Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
  • Sign in
I
infrastructure
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
    • Locked Files
  • Issues 137
    • Issues 137
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
    • Iterations
  • Merge Requests 9
    • Merge Requests 9
  • Requirements
    • Requirements
    • List
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
    • Test Cases
  • Security & Compliance
    • Security & Compliance
    • Dependency List
    • License Compliance
  • Operations
    • Operations
    • Incidents
    • Environments
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • CI / CD
    • Code Review
    • Insights
    • Issue
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • Arch Linux
  • infrastructure
  • Issues
  • #39

Closed
Open
Opened May 26, 2020 by Sven-Hendrik Haase@svenstaroOwner17 of 19 tasks completed17/19 tasks

Open up account registrations to the public

This issue tracks requirements for what we need in order to feel confident to open Keycloak (and therefore GitLab up to the public).

  • User registration security audit
  • Sensible password restrictions
  • Recaptcha for user registration (#35 (closed))
  • Login flow audit
  • GitLab security audit
  • Keycloak monitoring (#23)
  • GitLab monitoring (#14)
  • Review secure Gitlab runner (#74 (closed))
  • GitLab secure runner for our own projects with proper restrictions (#32 (closed))
  • Audit security of public runners (#8 (closed))
  • Add github.com as identity provider (#2 (closed))
  • Add gitlab.com as identity provider (#40)
  • Allow incoming mail on GitLab (#3 (closed))
  • Enable Keycloak event logging (#68 (closed))
  • Finish Arch theme of Keycloak (!28 (merged))
  • Research fine grade permissions for externals (#9 (closed))
  • Fix GitLab backups (#118 (closed))
  • Validate GitLab backups
  • Validate Keycloak backups
Edited Oct 22, 2020 by Sven-Hendrik Haase
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: archlinux/infrastructure#39