This is an automated email from the ASF dual-hosted git repository.
lahirujayathilake pushed a change to branch allocation-management
in repository https://gitbox.apache.org/repos/asf/airavata-custos.git
omit 56bdae43d Removed deprecated modules
add 590e1bb54 Removed deprecated modules
add 65bd0a2a2 initial signer service implementation
add d1e8bc5f4 maintain a denied list for the extensions in client config
and move the force-command to the certificate issuance
add 0457b2528 add SSH extension validation and resolution logic with tests
add 5ee5dfccb Add source of truth validation against LDAP and caching logic
add 857c280e4 Add defaultSubject support in dev mode configuration
add 76aa5b79b LDAP connection pooling
add a4500c229 migrate to openbao from hashicorp vault
add 746e148a9 Intial package reordering
add b8c515a00 Changed extension to plugins
add c97688d19 Allocation mapper placeholder
add 99b662e6b Changing plugins -> connectors
add 18c60fb93 Fix AMIE-Processor module path and regenerated proto stubs
add e9871bf8d Updated the readme to align with latest structure changes
This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version. This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:
* -- * -- B -- O -- O -- O (56bdae43d)
\
N -- N -- N refs/heads/allocation-management (e9871bf8d)
You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.
Any revisions marked "omit" are not gone; other references still
refer to them. Any revisions marked "discard" are gone forever.
No new revisions were added by this update.
Summary of changes:
README.md | 39 +-
allocations/domain/go.mod | 13 -
allocations/domain/go.sum | 70 -
allocations/go.work | 7 -
allocations/go.work.sum | 2609 ---
allocations/provisioner/go.mod | 3 -
.../ACCESS/AMIE-Processor}/Makefile | 4 +-
.../ACCESS/AMIE-Processor}/README.md | 0
.../ACCESS/AMIE-Processor}/amieclient/client.go | 2 +-
.../AMIE-Processor}/amieclient/client_test.go | 4 +-
.../ACCESS/AMIE-Processor}/config.yaml.example | 0
.../ACCESS/AMIE-Processor}/config/config.go | 0
.../ACCESS/AMIE-Processor}/db/db.go | 2 +-
.../ACCESS/AMIE-Processor}/db/embed.go | 0
.../ACCESS/AMIE-Processor}/db/errors.go | 0
.../ACCESS/AMIE-Processor}/db/migrate.go | 0
.../db/migrations/000001_initial_schema.down.sql | 0
.../db/migrations/000001_initial_schema.up.sql | 0
.../ACCESS/AMIE-Processor}/db/tx.go | 0
.../ACCESS/AMIE-Processor}/go.mod | 6 +-
.../ACCESS/AMIE-Processor}/go.sum | 0
.../AMIE-Processor}/handler/data_account_create.go | 2 +-
.../handler/data_account_create_test.go | 2 +-
.../AMIE-Processor}/handler/data_project_create.go | 2 +-
.../handler/data_project_create_test.go | 2 +-
.../ACCESS/AMIE-Processor}/handler/handler.go | 2 +-
.../handler/inform_transaction_complete.go | 2 +-
.../handler/inform_transaction_complete_test.go | 2 +-
.../ACCESS/AMIE-Processor}/handler/noop.go | 2 +-
.../ACCESS/AMIE-Processor}/handler/noop_test.go | 2 +-
.../handler/request_account_create.go | 11 +-
.../handler/request_account_create_test.go | 27 +-
.../handler/request_account_inactivate.go | 2 +-
.../handler/request_account_inactivate_test.go | 2 +-
.../handler/request_account_reactivate.go | 2 +-
.../handler/request_account_reactivate_test.go | 2 +-
.../handler/request_person_merge.go | 2 +-
.../handler/request_person_merge_test.go | 2 +-
.../handler/request_project_create.go | 11 +-
.../handler/request_project_create_test.go | 27 +-
.../handler/request_project_inactivate.go | 2 +-
.../handler/request_project_inactivate_test.go | 2 +-
.../handler/request_project_reactivate.go | 2 +-
.../handler/request_project_reactivate_test.go | 2 +-
.../AMIE-Processor}/handler/request_user_modify.go | 2 +-
.../handler/request_user_modify_test.go | 2 +-
.../ACCESS/AMIE-Processor}/handler/router.go | 2 +-
.../ACCESS/AMIE-Processor}/handler/router_test.go | 2 +-
.../AMIE-Processor}/handler/testutil_test.go | 0
.../ACCESS/AMIE-Processor}/main.go | 34 +-
.../ACCESS/AMIE-Processor}/metrics/metrics.go | 0
.../ACCESS/AMIE-Processor}/metrics/metrics_test.go | 2 +-
.../ACCESS/AMIE-Processor/mock-server}/README.md | 0
.../AMIE-Processor/mock-server}/amie-traffic.js | 0
.../mock-server}/mock-amie-server.py | 0
.../ACCESS/AMIE-Processor}/model/audit.go | 0
.../AMIE-Processor}/model/cluster_account.go | 0
.../ACCESS/AMIE-Processor}/model/error.go | 0
.../ACCESS/AMIE-Processor}/model/event.go | 0
.../ACCESS/AMIE-Processor}/model/membership.go | 0
.../ACCESS/AMIE-Processor}/model/packet.go | 0
.../ACCESS/AMIE-Processor}/model/person.go | 0
.../ACCESS/AMIE-Processor}/model/project.go | 0
.../AMIE-Processor}/proto/amie_packets.proto | 2 +-
.../AMIE-Processor}/proto/gen/amie_packets.pb.go | 2 +-
.../proto/gen/internal_events.pb.go | 2 +-
.../AMIE-Processor}/proto/internal_events.proto | 2 +-
.../ACCESS/AMIE-Processor}/server/server.go | 0
.../AMIE-Processor}/service/account_service.go | 4 +-
.../service/account_service_test.go | 2 +-
.../AMIE-Processor}/service/audit_service.go | 2 +-
.../AMIE-Processor}/service/audit_service_test.go | 2 +-
.../AMIE-Processor}/service/membership_service.go | 2 +-
.../service/membership_service_test.go | 2 +-
.../AMIE-Processor}/service/person_service.go | 2 +-
.../AMIE-Processor}/service/person_service_test.go | 2 +-
.../AMIE-Processor}/service/project_service.go | 2 +-
.../service/project_service_test.go | 2 +-
.../ACCESS/AMIE-Processor}/store/account_store.go | 2 +-
.../ACCESS/AMIE-Processor}/store/audit_store.go | 2 +-
.../ACCESS/AMIE-Processor}/store/error_store.go | 2 +-
.../ACCESS/AMIE-Processor}/store/event_store.go | 2 +-
.../AMIE-Processor}/store/membership_store.go | 2 +-
.../ACCESS/AMIE-Processor}/store/packet_store.go | 2 +-
.../AMIE-Processor}/store/person_dns_store.go | 2 +-
.../store/person_global_id_store.go | 2 +-
.../ACCESS/AMIE-Processor}/store/person_store.go | 2 +-
.../ACCESS/AMIE-Processor}/store/project_store.go | 2 +-
.../ACCESS/AMIE-Processor}/store/stores.go | 2 +-
.../data_account_create/incoming-data.json | 0
.../data_account_create/outgoing-inform.json | 0
.../data_project_create/incoming-data.json | 0
.../data_project_create/outgoing-inform.json | 0
.../incoming-inform.json | 0
.../request_account_create/incoming-request.json | 0
.../request_account_create/outgoing-notify.json | 0
.../incoming-request.json | 0
.../outgoing-notify.json | 0
.../incoming-request.json | 0
.../outgoing-notify.json | 0
.../request_person_merge/incoming-request.json | 0
.../request_person_merge/outgoing-inform.json | 0
.../request_project_create/incoming-request.json | 0
.../request_project_create/outgoing-notify.json | 0
.../incoming-request.json | 0
.../outgoing-notify.json | 0
.../incoming-request.json | 0
.../outgoing-notify.json | 0
.../incoming-request.json | 0
.../outgoing-inform.json | 0
.../incoming-request.json | 0
.../outgoing-inform.json | 0
.../ACCESS/AMIE-Processor}/worker/poller.go | 6 +-
.../ACCESS/AMIE-Processor}/worker/processor.go | 6 +-
.../AMIE-Processor}/worker/processor_test.go | 0
.../ACCESS/AMIE-Processor}/worker/proto_utils.go | 2 +-
.../AMIE-Processor}/worker/proto_utils_test.go | 2 +-
connectors/SLURM/Association-Mapper/README.md | 3 +
core/accountprovisioning/go.mod | 3 +
.../accountprovisioning}/noop.go | 4 +-
.../accountprovisioning}/provisioner.go | 2 +-
.../account-provisioning/README.md | 0
.../account-provisioning/enroll-node.yml | 0
.../account-provisioning/files/pam_oauth2_sshd.te | 0
.../group_vars/all.yml.example | 0
.../inventory/hosts.example.yml | 0
.../templates/99-pam-oauth2-device.conf.j2 | 0
.../templates/pam-oauth2-config.json.j2 | 0
.../account-provisioning/templates/sssd.conf.j2 | 0
.../account-provisioning/verify.yml | 0
{compose => dev-ops/compose}/dbinit/init-db.sh | 2 +
{compose => dev-ops/compose}/docker-compose.yml | 0
.../compose}/grafana/dashboards/amie-service.json | 0
.../grafana/provisioning/dashboards/dashboards.yml | 0
.../grafana/provisioning/datasources/mariadb.yml | 0
.../provisioning/datasources/prometheus.yml | 0
.../compose}/prometheus/prometheus.yml | 0
.../compose}/vault/config/vault-config.hcl | 0
{deployment => dev-ops}/terraform/aws/README.md | 0
{deployment => dev-ops}/terraform/aws/main.tf | 0
.../terraform/aws/modules/keycloak/main.tf | 0
.../terraform/aws/modules/keycloak/outputs.tf | 0
.../aws/modules/keycloak/resources/Dockerfile | 0
.../keycloak/resources/cache-ispn-jdbc-ping.xml | 0
.../keycloak/resources/docker-entrypoint.sh | 0
.../keycloak/templates/container_definition.json | 0
.../terraform/aws/modules/keycloak/variables.tf | 0
.../terraform/aws/modules/keycloak/versions.tf | 0
.../terraform/aws/modules/network/main.tf | 0
.../terraform/aws/modules/network/outputs.tf | 0
.../terraform/aws/modules/network/variables.tf | 0
.../terraform/aws/modules/network/versions.tf | 0
.../terraform/aws/modules/vault/README.md | 0
.../terraform/aws/modules/vault/main.tf | 0
.../aws/modules/vault/resources/openssl-vault.cnf | 0
.../vault/templates/install_vault_script.sh.tpl | 0
.../terraform/aws/modules/vault/variables.tf | 0
.../terraform/aws/modules/vault/versions.tf | 0
{deployment => dev-ops}/terraform/aws/outputs.tf | 0
.../terraform/aws/terraform.tfvars | 0
{deployment => dev-ops}/terraform/aws/variables.tf | 0
extensions/CILogon-SSH-PAM/HOWTO.md | 129 +
LICENSE => extensions/CILogon-SSH-PAM/LICENSE | 6 +-
extensions/CILogon-SSH-PAM/Makefile | 41 +
extensions/CILogon-SSH-PAM/README.md | 307 +
extensions/CILogon-SSH-PAM/config_template.json | 52 +
extensions/CILogon-SSH-PAM/packaging/.gitignore | 3 +
extensions/CILogon-SSH-PAM/packaging/README.md | 28 +
.../CILogon-SSH-PAM/packaging/deb/Dockerfile | 30 +
extensions/CILogon-SSH-PAM/packaging/deb/build.sh | 13 +
.../CILogon-SSH-PAM/packaging/deb/debian/changelog | 14 +
.../CILogon-SSH-PAM/packaging/deb/debian/compat | 1 +
.../CILogon-SSH-PAM/packaging/deb/debian/control | 19 +
.../CILogon-SSH-PAM/packaging/deb/debian/copyright | 50 +
.../CILogon-SSH-PAM/packaging/deb/debian/rules | 25 +
.../packaging/deb/debian/source/format | 1 +
.../CILogon-SSH-PAM/packaging/rpm/Dockerfile | 35 +
.../packaging/rpm/pamoauth2device.spec | 68 +
extensions/CILogon-SSH-PAM/src/include/config.cpp | 451 +
extensions/CILogon-SSH-PAM/src/include/config.hpp | 43 +
extensions/CILogon-SSH-PAM/src/include/ldapquery.c | 207 +
extensions/CILogon-SSH-PAM/src/include/ldapquery.h | 42 +
.../CILogon-SSH-PAM/src/include/metadata.cpp | 15 +
.../CILogon-SSH-PAM/src/include/metadata.hpp | 13 +
.../src/include/nayuki/BitBuffer.cpp | 41 +
.../src/include/nayuki/BitBuffer.hpp | 52 +
.../CILogon-SSH-PAM/src/include/nayuki/QrCode.cpp | 645 +
.../CILogon-SSH-PAM/src/include/nayuki/QrCode.hpp | 379 +
.../src/include/nayuki/QrSegment.cpp | 225 +
.../src/include/nayuki/QrSegment.hpp | 216 +
.../CILogon-SSH-PAM/src/include/nlohmann/json.hpp | 20587 +++++++++++++++++++
.../src/include/pam_oauth2_curl.cpp | 313 +
.../src/include/pam_oauth2_curl.hpp | 93 +
.../src/include/pam_oauth2_curl_impl.hpp | 69 +
.../src/include/pam_oauth2_excpt.hpp | 82 +
.../CILogon-SSH-PAM/src/include/pam_oauth2_log.cpp | 134 +
.../CILogon-SSH-PAM/src/include/pam_oauth2_log.hpp | 69 +
.../CILogon-SSH-PAM/src/pam_oauth2_device.cpp | 656 +
.../CILogon-SSH-PAM/src/pam_oauth2_device.hpp | 80 +
extensions/CILogon-SSH-PAM/test/Makefile | 64 +
extensions/CILogon-SSH-PAM/test/README.md | 5 +
extensions/CILogon-SSH-PAM/test/data/qr1.0.txt | 12 +
extensions/CILogon-SSH-PAM/test/data/qr1.1.txt | 12 +
extensions/CILogon-SSH-PAM/test/data/qr1.2.txt | 14 +
extensions/CILogon-SSH-PAM/test/data/qr2.0.txt | 34 +
extensions/CILogon-SSH-PAM/test/data/qr2.1.txt | 38 +
extensions/CILogon-SSH-PAM/test/data/qr2.2.txt | 50 +
.../CILogon-SSH-PAM/test/data/template_empty.json | 1 +
.../CILogon-SSH-PAM/test/data/template_noldap.json | 27 +
.../CILogon-SSH-PAM/test/data/template_wrong.json | 0
extensions/CILogon-SSH-PAM/test/mock_server.py | 94 +
extensions/CILogon-SSH-PAM/test/temp_file.cpp | 166 +
extensions/CILogon-SSH-PAM/test/temp_file.hpp | 43 +
extensions/CILogon-SSH-PAM/test/test_config.cpp | 49 +
.../test/test_pam_oauth2_device.cpp | 60 +
extensions/CILogon-SSH-PAM/test/unit.cpp | 266 +
.../CILogon-SSH-PAM/util/tls-debug/README.md | 32 +
.../CILogon-SSH-PAM/util/tls-debug/tls-debug.c | 159 +
extensions/SSH-Certificate-Signer/.gitignore | 5 +
extensions/SSH-Certificate-Signer/README.md | 276 +
.../SSH-Certificate-Signer/config.example.yaml | 62 +
extensions/SSH-Certificate-Signer/go.mod | 58 +
extensions/SSH-Certificate-Signer/go.sum | 200 +
.../internal/audit/logger.go | 151 +
.../internal/auth/client_auth.go | 99 +
.../internal/auth/client_auth_test.go | 81 +
.../internal/auth/oidc_validator.go | 302 +
.../internal/auth/oidc_validator_test.go | 457 +
.../internal/cert/extensions.go | 121 +
.../internal/cert/extensions_test.go | 188 +
.../internal/cert/rsa_ecdsa_signing_test.go | 210 +
.../SSH-Certificate-Signer/internal/cert/signer.go | 106 +
.../internal/cert/signer_test.go | 248 +
.../internal/cert/ssh_key.go | 237 +
.../internal/cert/ssh_key_test.go | 306 +
.../internal/config/config.go | 252 +
.../internal/config/config_test.go | 122 +
.../internal/handler/admin.go | 88 +
.../internal/handler/ca_public_key.go | 93 +
.../internal/handler/ca_public_key_test.go | 78 +
.../internal/handler/certificates.go | 185 +
.../internal/handler/certificates_test.go | 238 +
.../internal/handler/common.go | 26 +
.../internal/handler/health.go | 119 +
.../internal/handler/jwks.go | 102 +
.../internal/handler/revoke.go | 110 +
.../internal/handler/revoke_test.go | 53 +
.../internal/handler/sign.go | 324 +
.../internal/handler/sign_test.go | 85 +
.../internal/handler/userinfo.go | 55 +
.../internal/handler/userinfo_test.go | 93 +
.../internal/httputil/context.go | 95 +
.../internal/httputil/context_test.go | 92 +
.../internal/metrics/metrics.go | 56 +
.../internal/metrics/metrics_test.go | 62 +
.../internal/policy/enforcer.go | 106 +
.../internal/policy/enforcer_test.go | 182 +
.../internal/policy/key_type.go | 17 +
.../internal/server/bearer_middleware_test.go | 125 +
.../SSH-Certificate-Signer/internal/server/cors.go | 50 +
.../internal/server/cors_test.go | 125 +
.../internal/server/middleware.go | 150 +
.../internal/server/middleware_test.go | 124 +
.../internal/server/routes.go | 84 +
.../internal/server/server.go | 82 +
.../internal/store/certificate_query.go | 176 +
.../internal/store/client_config.go | 81 +
.../SSH-Certificate-Signer/internal/store/db.go | 57 +
.../internal/store/issuance_log.go | 76 +
.../internal/store/revocation.go | 58 +
.../internal/validation/comanage.go | 30 +
.../internal/validation/dispatcher.go | 197 +
.../internal/validation/dispatcher_test.go | 219 +
.../internal/validation/ldap.go | 194 +
.../internal/validation/ldap_test.go | 310 +
.../internal/validation/noop.go | 30 +
.../internal/validation/validator.go | 38 +
.../internal/validation/validator_test.go | 65 +
.../internal/vault/client.go | 441 +
extensions/SSH-Certificate-Signer/main.go | 223 +
.../migrations/001_initial_schema.up.sql | 81 +
281 files changed, 35260 insertions(+), 2855 deletions(-)
delete mode 100644 allocations/domain/go.mod
delete mode 100644 allocations/domain/go.sum
delete mode 100644 allocations/go.work
delete mode 100644 allocations/go.work.sum
delete mode 100644 allocations/provisioner/go.mod
rename {allocations/access-amie => connectors/ACCESS/AMIE-Processor}/Makefile
(91%)
rename {allocations/access-amie => connectors/ACCESS/AMIE-Processor}/README.md
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/amieclient/client.go (98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/amieclient/client_test.go (97%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/config.yaml.example (100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/config/config.go (100%)
rename {allocations/access-amie => connectors/ACCESS/AMIE-Processor}/db/db.go
(94%)
rename {allocations/domain => connectors/ACCESS/AMIE-Processor}/db/embed.go
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/db/errors.go (100%)
rename {allocations/domain => connectors/ACCESS/AMIE-Processor}/db/migrate.go
(100%)
rename {allocations/domain =>
connectors/ACCESS/AMIE-Processor}/db/migrations/000001_initial_schema.down.sql
(100%)
rename {allocations/domain =>
connectors/ACCESS/AMIE-Processor}/db/migrations/000001_initial_schema.up.sql
(100%)
rename {allocations/access-amie => connectors/ACCESS/AMIE-Processor}/db/tx.go
(100%)
rename {allocations/access-amie => connectors/ACCESS/AMIE-Processor}/go.mod
(79%)
rename {allocations/access-amie => connectors/ACCESS/AMIE-Processor}/go.sum
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/data_account_create.go (97%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/data_account_create_test.go (98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/data_project_create.go (97%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/data_project_create_test.go (98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/handler.go (96%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/inform_transaction_complete.go (96%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/inform_transaction_complete_test.go
(98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/noop.go (94%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/noop_test.go (96%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_account_create.go (94%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_account_create_test.go (87%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_account_inactivate.go (97%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_account_inactivate_test.go
(98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_account_reactivate.go (97%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_account_reactivate_test.go
(98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_person_merge.go (97%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_person_merge_test.go (98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_project_create.go (95%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_project_create_test.go (89%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_project_inactivate.go (98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_project_inactivate_test.go
(98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_project_reactivate.go (98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_project_reactivate_test.go
(98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_user_modify.go (98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/request_user_modify_test.go (98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/router.go (95%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/router_test.go (98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/handler/testutil_test.go (100%)
rename {allocations/access-amie => connectors/ACCESS/AMIE-Processor}/main.go
(78%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/metrics/metrics.go (100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/metrics/metrics_test.go (98%)
rename {allocations/devtools/amie =>
connectors/ACCESS/AMIE-Processor/mock-server}/README.md (100%)
rename {allocations/devtools/amie =>
connectors/ACCESS/AMIE-Processor/mock-server}/amie-traffic.js (100%)
rename {allocations/devtools/amie =>
connectors/ACCESS/AMIE-Processor/mock-server}/mock-amie-server.py (100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/model/audit.go (100%)
rename {allocations/domain =>
connectors/ACCESS/AMIE-Processor}/model/cluster_account.go (100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/model/error.go (100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/model/event.go (100%)
rename {allocations/domain =>
connectors/ACCESS/AMIE-Processor}/model/membership.go (100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/model/packet.go (100%)
rename {allocations/domain =>
connectors/ACCESS/AMIE-Processor}/model/person.go (100%)
rename {allocations/domain =>
connectors/ACCESS/AMIE-Processor}/model/project.go (100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/proto/amie_packets.proto (98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/proto/gen/amie_packets.pb.go (99%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/proto/gen/internal_events.pb.go (99%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/proto/internal_events.proto (97%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/server/server.go (100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/service/account_service.go (96%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/service/account_service_test.go (98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/service/audit_service.go (96%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/service/audit_service_test.go (98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/service/membership_service.go (98%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/service/membership_service_test.go (99%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/service/person_service.go (99%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/service/person_service_test.go (99%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/service/project_service.go (97%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/service/project_service_test.go (98%)
rename {allocations/domain =>
connectors/ACCESS/AMIE-Processor}/store/account_store.go (96%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/store/audit_store.go (95%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/store/error_store.go (95%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/store/event_store.go (98%)
rename {allocations/domain =>
connectors/ACCESS/AMIE-Processor}/store/membership_store.go (97%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/store/packet_store.go (97%)
rename {allocations/domain =>
connectors/ACCESS/AMIE-Processor}/store/person_dns_store.go (97%)
rename {allocations/domain =>
connectors/ACCESS/AMIE-Processor}/store/person_global_id_store.go (96%)
rename {allocations/domain =>
connectors/ACCESS/AMIE-Processor}/store/person_store.go (97%)
rename {allocations/domain =>
connectors/ACCESS/AMIE-Processor}/store/project_store.go (96%)
rename {allocations/domain =>
connectors/ACCESS/AMIE-Processor}/store/stores.go (97%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/data_account_create/incoming-data.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/data_account_create/outgoing-inform.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/data_project_create/incoming-data.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/data_project_create/outgoing-inform.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/inform_transaction_complete/incoming-inform.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_account_create/incoming-request.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_account_create/outgoing-notify.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_account_inactivate/incoming-request.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_account_inactivate/outgoing-notify.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_account_reactivate/incoming-request.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_account_reactivate/outgoing-notify.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_person_merge/incoming-request.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_person_merge/outgoing-inform.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_project_create/incoming-request.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_project_create/outgoing-notify.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_project_inactivate/incoming-request.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_project_inactivate/outgoing-notify.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_project_reactivate/incoming-request.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_project_reactivate/outgoing-notify.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_user_modify_delete/incoming-request.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_user_modify_delete/outgoing-inform.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_user_modify_replace/incoming-request.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/testdata/request_user_modify_replace/outgoing-inform.json
(100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/worker/poller.go (95%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/worker/processor.go (97%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/worker/processor_test.go (100%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/worker/proto_utils.go (94%)
rename {allocations/access-amie =>
connectors/ACCESS/AMIE-Processor}/worker/proto_utils_test.go (97%)
create mode 100644 connectors/SLURM/Association-Mapper/README.md
create mode 100644 core/accountprovisioning/go.mod
rename {allocations/provisioner => core/accountprovisioning}/noop.go (96%)
rename {allocations/provisioner => core/accountprovisioning}/provisioner.go
(99%)
rename {deployment => dev-ops}/account-provisioning/README.md (100%)
rename {deployment => dev-ops}/account-provisioning/enroll-node.yml (100%)
rename {deployment => dev-ops}/account-provisioning/files/pam_oauth2_sshd.te
(100%)
rename {deployment => dev-ops}/account-provisioning/group_vars/all.yml.example
(100%)
rename {deployment =>
dev-ops}/account-provisioning/inventory/hosts.example.yml (100%)
rename {deployment =>
dev-ops}/account-provisioning/templates/99-pam-oauth2-device.conf.j2 (100%)
rename {deployment =>
dev-ops}/account-provisioning/templates/pam-oauth2-config.json.j2 (100%)
rename {deployment => dev-ops}/account-provisioning/templates/sssd.conf.j2
(100%)
rename {deployment => dev-ops}/account-provisioning/verify.yml (100%)
rename {compose => dev-ops/compose}/dbinit/init-db.sh (89%)
rename {compose => dev-ops/compose}/docker-compose.yml (100%)
rename {compose => dev-ops/compose}/grafana/dashboards/amie-service.json (100%)
rename {compose =>
dev-ops/compose}/grafana/provisioning/dashboards/dashboards.yml (100%)
rename {compose =>
dev-ops/compose}/grafana/provisioning/datasources/mariadb.yml (100%)
rename {compose =>
dev-ops/compose}/grafana/provisioning/datasources/prometheus.yml (100%)
rename {compose => dev-ops/compose}/prometheus/prometheus.yml (100%)
rename {compose => dev-ops/compose}/vault/config/vault-config.hcl (100%)
rename {deployment => dev-ops}/terraform/aws/README.md (100%)
rename {deployment => dev-ops}/terraform/aws/main.tf (100%)
rename {deployment => dev-ops}/terraform/aws/modules/keycloak/main.tf (100%)
rename {deployment => dev-ops}/terraform/aws/modules/keycloak/outputs.tf (100%)
rename {deployment =>
dev-ops}/terraform/aws/modules/keycloak/resources/Dockerfile (100%)
rename {deployment =>
dev-ops}/terraform/aws/modules/keycloak/resources/cache-ispn-jdbc-ping.xml
(100%)
rename {deployment =>
dev-ops}/terraform/aws/modules/keycloak/resources/docker-entrypoint.sh (100%)
rename {deployment =>
dev-ops}/terraform/aws/modules/keycloak/templates/container_definition.json
(100%)
rename {deployment => dev-ops}/terraform/aws/modules/keycloak/variables.tf
(100%)
rename {deployment => dev-ops}/terraform/aws/modules/keycloak/versions.tf
(100%)
rename {deployment => dev-ops}/terraform/aws/modules/network/main.tf (100%)
rename {deployment => dev-ops}/terraform/aws/modules/network/outputs.tf (100%)
rename {deployment => dev-ops}/terraform/aws/modules/network/variables.tf
(100%)
rename {deployment => dev-ops}/terraform/aws/modules/network/versions.tf (100%)
rename {deployment => dev-ops}/terraform/aws/modules/vault/README.md (100%)
rename {deployment => dev-ops}/terraform/aws/modules/vault/main.tf (100%)
rename {deployment =>
dev-ops}/terraform/aws/modules/vault/resources/openssl-vault.cnf (100%)
rename {deployment =>
dev-ops}/terraform/aws/modules/vault/templates/install_vault_script.sh.tpl
(100%)
rename {deployment => dev-ops}/terraform/aws/modules/vault/variables.tf (100%)
rename {deployment => dev-ops}/terraform/aws/modules/vault/versions.tf (100%)
rename {deployment => dev-ops}/terraform/aws/outputs.tf (100%)
rename {deployment => dev-ops}/terraform/aws/terraform.tfvars (100%)
rename {deployment => dev-ops}/terraform/aws/variables.tf (100%)
create mode 100644 extensions/CILogon-SSH-PAM/HOWTO.md
copy LICENSE => extensions/CILogon-SSH-PAM/LICENSE (99%)
create mode 100644 extensions/CILogon-SSH-PAM/Makefile
create mode 100644 extensions/CILogon-SSH-PAM/README.md
create mode 100644 extensions/CILogon-SSH-PAM/config_template.json
create mode 100644 extensions/CILogon-SSH-PAM/packaging/.gitignore
create mode 100644 extensions/CILogon-SSH-PAM/packaging/README.md
create mode 100644 extensions/CILogon-SSH-PAM/packaging/deb/Dockerfile
create mode 100755 extensions/CILogon-SSH-PAM/packaging/deb/build.sh
create mode 100644 extensions/CILogon-SSH-PAM/packaging/deb/debian/changelog
create mode 100644 extensions/CILogon-SSH-PAM/packaging/deb/debian/compat
create mode 100644 extensions/CILogon-SSH-PAM/packaging/deb/debian/control
create mode 100644 extensions/CILogon-SSH-PAM/packaging/deb/debian/copyright
create mode 100755 extensions/CILogon-SSH-PAM/packaging/deb/debian/rules
create mode 100644
extensions/CILogon-SSH-PAM/packaging/deb/debian/source/format
create mode 100644 extensions/CILogon-SSH-PAM/packaging/rpm/Dockerfile
create mode 100644
extensions/CILogon-SSH-PAM/packaging/rpm/pamoauth2device.spec
create mode 100644 extensions/CILogon-SSH-PAM/src/include/config.cpp
create mode 100644 extensions/CILogon-SSH-PAM/src/include/config.hpp
create mode 100644 extensions/CILogon-SSH-PAM/src/include/ldapquery.c
create mode 100644 extensions/CILogon-SSH-PAM/src/include/ldapquery.h
create mode 100644 extensions/CILogon-SSH-PAM/src/include/metadata.cpp
create mode 100644 extensions/CILogon-SSH-PAM/src/include/metadata.hpp
create mode 100644 extensions/CILogon-SSH-PAM/src/include/nayuki/BitBuffer.cpp
create mode 100644 extensions/CILogon-SSH-PAM/src/include/nayuki/BitBuffer.hpp
create mode 100644 extensions/CILogon-SSH-PAM/src/include/nayuki/QrCode.cpp
create mode 100644 extensions/CILogon-SSH-PAM/src/include/nayuki/QrCode.hpp
create mode 100644 extensions/CILogon-SSH-PAM/src/include/nayuki/QrSegment.cpp
create mode 100644 extensions/CILogon-SSH-PAM/src/include/nayuki/QrSegment.hpp
create mode 100644 extensions/CILogon-SSH-PAM/src/include/nlohmann/json.hpp
create mode 100644 extensions/CILogon-SSH-PAM/src/include/pam_oauth2_curl.cpp
create mode 100644 extensions/CILogon-SSH-PAM/src/include/pam_oauth2_curl.hpp
create mode 100644
extensions/CILogon-SSH-PAM/src/include/pam_oauth2_curl_impl.hpp
create mode 100644 extensions/CILogon-SSH-PAM/src/include/pam_oauth2_excpt.hpp
create mode 100644 extensions/CILogon-SSH-PAM/src/include/pam_oauth2_log.cpp
create mode 100644 extensions/CILogon-SSH-PAM/src/include/pam_oauth2_log.hpp
create mode 100644 extensions/CILogon-SSH-PAM/src/pam_oauth2_device.cpp
create mode 100644 extensions/CILogon-SSH-PAM/src/pam_oauth2_device.hpp
create mode 100644 extensions/CILogon-SSH-PAM/test/Makefile
create mode 100644 extensions/CILogon-SSH-PAM/test/README.md
create mode 100644 extensions/CILogon-SSH-PAM/test/data/qr1.0.txt
create mode 100644 extensions/CILogon-SSH-PAM/test/data/qr1.1.txt
create mode 100644 extensions/CILogon-SSH-PAM/test/data/qr1.2.txt
create mode 100644 extensions/CILogon-SSH-PAM/test/data/qr2.0.txt
create mode 100644 extensions/CILogon-SSH-PAM/test/data/qr2.1.txt
create mode 100644 extensions/CILogon-SSH-PAM/test/data/qr2.2.txt
create mode 100644 extensions/CILogon-SSH-PAM/test/data/template_empty.json
create mode 100644 extensions/CILogon-SSH-PAM/test/data/template_noldap.json
create mode 100644 extensions/CILogon-SSH-PAM/test/data/template_wrong.json
create mode 100755 extensions/CILogon-SSH-PAM/test/mock_server.py
create mode 100644 extensions/CILogon-SSH-PAM/test/temp_file.cpp
create mode 100644 extensions/CILogon-SSH-PAM/test/temp_file.hpp
create mode 100644 extensions/CILogon-SSH-PAM/test/test_config.cpp
create mode 100644 extensions/CILogon-SSH-PAM/test/test_pam_oauth2_device.cpp
create mode 100644 extensions/CILogon-SSH-PAM/test/unit.cpp
create mode 100644 extensions/CILogon-SSH-PAM/util/tls-debug/README.md
create mode 100644 extensions/CILogon-SSH-PAM/util/tls-debug/tls-debug.c
create mode 100644 extensions/SSH-Certificate-Signer/.gitignore
create mode 100644 extensions/SSH-Certificate-Signer/README.md
create mode 100644 extensions/SSH-Certificate-Signer/config.example.yaml
create mode 100644 extensions/SSH-Certificate-Signer/go.mod
create mode 100644 extensions/SSH-Certificate-Signer/go.sum
create mode 100644 extensions/SSH-Certificate-Signer/internal/audit/logger.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/auth/client_auth.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/auth/client_auth_test.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/auth/oidc_validator.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/auth/oidc_validator_test.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/cert/extensions.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/cert/extensions_test.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/cert/rsa_ecdsa_signing_test.go
create mode 100644 extensions/SSH-Certificate-Signer/internal/cert/signer.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/cert/signer_test.go
create mode 100644 extensions/SSH-Certificate-Signer/internal/cert/ssh_key.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/cert/ssh_key_test.go
create mode 100644 extensions/SSH-Certificate-Signer/internal/config/config.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/config/config_test.go
create mode 100644 extensions/SSH-Certificate-Signer/internal/handler/admin.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/handler/ca_public_key.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/handler/ca_public_key_test.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/handler/certificates.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/handler/certificates_test.go
create mode 100644 extensions/SSH-Certificate-Signer/internal/handler/common.go
create mode 100644 extensions/SSH-Certificate-Signer/internal/handler/health.go
create mode 100644 extensions/SSH-Certificate-Signer/internal/handler/jwks.go
create mode 100644 extensions/SSH-Certificate-Signer/internal/handler/revoke.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/handler/revoke_test.go
create mode 100644 extensions/SSH-Certificate-Signer/internal/handler/sign.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/handler/sign_test.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/handler/userinfo.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/handler/userinfo_test.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/httputil/context.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/httputil/context_test.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/metrics/metrics.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/metrics/metrics_test.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/policy/enforcer.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/policy/enforcer_test.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/policy/key_type.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/server/bearer_middleware_test.go
create mode 100644 extensions/SSH-Certificate-Signer/internal/server/cors.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/server/cors_test.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/server/middleware.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/server/middleware_test.go
create mode 100644 extensions/SSH-Certificate-Signer/internal/server/routes.go
create mode 100644 extensions/SSH-Certificate-Signer/internal/server/server.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/store/certificate_query.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/store/client_config.go
create mode 100644 extensions/SSH-Certificate-Signer/internal/store/db.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/store/issuance_log.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/store/revocation.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/validation/comanage.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/validation/dispatcher.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/validation/dispatcher_test.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/validation/ldap.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/validation/ldap_test.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/validation/noop.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/validation/validator.go
create mode 100644
extensions/SSH-Certificate-Signer/internal/validation/validator_test.go
create mode 100644 extensions/SSH-Certificate-Signer/internal/vault/client.go
create mode 100644 extensions/SSH-Certificate-Signer/main.go
create mode 100644
extensions/SSH-Certificate-Signer/migrations/001_initial_schema.up.sql
