git-proxy
git-proxy copied to clipboard
finos
Deploy custom push protections and policies on top of Git
Implement graph widgets on the main dashboards *Daily Github pulls* 55% increase in Git pulls today. *Push Authorizations* 20% increase in git-pushes waiting authorization Push Rejections 5% rejection increase
For - Open number of Pull requests - Total Pull Requests (all time) - Rejected pushes - Sucsefull pushes Implement service to return stats Implement UI widgets to display stats
See https://github.com/hawkeyesec/scanner-cli Scanner-cli provides a wide range of features; as a proof of concept, it is required to: - [ ] Add the scanner-cli depdendency - [ ] configure scanner-cli...
__Take a local repo__ add a remote e.g. git remote add proxy http://localhost:3000/finos/datah.git Make a push through the proxy -- ok ```bash git push proxy ``` __remove the remote __...
**Synchronous Webhook** Many of the checks a corporation would want to take place in other products (VA scanners, Code Review Evidence etc) We, therefore, need a generic integration pattern -...
** Problem ** Corporations are going to want a "useful" high-level audit log into a datastore of their choosing. **Current Implementation** https://github.com/pGrovesy/githubproxy/blob/master/lib/processors/audit.js The code simply writes a json file to...
# Build out documentation website Either through markdown files or pydoc / similar there should be a set of documentation for a github-proxy version To start with we should document...
The proxy should be extended using plugins to implement automated checks. This should follow a 'plugin' architecture, where the modules are written outside of the core-product. e.g. ```code npm install...
AD authentication plugin should have the following configuration options 1. LDAP/AD information 2. Admin group (can do anything group) 3. authorizer-group (can authorize pushes) 4. write-group (can-push) 5. read-group (can...
The developers git client uses the target GIT servers authentication/authorization mechanism - and this is pass-through/transparent to the proxy. - We need to tie the developer making a 'push' or...