Skip to content
This repository has been archived by the owner on Aug 2, 2023. It is now read-only.

Create a security overview of the Console, CLI, and stack hubs #351

Open
alohr51 opened this issue Mar 16, 2020 · 4 comments
Open

Create a security overview of the Console, CLI, and stack hubs #351

alohr51 opened this issue Mar 16, 2020 · 4 comments
Assignees
@alohr51
Labels
documentation-id Improvements or additions to documentation

Comments

@alohr51
Copy link
Member

alohr51 commented Mar 16, 2020

  1. Draw up a diagram to show how the console and cli communicate. The path we want to show in the diagram is as follows

    • User -> SSO -> Console -> CLI -> configured stack hubs
      • User - start the diagram with en entry point (The user's browser)
      • SSO - Shows how SSO is connected to the Console via GitHub and the SSO flow
      • Console - Shows how the console uses the SSO token to get a jwt from the CLI and use the jwt for future requests to list stacks, sync, etc...
      • CLI Shows how the console communicates with it and how it uses the teams in the configured GitHub (in the CRD) to authenticate users. Also shows how it uses additional configuration of stack hubs (in the CRD) to get stack data from multiple GitHubs
      • Configured stack Hubs - shows relationship between stacks in GitHub and the CLI and how a change in the stack hub will be reflected when the CLI does a sync.

  2. Write about the relationship in words (describe the diagram)
@alohr51
Copy link
Member Author

alohr51 commented Mar 16, 2020

I'll take the first stab at the diagram

@alohr51 alohr51 self-assigned this Mar 16, 2020
@alohr51
Copy link
Member Author

alohr51 commented Mar 18, 2020
edited
Loading

Here is the first draft of trying to clarify what happens when a user views the Stacks page on the Console. This shows what the console & cli do to display the stacks on a user's browser.

console-cli-stacks-draft-diagram

@davco01a @tseelbach @stephenkinder any feedback would be cool. Once we get this hammered out I'll create a nicer one.

A few things that could be added:

  1. Need text that explains each step in detail
  2. an entry box (User's terminal) that uses the CLI instead of a browser, it would probably be inserted at number 6.
  3. More detail on the GitHub box (like teams and such), but this could also be explained the text instead of boxes.

@davco01a
Copy link
Contributor

davco01a commented Mar 20, 2020
edited
Loading

I have a number of comments and questions:

  1. The CLI service also reads from a stack hub index on Git ( or whatever URL is specified in the Kabanero CR)
  2. This is a nit, but after initial authentication, the JWT is flowed back on each functional endpoint call to the CLI service
  3. I believe, once you have a JWT you do not go out to GitHub yet again to verify the JWT, that information is maintained directly in the security component of the CLI service ...so step 7 may be unnecessary.

@alohr51
Copy link
Member Author

alohr51 commented Mar 24, 2020

@davco01a after our chat here is version 2

console-cli-stacks-draft-diagram-V2

@tseelbach tseelbach added the documentation-id Improvements or additions to documentation label Mar 30, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@alohr51 alohr51

Labels
documentation-id Improvements or additions to documentation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@alohr51 @tseelbach @davco01a