Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ENH] - Parse and load keycloak roles into conda-store #2433

Closed
aktech opened this issue Apr 30, 2024 · 2 comments · Fixed by #2531
Closed

[ENH] - Parse and load keycloak roles into conda-store #2433

aktech opened this issue Apr 30, 2024 · 2 comments · Fixed by #2531
Assignees
@aktech
Labels
area: integration/conda-store area: integration/keycloak type: enhancement 💅🏼 New feature or request
Milestone
Permission RBAC

Comments

@aktech
Copy link
Member

aktech commented Apr 30, 2024

Feature description

After the issue #2308 is implemented, we will have access to groups and roles from keycloak in JupyterHub. Next we need to parse the role attributes and load them into Conda-Store, so that they are in affect.

Consider the following keycloak role:

Role: write-access-conda-pycon-namespace-role

Key Value
resource conda-store
scopes write:conda-store!namespace=pycon

The scopes should be parsed and the equivalent should be added into conda-store such that when this role is attached to a user or group, they should have write access to pycon (for instance) namespace.

This feature is part implementation of RFD: nebari-dev/governance#47

Value and/or benefit

This will allow us to do fine-grained permissions on Conda-Store, which can be controlled from keycloak.

Anything else?

No response
@aktech aktech added the type: enhancement 💅🏼 New feature or request label Apr 30, 2024
@viniciusdc viniciusdc mentioned this issue May 3, 2024
Open
@viniciusdc
Copy link
Contributor

@aktech just to double check, now that the parent issue is solved, this can be worked on right?

@aktech
Copy link
Member Author

aktech commented May 21, 2024

Yes, correct. It is ready to be worked on.

@aktech aktech removed the status: blocked ⛔️ This item is on hold due to another task label May 26, 2024
@aktech aktech self-assigned this Jun 18, 2024
@aktech aktech mentioned this issue Jun 21, 2024
Merged
10 tasks
@aktech aktech added this to the Permission RBAC milestone Jun 21, 2024
@github-project-automation github-project-automation bot moved this from New 🚦 to Done 💪🏾 in 🪴 Nebari Project Management Jul 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aktech aktech

Labels
area: integration/conda-store area: integration/keycloak type: enhancement 💅🏼 New feature or request
Projects
🪴 Nebari Project Management
Archived in project
Milestone
Permission RBAC
Development

Successfully merging a pull request may close this issue.

Conda-store permissions v2 + load roles from keycloak nebari-dev/nebari
2 participants
@aktech @viniciusdc