Upgrade to Pro — share decks privately, control downloads, hide ads and more …

GitHub as an Authenticator

Avatar for Shimpei Otsubo Shimpei Otsubo
June 12, 2018
Technology
3
670

GitHub as an Authenticator

Avatar for Shimpei Otsubo

Shimpei Otsubo

June 12, 2018
Tweet

More Decks by Shimpei Otsubo

See All by Shimpei Otsubo
Copy Kubernetes Clusters Really Fast
Avatar for Shimpei Otsubo potsbo
3
4.3k
Go と Wantedly の関係 / How Wantedly uses Go
Avatar for Shimpei Otsubo potsbo
1
830
Deploy Flow at Wantedly
Avatar for Shimpei Otsubo potsbo
2
910
Wrap every method with just one line
Avatar for Shimpei Otsubo potsbo
1
4.6k
Zero yen Keyboard
Avatar for Shimpei Otsubo potsbo
6
3.2k
Kube - The core tool at Wantedly
Avatar for Shimpei Otsubo potsbo
1
7.6k
k8s - Kubernetes 8 Factors
Avatar for Shimpei Otsubo potsbo
12
11k
コンテンツ作成に集中するためのプレゼンテーション Tips / Presentation with Confidence
Avatar for Shimpei Otsubo potsbo
7
40k
ConfigMap vs Secret #k8sjp
Avatar for Shimpei Otsubo potsbo
1
1.3k

Other Decks in Technology

See All in Technology
組織とセキュリティ文化と、自分の一歩
Avatar for mai miya maimyyym
3
1.4k
やさしい認証認可
Avatar for みのるん minorun365
PRO
27
11k
Information Architecture Recommoning: How Standardization Enables Differentiation
Avatar for Andrea Gioia angioia
0
170
FASTと向き合うことで見えた、大規模アジャイルの難しさと楽しさ
Avatar for Kyosuke Awata wooootack
0
320
セキュリティSaaS企業が実践するCursor運用ルールと知見 / How a Security SaaS Company Runs Cursor: Rules & Insights
Avatar for tetsuzawa tetsuzawa
1
3.2k
これならできる!Kotlin・Spring・DDDを活用したAll in oneのマイクロサービス開発術
Avatar for 株式会社出前館 demaecan
0
140
20250612_GitHubを使いこなすためにソニーの開発現場が取り組んでいるプラクティス.pdf
Avatar for Yasuhiro Osaki osakiy8
1
340
実践Kafka Streams 〜イベント駆動型アーキテクチャを添えて〜
Avatar for Tomohiro Hashidate joker1007
3
840
AIエージェントのフレームワークを見るときの個人的注目ポイント
Avatar for os1ma os1ma
1
400
Data Hubグループ 紹介資料
Avatar for Sansan, Inc. sansan33
PRO
0
1.8k
Monorepo Error Management: Automated Runbooks and Team-Targeted Alert Distribution
Avatar for Shota Iwami biwashi
1
130
Introduction to Sansan for Engineers / エンジニア向け会社紹介
Avatar for Sansan, Inc. sansan33
PRO
5
38k

Featured

See All Featured
How to Ace a Technical Interview
Avatar for Jacob Kaplan-Moss jacobian
276
23k
Code Review Best Practice
Avatar for Trisha Gee trishagee
68
18k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
Avatar for panda_program panda_program
106
19k
Building a Scalable Design System with Sketch
Avatar for Laura Van Doore lauravandoore
462
33k
Docker and Python
Avatar for Tania Allard trallard
44
3.4k
Designing for humans not robots
Avatar for Tammie Lister tammielis
253
25k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
Avatar for Eileen M. Uchitelle eileencodes
26
2.8k
Typedesign – Prime Four
Avatar for Hannes Fritz hannesfritz
42
2.7k
No one is an island. Learnings from fostering a developers community.
Avatar for Antonio thoeni
21
3.3k
Fashionably flexible responsive web design (full day workshop)
Avatar for Andy Clarke malarkey
407
66k
The Straight Up "How To Draw Better" Workshop
Avatar for Dennis Kardys denniskardys
233
140k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
Avatar for Sam Stephenson sstephenson
161
15k

Transcript

  1. ©2018 Wantedly, Inc. GitHub as an Authenticator શ෦ GitHub Ͱ؅ཧͯ͠ΈΔ

    GitHub Satellite Tokyo LT 12.Jun.2018 - Shimpei Otsubo - @potsbo

  2. ©2018 Wantedly, Inc. ࣾһ໊฽Ͳ͏ͯ͠·͔͢ʁ ݖݶ؅ཧͲ͏ͯ͠·͔͢ʁ ৘ใڞ༗Ͳ͏ͯ͠·͔͢ʁ

  3. ©2018 Wantedly, Inc. શ෦GitHub ࣾһ໊฽Ͳ͏ͯ͠·͔͢ʁ ݖݶ؅ཧͲ͏ͯ͠·͔͢ʁ ৘ใڞ༗Ͳ͏ͯ͠·͔͢ʁ

  4. ©2018 Wantedly, Inc. GitHub ๏຿ ࣾ಺͸ͳΜͰ΋(JU)VC (JU)VCΛ࢖ͬͯ๏຿ίϛϡχέʔγϣϯͷεϐʔυΛഒʹͨ͠࿩ ৘ใڞ༗͜͏ͯ͠·͢ IUUQTXXXXBOUFEMZDPNDPNQBOJFTXBOUFEMZQPTU@BSUJDMFT ʮJTTVFͭͬͨ͘ʁʯ

    ίʔυϨϏϡʔه࿥ٞ࿦ேձ໨ඪ݁Ռʜ ࣾ಺શһ(JU)VC ೖࣾϑϩʔ͸(JU)VCΞΧ΢ϯτͷ࡞੒͔Β

  5. ©2018 Wantedly, Inc. ૊৫্ͷνʔϜͱ(JU)VCͷνʔϜ͕ରԠ infrastructure full-time-employee visit people short-term-intern long-term-intern

    engineers ଐੑ΋؅ཧ ૊৫ߏ੒ ruby … … ࣾһ໊฽͜͏ͯ͠·͢

  6. ©2018 Wantedly, Inc. (JU)VC5FBNΛϕʔεʹೝՄ )3ͷϑϩʔʹ৐Δ͚ͩͰྑ͍ ݖݶͷ֎͠๨Ε͕ͳ͍ e.g. full-time-employee => ok

    org ͔Β֎ͤ͹ࣗಈతʹશݖݶΛ revoke Ͱ͖Δ HR ͷೖୀࣾϑϩʔͰେମok ݖݶ؅ཧ͜͏ͯ͠·͢

  7. ©2018 Wantedly, Inc. ssh Results K public key ಛఆͷνʔϜͷਓ͚ͩTTIΛڐՄ͍ͨ͠ kenmon

    ssh Production Results K enmon ݕ໰ ಛఆteam ʹೖ͍ͬͯΔͱ production access ΁ͷ ssh ΛڐՄ SSH Proxy with GitHub Private Keys by wantedly

  8. ©2018 Wantedly, Inc.  એݴ͞Εͨ6TFSOBNFͷެ։伴ͰϩάΠϯ  ಛఆͷ5FBNॴଐ͔Λ͔֬ΊΔ  ໨తͷ4FSWFS΁ͷ44)ΛڐՄ ಛఆͷνʔϜͷਓ͚ͩTTIΛڐՄ͍ͨ͠

    ssh Results K public key kenmon ssh Production Results

  9. ©2018 Wantedly, Inc. Team ͝ͱʹҟͳΔk8sͷૢ࡞ΛڐՄ͍ͨ͠ G Token Token Teams Groups

    RBAC!! genmon TokenReview G enmon ݳ໳ ֤ team ʹରͯ͠ ద੾ͳݖݶΛ෇༩ by wantedly Webhook token authenticator for Kubernetes Results Token

  10. ©2018 Wantedly, Inc.  %BFNPO4FUͰ֤NBTUFSʹHFONPO͕ଘࡏ  8FCIPPL"VUIFOUJDBUJPOͰHFONPO΁  5FBN(SPVQͱͯ͠ѻ͍3#"$ https://github.com/appscode/guard

    https://github.com/oursky/kubernetes-github-authn ࢀߟ࣮૷ https://kubernetes.io/docs/admin/authentication/#webhook-token-authentication Role Based Access Control Team ͝ͱʹҟͳΔk8sͷૢ࡞ΛڐՄ͍ͨ͠ G Token Token Teams Groups RBAC!! genmon TokenReview Results Token

  11. ©2018 Wantedly, Inc. K enmon ݕ໰ ಛఆteam ʹೖ͍ͬͯΔͱ production access

    ΁ͷ ssh ΛڐՄ G enmon ݳ໳ ֤ team ʹରͯ͠ ద੾ͳݖݶΛ෇༩ by wantedly SSH Proxy with GitHub Private Keys Webhook token authenticator for Kubernetes by wantedly

  12. ©2018 Wantedly, Inc. ࣾ಺શһGitHubʹೖΕͪΌ͓͏ GitHubΛೝূαʔϏεͱͯ͠࢖͓͏ ૊৫ߏ଄ͱTeamߏ଄Λ߹ΘͤΑ͏ Summary