{"id":21944725,"url":"https://github.com/browserstack/enigma","last_synced_at":"2025-04-09T12:08:32.032Z","repository":{"id":168950374,"uuid":"580071922","full_name":"browserstack/enigma","owner":"browserstack","description":"Access management tool","archived":false,"fork":false,"pushed_at":"2025-03-06T23:04:41.000Z","size":11595,"stargazers_count":55,"open_issues_count":18,"forks_count":12,"subscribers_count":12,"default_branch":"main","last_synced_at":"2025-04-02T11:03:06.985Z","etag":null,"topics":["access-control","access-management","access-management-system","compliance","identity-management","security","user-management"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/browserstack.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.md","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-12-19T16:42:29.000Z","updated_at":"2025-01-11T12:46:58.000Z","dependencies_parsed_at":"2023-12-20T07:56:23.951Z","dependency_job_id":"3f7de987-4024-4f7d-b995-d4c07965357e","html_url":"https://github.com/browserstack/enigma","commit_stats":null,"previous_names":["browserstack/enigma"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserstack%2Fenigma","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserstack%2Fenigma/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserstack%2Fenigma/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserstack%2Fenigma/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/browserstack","download_url":"https://codeload.github.com/browserstack/enigma/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248036067,"owners_count":21037092,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["access-control","access-management","access-management-system","compliance","identity-management","security","user-management"],"created_at":"2024-11-29T04:16:57.221Z","updated_at":"2025-04-09T12:08:32.006Z","avatar_url":"https://github.com/browserstack.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Enigma Access Management\n\n![BrowserStack Logo](https://d98b8t1nnulk5.cloudfront.net/production/images/layout/logo-header.png?1469004780)\n\n\n\n[![Unit Tests and Lint](https://github.com/browserstack/enigma/actions/workflows/unit-tests.yml/badge.svg)](https://github.com/browserstack/enigma/actions/workflows/unit-tests.yml)\n[![Security Scan](https://github.com/browserstack/enigma/actions/workflows/semgrep.yml/badge.svg)](https://github.com/browserstack/enigma/actions/workflows/semgrep.yml)\n\n\nManage access to tools through a single portal.\n\n## What is Enigma?\n\nEnigma is a web-based internal Access Management Tool that:\n* helps employees get access to various in-house and third-party systems and components like git repositories, cloud machines (via ssh), and dashboards.\n* facilitates book-keeping.\n* helps with compliance.\n* manages the inventory of all the tools in one place.\n\n\nThis tool consists of 2 different components: a central web server and pluggable access modules.\n\nThis repo is the code-base for the central webserver.\nRefer to [this](https://github.com/browserstack/enigma-access-modules) for published access modules with this tool.\n\nRefer to [this doc](/docs/%E2%80%9CHow-to%E2%80%9D%20guides/Adding%20Modules.md) on how to create custom access modules\n\n### Problems Solved\n\nEnigma access management tool was developed internally at BrowserStack to solve some of the problems we observed around access management for employees\n\n* No single portal for an individual to view their access across tools\n* No single portal to manage access for employees across vendors\n* No central audit trail across tools for access granted and revoked for employees\n* Repetitive Ops for DevOps teams and tool owners for access grant and revoke requests\n* No standardized SOC2-compliant and GDPR-compliant method for managing individual and admin access for external tools\n* No simple consolidated pipeline to trigger offboarding an exit-ing employee to revoke all employee access across tools\n* No way for an individual to maintain separate identity per tool\n  * Individuals might have multiple accounts for a single tool, there can be multiple org-wide domains for certain tools\n* No way to request, audit and track employee access outside of org-team hierarchy. Adhoc teams / groups support is needed.\n  * employees might migrate across teams, sometimes access are needed for temporary projects which are not required for the whole team\n* No way of listing a bunch of access to grant to employees working on a project\n  * In case an individual is added to a project, access request for all relavant tools should be raised with a single click (based on knowledge-base build on other individuals working on the project)\n\n## Usage\n\nThe following steps are for hosting Enigma locally from published docker container images.\n\nFor development setup, follow these docs:\n[Setup using docker](/docs/“How-to”%20guides/User%20Guides/Local%20Developer%20Setup/Local%20Setup%20with%20Docker.md),\n[Setup without docker](/docs/“How-to”%20guides/User%20Guides/Local%20Developer%20Setup/Local%20Setup%20without%20Docker.md)\n\n#### Pre-requisites\n\nYou will need to have docker daemon running locally to run the published containers.\nIf you don't have docker setup, follow the guidelines [here](https://docs.docker.com/get-docker/)\n\n#### Steps\n\n1. Ensure you have a valid `config.json` present locally.\n\nThe default [config.json.sample](https://github.com/browserstack/enigma/blob/main/config.json.sample) should be sufficient to start.\n\nYou can then add module-specific configuration for the modules you want to be integrated with Enigma.\nFor detailed instructions on configuration, follow [this doc](/docs/Configuration%20Guide.md)\n\n2. Run the Enigma docker container by mounting the downloaded config to the container\n\n```bash\ndocker run --rm --name enigma -p 8000:8000 -v \"$(pwd)/config.json\":/srv/code/dev/config.json browserstack/enigma:v1\n```\n\nEnsure that the 8000 port is free to use, and ensure that path to config.json is correct.\n\nThat's it! Enigma should be running locally on port 8000\n\n\nFor first time user sign-in, follow [this doc](/docs/%E2%80%9CHow-to%E2%80%9D%20guides/User%20Guides/First%20User%20Setup.md)\n\n\n## Contributing to this tool\n\n- The codebase is tested for Python 3.11.0\n- Setup pre-commit hooks for development (see rules [below](#rules-enforced-by-the-pre-commit-hooks))\n  - run: `npm install @commitlint/cli @commitlint/config-conventional`\n  - run: `pip install pre-commit==3.8.0`\n  - run: `pre-commit install --install-hooks --overwrite` in the base directory of this project\n  - run: `pre-commit autoupdate`\n  - run: `pre-commit run --all-files --show-diff-on-failure --color always`\n\n#### Commit Message Guideline\n\nFormat: `\u003ctype\u003e(\u003cscope\u003e): \u003csubject\u003e`\n\n`\u003cscope\u003e` is optional\n\n`Type` can be of the following type:\n\n- `feat`: new feature for the user, not a new feature for build script\n- `fix`: bug fix for the user, not a fix to a build script\n- `docs`: changes to the documentation\n- `style`: formatting, missing semi-colons, etc; no production code change\n- `refactor`: refactoring production code, eg. renaming a variable\n- `test`: adding missing tests, refactoring tests; no production code change\n- `chore`: updating grunt tasks etc; no production code change\n- `bump`: increase the version of something e.g. dependency\n- `build`: changes that affect the build system or external dependencies\n- `ci`: changes to our CI configuration files and scripts\n- `perf`: a code change that improves performance\n- `revert`: revert to a commit\n\n#### Example\n\n```\nfeat: add hat wobble\n^--^  ^------------^\n|     |\n|     +-\u003e Summary in the present tense.\n|\n+-------\u003e Type: Feature addition\n\nfix: fixes #xxx\n^--^  ^------------^\n|     |\n|     +-\u003e Reference to the GitHub issue.\n|\n+-------\u003e Type: Bug fix\n```\n\nReferences:\n- https://www.conventionalcommits.org/en/v1.0.0/\n- https://gist.github.com/joshbuchea/6f47e86d2510bce28f8e7f42ae84c716#file-semantic-commit-messages-md\n- https://www.conventionalcommits.org/\n- https://seesparkbox.com/foundry/semantic_commit_messages\n- http://karma-runner.github.io/1.0/dev/git-commit-msg.html\n\n\n##  License\nSee [LICENSE.md](/LICENSE.md)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrowserstack%2Fenigma","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbrowserstack%2Fenigma","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrowserstack%2Fenigma/lists"}