search

ContainerCraft / Kargo

KubeVirt Private Cloud Hypervisor
GNU General Public License v3.0
66 stars 7 forks source link

[RFE] Enhance with OpenUnison #6

Closed usrbinkat closed 3 months ago

usrbinkat commented 5 months ago

Problem

Kargo has no auth/access control integration. Add via Open Unison.

https://openunison.github.io/documentation/ouctl/

mlbiam commented 4 months ago

So from our conversations on twitter/in austin i'm thinking round 1 is we deploy with GitHub integration for auth? Now thqt you have cert-manager i'm thinking the easiest way to go is to:

  1. Generate (or trust) an internal CA with cert-manager
  2. deploy NGINX for Ingress
  3. If there's a load balancer, awesome. if not, what i'll do is deploy NGINX as a DaemonSet on a multi-node cluster and just add all of the nodes to DNS

That'll get cluster access working via the dashboard and CLI with auth via GitHub. Are there other UIs? I know ArgoCD is being integrated. Anything else? (ie graphana, prometheus, etc?)

usrbinkat commented 3 months ago

Thank you for the contribution @mlbiam