Open up account registrations to the public
This issue tracks requirements for what we need in order to feel confident to open Keycloak (and therefore GitLab up to the public).
-
User registration security audit -
Sensible password restrictions -
Recaptcha for user registration (#35 (closed)) -
Login flow audit -
GitLab security audit -
Keycloak monitoring (#23) -
GitLab monitoring (#14) -
Review secure Gitlab runner (#74 (closed)) -
GitLab secure runner for our own projects with proper restrictions (#32 (closed)) -
Audit security of public runners (#8 (closed)) -
Add github.com as identity provider (#2 (closed)) -
Add gitlab.com as identity provider (#40 (closed)) -
Allow incoming mail on GitLab (#3 (closed)) -
Enable Keycloak event logging (#68 (closed)) -
Finish Arch theme of Keycloak (!28 (merged)) -
Research fine grade permissions for externals (#9 (closed)) -
Fix GitLab backups (#118 (closed)) -
Validate GitLab backups -
Validate Keycloak backups