Move RBAC into st2 codebase

[arm4b]

EWC (previously StackStorm Enterprise) was opensourced with RBAC is now free & open.

Instead of having a dedicated RBAC package in this repository, move RBAC code to st2 codebase so rbac could be just easily enabled/disabled via st2.conf

[m4dcoder]

Since we can include the RBAC package in the base install now, how is this difficult to enable/disable?

[cognifloyd]

I can make a PR to combine this with StackStorm/st2, but I'm concerned about doing that with the LICENSE file and copyright files as is. I'm guessing that needs to be done by someone who works for ExtremeNetworks to make sure the licensing provenance is correct, right? Then, once that is done, I can help with moving the code over.

[arm4b]

@cognifloyd You are absolutely right. Created a dedicated issue https://github.com/StackStorm/st2-enterprise-rbac-backend/issues/33 to track that.

@m4dcoder we indeed need Extreme to change the License to Apache 2.0, remove EWC/product references and Extreme EULA for every open-sourced repository. Currently every repo contains proprietary license.

[m4dcoder]

@armab @cognifloyd My question hasn't been addressed yet? Why do we need to put the RBAC code back into st2 core? Why can't we just rename the project and package to st2-rbac-backend?

[cognifloyd]

Both methods would work (separate repo vs in core). I think the biggest reason to move out back to the core repo is so that it gets tested along with everything else as changes to core are made. For such a key thing I'd like to see RBAC very closely integrated in testing.

[arm4b]

@m4dcoder The RBAC was part of the st2 core before and its configuration is included in base st2.conf. It's not a LDAP module which is enabled like a plugin addition via st2 backend_kwargs.

Historically, we had some code in both st2 repos and outside of it because of the Enterprise reasons. Having those code references scattered across the repos makes less sense now as it's really st2 core feature.

[m4dcoder]

Either way works just as well. We already did the hard work to separate the feature out into a separate package. RBAC is an important feature but there are so many people using st2 core without it. It's not really core feature principally speaking. I don't see it anymore difficult for a user to include it in the install and enable/disable it. I just didn't see it necessary to unwind this again given the current flexibility as a separate package. That's just my opinion and I'll stop here.

[amanda11]

Discussed plans for 3.4.0 release with @m4dcoder. Understanding is that for the 3.4.0 release this would just stay as a separate package.

[arm4b]

Closing as RBAC was integrated into st2 core via https://github.com/StackStorm/st2/pull/5086