru Ogura masaruogura
1
230
Claude Codeをどのように キャッチアップしているか
Avatar for Oikon oikon48
13
8.6k
AI駆動開発を通して感じた、 AI時代のデザイナーの役割変化
Avatar for WHIsaiyo whisaiyo
4
2.3k
AIAU_UMEMOGU_ninomiya_slide
Avatar for ninomiya ninomiya_ii
0
240
ザ・データベース、MySQL ~ OSC 2026 Sendai ~
Avatar for sakaik sakaik
0
150
Agile and AI Redmine Japan 2026
Avatar for Kenji Hiranabe hiranabe
3
330
アジャイルな経理と Claude Code と 経営の未来
Avatar for Yasunobu Kawaguchi kawaguti
PRO
3
160
200個のGitHubリポジトリを横断調査したかった
Avatar for Issei.Komori icck
0
140
iOS アプリの「これって不具合ですか?」を AI に調べてもらう
Avatar for Yuki Miida miichan
0
100
Android の公式 Skill / Android skills
Avatar for Yuki Anzai yanzm
0
160

Featured

See All Featured
The AI Revolution Will Not Be Monopolized: How open-source beats economies of scale, even for LLMs
Avatar for Ines Montani inesmontani
PRO
3
3.5k
The browser strikes back
Avatar for Jono Alderson jonoalderson
0
1.3k
From π to Pie charts
Avatar for Rasagy Sharma rasagy
0
210
Designing for Performance
Avatar for Lara Hogan lara
611
70k
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
Avatar for Aleyda Solis aleyda
2
11k
The World Runs on Bad Software
Avatar for Brandon Keepers bkeepers
PRO
72
12k
Stop Working from a Prison Cell
Avatar for Chris Michel hatefulcrawdad
274
21k
No one is an island. Learnings from fostering a developers community.
Avatar for Antonio thoeni
21
3.8k
Future Trends and Review - Lecture 12 - Web Technologies (1019888BNR)
Avatar for Beat Signer signer
PRO
0
3.6k
SERP Conf. Vienna - Web Accessibility: Optimizing for Inclusivity and SEO
Avatar for Sara Fernández Carmona sarafernandez
2
1.5k
Discover your Explorer Soul
Avatar for Emna emna__ayadi
2
1.1k
Code Reviewing Like a Champion
Avatar for maltzj maltzj
528
40k

Transcript

  1. ©2018 Wantedly, Inc. GitHub as an Authenticator શ෦ GitHub Ͱ؅ཧͯ͠ΈΔ

    GitHub Satellite Tokyo LT 12.Jun.2018 - Shimpei Otsubo - @potsbo

  2. ©2018 Wantedly, Inc. ࣾһ໊฽Ͳ͏ͯ͠·͔͢ʁ ݖݶ؅ཧͲ͏ͯ͠·͔͢ʁ ৘ใڞ༗Ͳ͏ͯ͠·͔͢ʁ

  3. ©2018 Wantedly, Inc. શ෦GitHub ࣾһ໊฽Ͳ͏ͯ͠·͔͢ʁ ݖݶ؅ཧͲ͏ͯ͠·͔͢ʁ ৘ใڞ༗Ͳ͏ͯ͠·͔͢ʁ

  4. ©2018 Wantedly, Inc. GitHub ๏຿ ࣾ಺͸ͳΜͰ΋(JU)VC (JU)VCΛ࢖ͬͯ๏຿ίϛϡχέʔγϣϯͷεϐʔυΛഒʹͨ͠࿩ ৘ใڞ༗͜͏ͯ͠·͢ IUUQTXXXXBOUFEMZDPNDPNQBOJFTXBOUFEMZQPTU@BSUJDMFT ʮJTTVFͭͬͨ͘ʁʯ

    ίʔυϨϏϡʔه࿥ٞ࿦ேձ໨ඪ݁Ռʜ ࣾ಺શһ(JU)VC ೖࣾϑϩʔ͸(JU)VCΞΧ΢ϯτͷ࡞੒͔Β

  5. ©2018 Wantedly, Inc. ૊৫্ͷνʔϜͱ(JU)VCͷνʔϜ͕ରԠ infrastructure full-time-employee visit people short-term-intern long-term-intern

    engineers ଐੑ΋؅ཧ ૊৫ߏ੒ ruby … … ࣾһ໊฽͜͏ͯ͠·͢

  6. ©2018 Wantedly, Inc. (JU)VC5FBNΛϕʔεʹೝՄ )3ͷϑϩʔʹ৐Δ͚ͩͰྑ͍ ݖݶͷ֎͠๨Ε͕ͳ͍ e.g. full-time-employee => ok

    org ͔Β֎ͤ͹ࣗಈతʹશݖݶΛ revoke Ͱ͖Δ HR ͷೖୀࣾϑϩʔͰେମok ݖݶ؅ཧ͜͏ͯ͠·͢

  7. ©2018 Wantedly, Inc. ssh Results K public key ಛఆͷνʔϜͷਓ͚ͩTTIΛڐՄ͍ͨ͠ kenmon

    ssh Production Results K enmon ݕ໰ ಛఆteam ʹೖ͍ͬͯΔͱ production access ΁ͷ ssh ΛڐՄ SSH Proxy with GitHub Private Keys by wantedly

  8. ©2018 Wantedly, Inc.  એݴ͞Εͨ6TFSOBNFͷެ։伴ͰϩάΠϯ  ಛఆͷ5FBNॴଐ͔Λ͔֬ΊΔ  ໨తͷ4FSWFS΁ͷ44)ΛڐՄ ಛఆͷνʔϜͷਓ͚ͩTTIΛڐՄ͍ͨ͠

    ssh Results K public key kenmon ssh Production Results

  9. ©2018 Wantedly, Inc. Team ͝ͱʹҟͳΔk8sͷૢ࡞ΛڐՄ͍ͨ͠ G Token Token Teams Groups

    RBAC!! genmon TokenReview G enmon ݳ໳ ֤ team ʹରͯ͠ ద੾ͳݖݶΛ෇༩ by wantedly Webhook token authenticator for Kubernetes Results Token

  10. ©2018 Wantedly, Inc.  %BFNPO4FUͰ֤NBTUFSʹHFONPO͕ଘࡏ  8FCIPPL"VUIFOUJDBUJPOͰHFONPO΁  5FBN(SPVQͱͯ͠ѻ͍3#"$ https://github.com/appscode/guard

    https://github.com/oursky/kubernetes-github-authn ࢀߟ࣮૷ https://kubernetes.io/docs/admin/authentication/#webhook-token-authentication Role Based Access Control Team ͝ͱʹҟͳΔk8sͷૢ࡞ΛڐՄ͍ͨ͠ G Token Token Teams Groups RBAC!! genmon TokenReview Results Token

  11. ©2018 Wantedly, Inc. K enmon ݕ໰ ಛఆteam ʹೖ͍ͬͯΔͱ production access

    ΁ͷ ssh ΛڐՄ G enmon ݳ໳ ֤ team ʹରͯ͠ ద੾ͳݖݶΛ෇༩ by wantedly SSH Proxy with GitHub Private Keys Webhook token authenticator for Kubernetes by wantedly

  12. ©2018 Wantedly, Inc. ࣾ಺શһGitHubʹೖΕͪΌ͓͏ GitHubΛೝূαʔϏεͱͯ͠࢖͓͏ ૊৫ߏ଄ͱTeamߏ଄Λ߹ΘͤΑ͏ Summary