• Stars
    star
    409
  • Rank 105,709 (Top 3 %)
  • Language
    Ruby
  • License
    MIT License
  • Created over 2 years ago
  • Updated 6 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

The Ruby Gem that Powers Entitlements - GitHub's Identity and Access Management System

entitlements-app

acceptance test lint coverage style

entitlements-app is a Ruby gem which provides git-managed LDAP group configuration and access provisioning to your declared resources. It powers Entitlements, GitHub's internal Identity and Access Management (IAM) system. Entitlements is a pluggable system designed to alleviate IAM pain points.

Quick Start

See getting started for quick start, and entitlements-config for example configuration.

Inputs

Entitlements currently supports a single input option of configuration files in the form of .txt, .rb and .yaml.

Git-managed config

Entitlements receives input from configuration files. By using git to back the config files, every file has a complete and visible audit trail.

See configuration for a complete guide on entitlements configuration.

Populating config from a source of truth

Entitlements requires an initial Org Chart configuration to define all of the valid users available to the system.

See orgchart for a complete guide to configuring your org chart data.

Configuration

Metadata

Entitlements allows for metadata tags which can be used to indicate attributes of the entitlements config other than membership. These metadata tags can be used to build additional automation on top of the Entitlements system.

For examples of ways to leverage metadata tags, see metadata

Expirations

Entitlements allows for expirations at the file level and the user/group level.

See expirations for more on expirations.

Filters

Entitlements supports a concept of filters. This allows you to group employees defined in your org chart by classifications, and require explicit access definitions for those employee classifications.

For examples on filters, see filters

Example

There is an example configuration repo here

Outputs

LDAP

Out of the box, Entitlements will output your sets to LDAP.

See the OpenLDAP documentation for more on LDAP.

Plugins

Entitlements is a pluggable system. Plugins can be built for additional inputs and outputs.

For more on building plugins, see plugins

Contributing

Please see CONTRIBUTING for details.

Security

We take security very seriously. Please see SECURITY for details on how to proceed if you find a security issue.

More Repositories

1

gitignore

A collection of useful .gitignore templates
160,684
star
2

copilot-docs

Documentation for GitHub Copilot
23,229
star
3

docs

The open-source repo for docs.github.com
JavaScript
14,053
star
4

opensource.guide

๐Ÿ“š Community guides for open source creators
HTML
12,947
star
5

gh-ost

GitHub's Online Schema-migration Tool for MySQL
Go
11,302
star
6

linguist

Language Savant. If your repository's language is being reported incorrectly, send us a pull request!
Ruby
10,684
star
7

semantic

Parsing, analyzing, and comparing source code across many languages
Haskell
8,865
star
8

copilot.vim

Neovim plugin for GitHub Copilot
Vim Script
8,286
star
9

codeql

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
CodeQL
7,579
star
10

roadmap

GitHub public roadmap
7,393
star
11

scientist

๐Ÿ”ฌ A Ruby library for carefully refactoring critical paths.
Ruby
7,389
star
12

personal-website

Code that'll help you kickstart a personal website that showcases your work as a software developer.
HTML
7,243
star
13

markup

Determines which markup library to use to render a content file (e.g. README) on GitHub
Ruby
5,678
star
14

dmca

Repository with text of DMCA takedown notices as received. GitHub does not endorse or adopt any assertion contained in the following notices. Users identified in the notices are presumed innocent until proven guilty. Additional information about our DMCA policy can be found at
DIGITAL Command Language
5,457
star
15

swift-style-guide

**Archived** Style guide & coding conventions for Swift projects
4,770
star
16

gemoji

Emoji images and names.
Ruby
4,280
star
17

training-kit

Open source courseware for Git and GitHub
HTML
4,247
star
18

explore

Community-curated topic and collection pages on GitHub
Ruby
3,840
star
19

mona-sans

Mona Sans, a variable font from GitHub
3,680
star
20

hubot-scripts

DEPRECATED, see https://github.com/github/hubot-scripts/issues/1113 for details - optional scripts for hubot, opt in via hubot-scripts.json
CoffeeScript
3,538
star
21

choosealicense.com

A site to provide non-judgmental guidance on choosing a license for your open source project
Ruby
3,379
star
22

git-sizer

Compute various size metrics for a Git repository, flagging those that might cause problems
Go
3,160
star
23

secure_headers

Manages application of security headers with many safe defaults
Ruby
3,104
star
24

gov-takedowns

Text of government takedown notices as received. GitHub does not endorse or adopt any assertion contained in the following notices.
3,088
star
25

archive-program

The GitHub Archive Program & Arctic Code Vault
3,000
star
26

scripts-to-rule-them-all

Set of boilerplate scripts describing the normalized script pattern that GitHub uses in its projects.
Shell
2,859
star
27

hotkey

Trigger an action on an element with a keyboard shortcut.
JavaScript
2,851
star
28

relative-time-element

Web component extensions to the standard <time> element.
JavaScript
2,799
star
29

janky

Continuous integration server built on top of Jenkins and Hubot
Ruby
2,759
star
30

github-elements

GitHub's Web Component collection.
JavaScript
2,523
star
31

renaming

Guidance for changing the default branch name for GitHub repositories
2,408
star
32

view_component

A framework for building reusable, testable & encapsulated view components in Ruby on Rails.
Ruby
2,370
star
33

VisualStudio

GitHub Extension for Visual Studio
C#
2,365
star
34

glb-director

GitHub Load Balancer Director and supporting tooling.
C
2,255
star
35

SoftU2F

Software U2F authenticator for macOS
Swift
2,201
star
36

accessibilityjs

Client side accessibility error scanner.
JavaScript
2,180
star
37

CodeSearchNet

Datasets, tools, and benchmarks for representation learning of code.
Jupyter Notebook
2,155
star
38

balanced-employee-ip-agreement

GitHub's employee intellectual property agreement, open sourced and reusable
2,126
star
39

github-services

Legacy GitHub Services Integration
Ruby
1,902
star
40

platform-samples

A public place for all platform sample projects.
Shell
1,885
star
41

hubot-sans

Hubot Sans, a variable font from GitHub
Shell
1,832
star
42

pages-gem

A simple Ruby Gem to bootstrap dependencies for setting up and maintaining a local Jekyll environment in sync with GitHub Pages
Ruby
1,782
star
43

india

GitHub resources and information for the developer community in India
Ruby
1,769
star
44

haikus-for-codespaces

EJS
1,753
star
45

site-policy

Collaborative development on GitHub's site policies, procedures, and guidelines
1,743
star
46

government.github.com

Gather, curate, and feature stories of public servants and civic hackers using GitHub as part of their open government innovations
HTML
1,727
star
47

advisory-database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
1,711
star
48

objective-c-style-guide

**Archived** Style guide & coding conventions for Objective-C projects
1,682
star
49

covid19-dashboard

A site that displays up to date COVID-19 stats, powered by fastpages.
Jupyter Notebook
1,644
star
50

lightcrawler

Crawl a website and run it through Google lighthouse
JavaScript
1,471
star
51

rest-api-description

An OpenAPI description for GitHub's REST API
1,372
star
52

feedback

Public feedback discussions for: GitHub for Mobile, GitHub Discussions, GitHub Codespaces, GitHub Sponsors, GitHub Issues and more!
1,359
star
53

developer.github.com

GitHub Developer site
Ruby
1,314
star
54

backup-utils

GitHub Enterprise Backup Utilities
1,190
star
55

brubeck

A Statsd-compatible metrics aggregator
C
1,185
star
56

dev

Press the . key on any repo
1,184
star
57

catalyst

Catalyst is a set of patterns and techniques for developing components within a complex application.
TypeScript
1,183
star
58

codeql-action

Actions for running CodeQL analysis
TypeScript
1,152
star
59

securitylab

Resources related to GitHub Security Lab
C
1,150
star
60

opensourcefriday

๐Ÿšฒ Contribute to the open source community every Friday
HTML
1,143
star
61

graphql-client

A Ruby library for declaring, composing and executing GraphQL queries
Ruby
1,139
star
62

Rebel

Cocoa framework for improving AppKit
Objective-C
1,127
star
63

gh-actions-importer

GitHub Actions Importer helps you plan and automate the migration of Azure DevOps, Bamboo, Bitbucket, CircleCI, GitLab, Jenkins, and Travis CI pipelines to GitHub Actions.
C#
982
star
64

licensed

A Ruby gem to cache and verify the licenses of dependencies
Ruby
942
star
65

.github

Community health files for the @GitHub organization
869
star
66

swordfish

EXPERIMENTAL password management app. Don't use this.
Ruby
740
star
67

details-dialog-element

A modal dialog that's opened with <details>.
JavaScript
739
star
68

stack-graphs

Rust implementation of stack graphs
Rust
725
star
69

codeql-cli-binaries

Binaries for the CodeQL CLI
725
star
70

github-ds

A collection of Ruby libraries for working with SQL on top of ActiveRecord's connection
Ruby
667
star
71

email_reply_parser

Small library to parse plain text email content
Ruby
658
star
72

vulcanizer

GitHub's ops focused Elasticsearch library
Go
657
star
73

github-ospo

Helping open source program offices get started
641
star
74

webauthn-json

๐Ÿ” A small WebAuthn API wrapper that translates to/from pure JSON using base64url.
TypeScript
638
star
75

gh-copilot

Ask for assistance right in your terminal.
637
star
76

rubocop-github

Code style checking for GitHub's Ruby projects
Ruby
616
star
77

safe-settings

JavaScript
606
star
78

codespaces-jupyter

Explore machine learning and data science with Codespaces
Jupyter Notebook
591
star
79

dat-science

Replaced by https://github.com/github/scientist
Ruby
582
star
80

maven-plugins

Official GitHub Maven Plugins
Java
581
star
81

details-menu-element

A menu opened with <details>.
JavaScript
554
star
82

trilogy

Trilogy is a client library for MySQL-compatible database servers, designed for performance, flexibility, and ease of embedding.
C
543
star
83

freno

freno: cooperative, highly available throttler service
Go
534
star
84

smimesign

An S/MIME signing utility for use with Git
Go
519
star
85

brasil

Recursos e informaรงรตes do GitHub para a comunidade de desenvolvedores no Brasil.
Ruby
515
star
86

gh-valet

Valet helps facilitate the migration of Azure DevOps, CircleCI, GitLab CI, Jenkins, and Travis CI pipelines to GitHub Actions.
C#
511
star
87

include-fragment-element

A client-side includes tag.
JavaScript
508
star
88

covid-19-repo-data

Data archive of identifiable COVID-19 related public projects on GitHub
505
star
89

vscode-github-actions

GitHub Actions extension for VS Code
TypeScript
492
star
90

vscode-codeql-starter

Starter workspace to use with the CodeQL extension for Visual Studio Code.
CodeQL
477
star
91

how-engineering-communicates

A community version of the "common API" for how the GitHub Engineering organization communicates
474
star
92

Archimedes

Geometry functions for Cocoa and Cocoa Touch
Objective-C
466
star
93

codeql-go

The CodeQL extractor and libraries for Go.
465
star
94

open-source-survey

The Open Source Survey
431
star
95

synsanity

netfilter (iptables) target for high performance lockless SYN cookies for SYN flood mitigation
C
424
star
96

MVG

MVG = Minimum Viable Governance
379
star
97

issue-metrics

Gather metrics on issues/prs/discussions such as time to first response, count of issues opened, closed, etc.
Python
378
star
98

roskomnadzor

deprecated archive โ€” moved to https://github.com/github/gov-takedowns/tree/master/Russia
376
star
99

clipboard-copy-element

Copy element text content or input values to the clipboard.
JavaScript
374
star
100

codespaces-react

JavaScript
364
star