Upgrade to Pro — share decks privately, control downloads, hide ads and more …

GitHub as an Authenticator

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for Shimpei Otsubo Shimpei Otsubo
June 12, 2018
Technology
3
710

GitHub as an Authenticator

Avatar for Shimpei Otsubo

Shimpei Otsubo

June 12, 2018
Tweet

More Decks by Shimpei Otsubo

See All by Shimpei Otsubo
Copy Kubernetes Clusters Really Fast
Avatar for Shimpei Otsubo potsbo
3
5k
Go と Wantedly の関係 / How Wantedly uses Go
Avatar for Shimpei Otsubo potsbo
1
880
Deploy Flow at Wantedly
Avatar for Shimpei Otsubo potsbo
2
990
Wrap every method with just one line
Avatar for Shimpei Otsubo potsbo
1
5.4k
Zero yen Keyboard
Avatar for Shimpei Otsubo potsbo
6
3.3k
Kube - The core tool at Wantedly
Avatar for Shimpei Otsubo potsbo
1
8k
k8s - Kubernetes 8 Factors
Avatar for Shimpei Otsubo potsbo
12
11k
コンテンツ作成に集中するためのプレゼンテーション Tips / Presentation with Confidence
Avatar for Shimpei Otsubo potsbo
7
41k
ConfigMap vs Secret #k8sjp
Avatar for Shimpei Otsubo potsbo
1
1.4k

Other Decks in Technology

See All in Technology
Databricks Free Edition講座 データエンジニアリング編
Avatar for Takaaki Yayoi taka_aki
0
2.8k
エンジニアとして長く走るために気づいた2つのこと_大賀愛一郎
Avatar for oga_aiichiro nanaism
1
250
人はいかにして 確率的な挙動を 受け入れていくのか
Avatar for vaaaaanquish vaaaaanquish
4
2.5k
AI アクセラレータチップ AWS Trainium/Inferentia に 今こそ入門
Avatar for yoshimi0227 yoshimi0227
1
320
Vivre en Bitcoin : le tutoriel que votre banquier ne veut pas que vous voyiez
Avatar for Renaud Lifchitz rlifchitz
0
360
20260120 Amazon VPC のパブリックサブネットを無くしたい!
Avatar for Masaru Ogura masaruogura
2
160
AI Agent Standards and Protocols: a Walkthrough of MCP, A2A, and more...
Avatar for Guillaume Laforge glaforge
1
560
Zephyr RTOS の発表をOpen Source Summit Japan 2025で行った件
Avatar for misoji engineer iotengineer22
0
260
2026/01/16_実体験から学ぶ 2025年の失敗と対策_Progate Bar
Avatar for Teba_eleven teba_eleven
1
220
クラウドセキュリティの進化 — AWSの20年を振り返る
Avatar for kei4eva4 kei4eva4
0
160
Proxmoxで作る自宅クラウド入門
Avatar for koinunopochi koinunopochi
0
180
プロダクトエンジニアこそ必要なPMスキル 〜デリバリー力を最大化し、価値を届け続けるために〜
Avatar for LayerX layerx
PRO
0
130

Featured

See All Featured
Exploring the relationship between traditional SERPs and Gen AI search
Avatar for Ray Grieselhuber raygrieselhuber
PRO
2
3.6k
Reality Check: Gamification 10 Years Later
Avatar for Sebastian Deterding codingconduct
0
2k
Helping Users Find Their Own Way: Creating Modern Search Experiences
Avatar for Dan Newman danielanewman
31
3.1k
10 Git Anti Patterns You Should be Aware of
Avatar for Lemi Orhan Ergin lemiorhan
PRO
659
61k
The SEO Collaboration Effect
Avatar for Kristina Bergwall kristinabergwall1
0
340
Chasing Engaging Ingredients in Design
Avatar for Sebastian Deterding codingconduct
0
100
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
Avatar for Tech SEO Connect techseoconnect
PRO
0
72
Jess Joyce - The Pitfalls of Following Frameworks
Avatar for Tech SEO Connect techseoconnect
PRO
1
59
Let's Do A Bunch of Simple Stuff to Make Websites Faster
Avatar for Chris Coyier chriscoyier
508
140k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
Avatar for panda_program panda_program
122
21k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
Avatar for Marc Duiker marcduiker
35
2.3k
Rails Girls Zürich Keynote
Avatar for Gregor Martynus gr2m
96
14k

Transcript

  1. ©2018 Wantedly, Inc. GitHub as an Authenticator શ෦ GitHub Ͱ؅ཧͯ͠ΈΔ

    GitHub Satellite Tokyo LT 12.Jun.2018 - Shimpei Otsubo - @potsbo

  2. ©2018 Wantedly, Inc. ࣾһ໊฽Ͳ͏ͯ͠·͔͢ʁ ݖݶ؅ཧͲ͏ͯ͠·͔͢ʁ ৘ใڞ༗Ͳ͏ͯ͠·͔͢ʁ

  3. ©2018 Wantedly, Inc. શ෦GitHub ࣾһ໊฽Ͳ͏ͯ͠·͔͢ʁ ݖݶ؅ཧͲ͏ͯ͠·͔͢ʁ ৘ใڞ༗Ͳ͏ͯ͠·͔͢ʁ

  4. ©2018 Wantedly, Inc. GitHub ๏຿ ࣾ಺͸ͳΜͰ΋(JU)VC (JU)VCΛ࢖ͬͯ๏຿ίϛϡχέʔγϣϯͷεϐʔυΛഒʹͨ͠࿩ ৘ใڞ༗͜͏ͯ͠·͢ IUUQTXXXXBOUFEMZDPNDPNQBOJFTXBOUFEMZQPTU@BSUJDMFT ʮJTTVFͭͬͨ͘ʁʯ

    ίʔυϨϏϡʔه࿥ٞ࿦ேձ໨ඪ݁Ռʜ ࣾ಺શһ(JU)VC ೖࣾϑϩʔ͸(JU)VCΞΧ΢ϯτͷ࡞੒͔Β

  5. ©2018 Wantedly, Inc. ૊৫্ͷνʔϜͱ(JU)VCͷνʔϜ͕ରԠ infrastructure full-time-employee visit people short-term-intern long-term-intern

    engineers ଐੑ΋؅ཧ ૊৫ߏ੒ ruby … … ࣾһ໊฽͜͏ͯ͠·͢

  6. ©2018 Wantedly, Inc. (JU)VC5FBNΛϕʔεʹೝՄ )3ͷϑϩʔʹ৐Δ͚ͩͰྑ͍ ݖݶͷ֎͠๨Ε͕ͳ͍ e.g. full-time-employee => ok

    org ͔Β֎ͤ͹ࣗಈతʹશݖݶΛ revoke Ͱ͖Δ HR ͷೖୀࣾϑϩʔͰେମok ݖݶ؅ཧ͜͏ͯ͠·͢

  7. ©2018 Wantedly, Inc. ssh Results K public key ಛఆͷνʔϜͷਓ͚ͩTTIΛڐՄ͍ͨ͠ kenmon

    ssh Production Results K enmon ݕ໰ ಛఆteam ʹೖ͍ͬͯΔͱ production access ΁ͷ ssh ΛڐՄ SSH Proxy with GitHub Private Keys by wantedly

  8. ©2018 Wantedly, Inc.  એݴ͞Εͨ6TFSOBNFͷެ։伴ͰϩάΠϯ  ಛఆͷ5FBNॴଐ͔Λ͔֬ΊΔ  ໨తͷ4FSWFS΁ͷ44)ΛڐՄ ಛఆͷνʔϜͷਓ͚ͩTTIΛڐՄ͍ͨ͠

    ssh Results K public key kenmon ssh Production Results

  9. ©2018 Wantedly, Inc. Team ͝ͱʹҟͳΔk8sͷૢ࡞ΛڐՄ͍ͨ͠ G Token Token Teams Groups

    RBAC!! genmon TokenReview G enmon ݳ໳ ֤ team ʹରͯ͠ ద੾ͳݖݶΛ෇༩ by wantedly Webhook token authenticator for Kubernetes Results Token

  10. ©2018 Wantedly, Inc.  %BFNPO4FUͰ֤NBTUFSʹHFONPO͕ଘࡏ  8FCIPPL"VUIFOUJDBUJPOͰHFONPO΁  5FBN(SPVQͱͯ͠ѻ͍3#"$ https://github.com/appscode/guard

    https://github.com/oursky/kubernetes-github-authn ࢀߟ࣮૷ https://kubernetes.io/docs/admin/authentication/#webhook-token-authentication Role Based Access Control Team ͝ͱʹҟͳΔk8sͷૢ࡞ΛڐՄ͍ͨ͠ G Token Token Teams Groups RBAC!! genmon TokenReview Results Token

  11. ©2018 Wantedly, Inc. K enmon ݕ໰ ಛఆteam ʹೖ͍ͬͯΔͱ production access

    ΁ͷ ssh ΛڐՄ G enmon ݳ໳ ֤ team ʹରͯ͠ ద੾ͳݖݶΛ෇༩ by wantedly SSH Proxy with GitHub Private Keys Webhook token authenticator for Kubernetes by wantedly

  12. ©2018 Wantedly, Inc. ࣾ಺શһGitHubʹೖΕͪΌ͓͏ GitHubΛೝূαʔϏεͱͯ͠࢖͓͏ ૊৫ߏ଄ͱTeamߏ଄Λ߹ΘͤΑ͏ Summary