Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/numberly/gitlab2rbac

Kubernetes RBAC rules from GitLab roles
https://github.com/numberly/gitlab2rbac

gitlab kubernetes rbac

Last synced: about 2 months ago
JSON representation

Kubernetes RBAC rules from GitLab roles

Awesome Lists containing this project

README

        

# gitlab2rbac
`gitlab2rbac` synchronizes Kubernetes cluster user permissions with those defined in GitLab, ensuring consistent access controls across both platforms.

This tool takes [GitLab Permissions](https://docs.gitlab.com/ee/user/permissions.html) on a project level and generates corresponding [RBAC](https://kubernetes.io/docs/reference/access-authn-authz/rbac/) objects within Kubernetes.

![graph](graph.png)

## Installation
### Requirements
Before anything else, `gitlab2rbac` requires:

* [RBAC is enabled on your Kubernetes cluster](https://kubernetes.io/docs/reference/access-authn-authz/rbac/)
* [GitLab API v4 support is available](https://docs.gitlab.com/ee/api/rest/)

### Deploy with helm

```
helm install gitlab2rbac /path/to/chart/gitla2rbac --create-namespace gitlab2rbac --set data.GITLAB_URL=,data.GITLAB_PRIVATE_TOKEN=,data.KUBERNETES_LOAD_INCLUSTER_CONFIG=True
```

or

### Configuration
`gitlab2rbac` requires a namespace, cluster roles and cluster role bindings. You can create these by executing:

```sh
$ kubectl apply -f https://raw.githubusercontent.com/numberly/gitlab2rbac/master/deploy/configuration.yaml
```

Next, create a [ConfigMap](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/) containing the necessary configuration:

```sh
cat <