Comments (4)
gagbo
commented on July 21, 2024
Hello,
As I mentioned in #29, I intend to use ktra in production for my projects, and I'd really like to make it so using a helm deployment (or a docker-compose one) is possible and easy. I also have a few ideas to implement for our specific use case, that could be useful for everyone (my first idea, beside the customizable login prefix, would be to add a /health endpoint returning the version and maybe some extra status information, for Kubernetes based deployment "healthProbe" and "readinessProbe").
I don't have a lot of experience either contributing to open source projects, if you want to make a background check you can browse my last collaborative open experiences in
- Neovim-qt but it's been a while
- Doom Emacs
- and probably more importantly whenever I try to communicate with people. Those are all quite recent examples
Regards,
Gerry
from ktra.
fMeow
commented on July 21, 2024
Hi,
I am willing to be a contributor.
I am planning to deploy a private registry for our company, but some features is lacking:
- authorize call to all api including crate download endpoint. There is a rust-lang/rfc#3139 for alternative registry authorization and the corresponding implementation rust-lang/cargo#10592 is in review stage.
- users of registry can only see/download crates that they are given access to. AFAIC, there is 2 ways to achive this goal:
- use sparse index as described in rust-lang/rfcs#2789. In this way, there is no a list of crates and users can only access crates that they know.
- implement a more complicated user management that allow to restrict download access. In this way, users can still see all crates but they can only download granted crates
I am thinking about integrating gitlab/github/... access control, that users can only access crates granted on gitlab/github/...
I am currently working on this and has already added sparse index support as in PR #49.
from ktra.
gagbo
commented on July 21, 2024
I'll try to finish my OpenID PR soon-ish, got absolutely swamped with work recently so I didn't take time to finish it, I'll try to find time this week-end. It will probably only support gitlab for now (I won't have time to look into github docs to see how non-compliant they are and the changes it implies), with an update of the book.
It won't help with the download management matter (I need to read that RFC to see what it implies), but it's probably a good first step.
from ktra.
fMeow
commented on July 21, 2024
@gagbo I have tried your openid and fired a PR doing some refactor. The openid feature works like a charm, nice works!
from ktra.
Related Issues (20)
- Delete versions / crates
- Add verbosity option to `ktra` command?
- Dependency listed incorrectly if it has aliased
- Error 404 when trying to publish without a token (should be 400) HOT 2
- git error: corrupted loose reference file: FETCH_HEAD when trying to mirror crates.io
- No push to remote repo HOT 2
- Renamed packages aren't usable HOT 2
- Downloading ktra's crates.io mirror may fail when tried from some Cargo versions
- Change error message for unauthorized push to show name or login
- Self contained docker stack
- Add auth feature to manage download crates HOT 4
- Add https for the server HOT 4
- [Maintenance] Publish 0.7.0 HOT 4
- Ktra panics when using Mongo db backend HOT 3
- Store crates on S3
- Ktra openid doesn't install via cargo HOT 2
- ktra 0.7.0 - Failed to build with "--no-default-features --features=secure-auth,db-mongo" and "--no-default-features --features=secure-auth,db-redis"
- feat: verdaccio equivalent
- cargo build fails HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ktra.