Skip to content
GitLab
Closed
Issue created by Sven-Hendrik Haase@svenstaroDeveloper17 of 19 checklist items completed17/19 checklist items

Open up account registrations to the public

This issue tracks requirements for what we need in order to feel confident to open Keycloak (and therefore GitLab up to the public).

  • User registration security audit
  • Sensible password restrictions
  • Recaptcha for user registration (#35 (closed))
  • Login flow audit
  • GitLab security audit
  • Keycloak monitoring (#23)
  • GitLab monitoring (#14)
  • Review secure Gitlab runner (#74 (closed))
  • GitLab secure runner for our own projects with proper restrictions (#32 (closed))
  • Audit security of public runners (#8 (closed))
  • Add github.com as identity provider (#2 (closed))
  • Add gitlab.com as identity provider (#40 (closed))
  • Allow incoming mail on GitLab (#3 (closed))
  • Enable Keycloak event logging (#68 (closed))
  • Finish Arch theme of Keycloak (!28 (merged))
  • Research fine grade permissions for externals (#9 (closed))
  • Fix GitLab backups (#118 (closed))
  • Validate GitLab backups
  • Validate Keycloak backups
Edited by Sven-Hendrik Haase
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information