Lock in $30 Savings on PRO—Offer Ends Soon! ⏳

GitHub as an Authenticator

Avatar for Shimpei Otsubo Shimpei Otsubo
June 12, 2018
Technology
3
700

GitHub as an Authenticator

Avatar for Shimpei Otsubo

Shimpei Otsubo

June 12, 2018
Tweet

More Decks by Shimpei Otsubo

See All by Shimpei Otsubo
Copy Kubernetes Clusters Really Fast
Avatar for Shimpei Otsubo potsbo
3
5k
Go と Wantedly の関係 / How Wantedly uses Go
Avatar for Shimpei Otsubo potsbo
1
860
Deploy Flow at Wantedly
Avatar for Shimpei Otsubo potsbo
2
980
Wrap every method with just one line
Avatar for Shimpei Otsubo potsbo
1
5.3k
Zero yen Keyboard
Avatar for Shimpei Otsubo potsbo
6
3.2k
Kube - The core tool at Wantedly
Avatar for Shimpei Otsubo potsbo
1
7.9k
k8s - Kubernetes 8 Factors
Avatar for Shimpei Otsubo potsbo
12
11k
コンテンツ作成に集中するためのプレゼンテーション Tips / Presentation with Confidence
Avatar for Shimpei Otsubo potsbo
7
41k
ConfigMap vs Secret #k8sjp
Avatar for Shimpei Otsubo potsbo
1
1.4k

Other Decks in Technology

See All in Technology
評価駆動開発で不確実性を制御する - MLflow 3が支えるエージェント開発
Avatar for Databricks Japan databricksjapan
1
180
Gemini でコードレビュー知見を見える化
Avatar for ZOZO Developers zozotech
PRO
1
250
IAMユーザーゼロの運用は果たして可能なのか
Avatar for Yuuki Yamashita yama3133
1
260
Lessons from Migrating to OpenSearch: Shard Design, Log Ingestion, and UI Decisions
Avatar for SansanTech sansantech
PRO
1
130
[デモです] NotebookLM で作ったスライドの例
Avatar for Takaaki Tanaka kongmingstrap
0
140
手動から自動へ、そしてその先へ
Avatar for Sammy(MoritaMasami) moritamasami
0
300
年間40件以上の登壇を続けて見えた「本当の発信力」/ 20251213 Masaki Okuda
Avatar for SHIFT EVOLVE shift_evolve
PRO
1
130
CARTAのAI CoE が挑む「事業を進化させる AI エンジニアリング」 / carta ai coe evolution business ai engineering
Avatar for CARTA Engineering carta_engineering
0
1.4k
Snowflakeでデータ基盤を もう一度作り直すなら / rebuilding-data-platform-with-snowflake
Avatar for pei0804 pei0804
5
1.5k
AWS Trainium3 をちょっと身近に感じたい
Avatar for Yasutaka OHMURA bigmuramura
1
140
エンジニアとPMのドメイン知識の溝をなくす、 AIネイティブな開発プロセス
Avatar for Michiru Kato applism118
4
1.3k
WordPress は終わったのか ~今のWordPress の制作手法ってなにがあんねん?~ / Is WordPress Over? How We Build with WordPress Today
Avatar for tbshiki tbshiki
1
770

Featured

See All Featured
The Language of Interfaces
Avatar for Des Traynor destraynor
162
25k
Designing for humans not robots
Avatar for Tammie Lister tammielis
254
26k
Faster Mobile Websites
Avatar for Dean Hume deanohume
310
31k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
Avatar for Sam Stephenson sstephenson
162
16k
Site-Speed That Sticks
Avatar for Harry Roberts csswizardry
13
1k
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
698
190k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
10
730
RailsConf 2023
Avatar for Aaron Patterson tenderlove
30
1.3k
Making the Leap to Tech Lead
Avatar for Ryan Cromwell cromwellryan
135
9.7k
Fight the Zombie Pattern Library - RWD Summit 2016
Avatar for Marcelo Somers marcelosomers
234
17k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
Avatar for Morgane Peng morganepeng
132
19k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
Avatar for Marc Duiker marcduiker
35
2.3k

Transcript

  1. ©2018 Wantedly, Inc. GitHub as an Authenticator શ෦ GitHub Ͱ؅ཧͯ͠ΈΔ

    GitHub Satellite Tokyo LT 12.Jun.2018 - Shimpei Otsubo - @potsbo

  2. ©2018 Wantedly, Inc. ࣾһ໊฽Ͳ͏ͯ͠·͔͢ʁ ݖݶ؅ཧͲ͏ͯ͠·͔͢ʁ ৘ใڞ༗Ͳ͏ͯ͠·͔͢ʁ

  3. ©2018 Wantedly, Inc. શ෦GitHub ࣾһ໊฽Ͳ͏ͯ͠·͔͢ʁ ݖݶ؅ཧͲ͏ͯ͠·͔͢ʁ ৘ใڞ༗Ͳ͏ͯ͠·͔͢ʁ

  4. ©2018 Wantedly, Inc. GitHub ๏຿ ࣾ಺͸ͳΜͰ΋(JU)VC (JU)VCΛ࢖ͬͯ๏຿ίϛϡχέʔγϣϯͷεϐʔυΛഒʹͨ͠࿩ ৘ใڞ༗͜͏ͯ͠·͢ IUUQTXXXXBOUFEMZDPNDPNQBOJFTXBOUFEMZQPTU@BSUJDMFT ʮJTTVFͭͬͨ͘ʁʯ

    ίʔυϨϏϡʔه࿥ٞ࿦ேձ໨ඪ݁Ռʜ ࣾ಺શһ(JU)VC ೖࣾϑϩʔ͸(JU)VCΞΧ΢ϯτͷ࡞੒͔Β

  5. ©2018 Wantedly, Inc. ૊৫্ͷνʔϜͱ(JU)VCͷνʔϜ͕ରԠ infrastructure full-time-employee visit people short-term-intern long-term-intern

    engineers ଐੑ΋؅ཧ ૊৫ߏ੒ ruby … … ࣾһ໊฽͜͏ͯ͠·͢

  6. ©2018 Wantedly, Inc. (JU)VC5FBNΛϕʔεʹೝՄ )3ͷϑϩʔʹ৐Δ͚ͩͰྑ͍ ݖݶͷ֎͠๨Ε͕ͳ͍ e.g. full-time-employee => ok

    org ͔Β֎ͤ͹ࣗಈతʹશݖݶΛ revoke Ͱ͖Δ HR ͷೖୀࣾϑϩʔͰେମok ݖݶ؅ཧ͜͏ͯ͠·͢

  7. ©2018 Wantedly, Inc. ssh Results K public key ಛఆͷνʔϜͷਓ͚ͩTTIΛڐՄ͍ͨ͠ kenmon

    ssh Production Results K enmon ݕ໰ ಛఆteam ʹೖ͍ͬͯΔͱ production access ΁ͷ ssh ΛڐՄ SSH Proxy with GitHub Private Keys by wantedly

  8. ©2018 Wantedly, Inc.  એݴ͞Εͨ6TFSOBNFͷެ։伴ͰϩάΠϯ  ಛఆͷ5FBNॴଐ͔Λ͔֬ΊΔ  ໨తͷ4FSWFS΁ͷ44)ΛڐՄ ಛఆͷνʔϜͷਓ͚ͩTTIΛڐՄ͍ͨ͠

    ssh Results K public key kenmon ssh Production Results

  9. ©2018 Wantedly, Inc. Team ͝ͱʹҟͳΔk8sͷૢ࡞ΛڐՄ͍ͨ͠ G Token Token Teams Groups

    RBAC!! genmon TokenReview G enmon ݳ໳ ֤ team ʹରͯ͠ ద੾ͳݖݶΛ෇༩ by wantedly Webhook token authenticator for Kubernetes Results Token

  10. ©2018 Wantedly, Inc.  %BFNPO4FUͰ֤NBTUFSʹHFONPO͕ଘࡏ  8FCIPPL"VUIFOUJDBUJPOͰHFONPO΁  5FBN(SPVQͱͯ͠ѻ͍3#"$ https://github.com/appscode/guard

    https://github.com/oursky/kubernetes-github-authn ࢀߟ࣮૷ https://kubernetes.io/docs/admin/authentication/#webhook-token-authentication Role Based Access Control Team ͝ͱʹҟͳΔk8sͷૢ࡞ΛڐՄ͍ͨ͠ G Token Token Teams Groups RBAC!! genmon TokenReview Results Token

  11. ©2018 Wantedly, Inc. K enmon ݕ໰ ಛఆteam ʹೖ͍ͬͯΔͱ production access

    ΁ͷ ssh ΛڐՄ G enmon ݳ໳ ֤ team ʹରͯ͠ ద੾ͳݖݶΛ෇༩ by wantedly SSH Proxy with GitHub Private Keys Webhook token authenticator for Kubernetes by wantedly

  12. ©2018 Wantedly, Inc. ࣾ಺શһGitHubʹೖΕͪΌ͓͏ GitHubΛೝূαʔϏεͱͯ͠࢖͓͏ ૊৫ߏ଄ͱTeamߏ଄Λ߹ΘͤΑ͏ Summary