bitly
Proposal for Official Fork
Hi,
As everyone here can see, the project is almost abandoned.
I believe someone or preferable a group of people fluent in Go lang should create an 'official' fork of the project so the community can contribute with PRs which won't be waiting forever at "Pull Requests" tab.
I'm not fluent in Go but I can help with docker images or something like that if needed.
====== Edit =====
According to @russtacular comment on 29 Aug 2018 this project is oficially discontinued. Therefore, while the community is discussing where it will be 'oficially' forked and supported, there are several projects already taking place as a migration path:
https://github.com/pusher/oauth2_proxy (see https://github.com/bitly/oauth2_proxy/issues/628#issuecomment-453494239) https://github.com/buzzfeed/sso https://github.com/openshift/oauth-proxy https://github.com/ploxiln/oauth2_proxy (see https://github.com/bitly/oauth2_proxy/issues/628#issuecomment-449255369 and https://github.com/bitly/oauth2_proxy/issues/628#issuecomment-449544677)
Also, there is a discussion on gofrs https://github.com/gofrs/help-requests/issues/32#issue-388720547
Agree. I think many of us would love to see some of these PRs get merged. Like it or not this is one of the simpler to use solutions for integration of OAuth2 or OIDC providers on top of Kubernetes.
It is definitely a pity the project is kind of dead. Looks like a lot of people use it though. There is an interesting fork
https://github.com/openshift/oauth-proxy
but specialized on OpenShift.
If I were proficient in Go I would love to help.
Would be nice to know the maintainers opinion.
Let's find a well-known OSS org on github that could manage having such fork. Security repos shouldn't be on any one personal account. It is important though to have @bitly's support and perhaps have their team add the official fork's releases as a tag on dockerhub.
I agree with you @ermik. Finding an OSS organization which can take care of the project and assign people (not just one) which can approve PRs and manage the repository.
This is used quite often with K8S. /cc @cncf if it has any suggestion of what group could take care of this.
/cc @jbeda Do you know someone that could be interested to maintain this project active in a fork?
Have @bitly stopped using this, hence the staleness of the project? If so it would be interesting to hear what they use instead.
Everyone at bitly might be just drones and we are a part of their simulation.
I have been in touch with people at bitly about the current state of the project. I will post another update when I have more information.
I too would like to use this! I recently started using the free Access service from CloudFlare. I really like the concept. So being able to do the same in a stable way with NGINX would be amazing...
I have exchanged emails with the CEO of @bitly. I thought we were going to get this resolved. Unfortunately once it was passed over to an engineer it died.
I think it is pretty clear that this project is no longer a priority for bitly. For whatever reason they are unwilling to pass it over to new stewards.
I propose the following actions:
- identify a new home for the project
- mirror the repo in new org
- update the docs
- review all outstanding issues/PR and duplicate them in the new project. Add comments on the bitly version with a link to the new issue
- map out what a ???/oauth_proxy 1.0 (or 3.0) release would look like
@skwashd
That's sad to hear.
Have you guys heard of https://github.com/buzzfeed/sso ? It seems to be built on top of OAuth2 proxy with more features. I'll try it out soon...
There are many large companies with significant OSS presence that have forked this project and have pending PRs awaiting merge. Can one of these companies please come forward to adopt this project?
There are many features that we require, which are stuck in unreviewed PRs. We are manually merging into our private forks, which is not sustainable!
I'm not fluent in Go so I've been working on a node.js port. Would others here be interested in this?
I will be interested to contributed to the maintenance of this project, since we built recently the https://github.com/jenkins-x/sso-operator on top of it and have a certain understanding of the code base.
I like what @skwashd is proposing. It seems that sso-proxy org is still available. Do you have any other suggestions? If you agree, we can move on with this org.
~Could we try reaching out to BuzzFeed for comment (pun intended)? Their sso product seems well-established and a merge path would be a better choice for this repo — and introducing more flexibility (more auth providers, better config, k8s-ready, etc.) to their project could be a symbiotic thing.~ _ @ccojocar pointed out below that it's not a derivative.
If there are not takers by Oct 1st — let me add to @skwashd's list — we need to identify a group of maintainers that can commit (ok, this pun is just unavoidable) to working on newly forked org/repo for the near future while we try to build a community around it.
In my opinion, here is a minimum of people required for this repo to continue being of the most wonderful tools out there:
- security expert with substantial credentials
- cloud-native expert to keep things in perspective
- networking specialist to push this to the cutting edge
- engineering manager to keep things going
feel free to adjust.
Please volunteer yourselves with a brief description of your specialty, and please start reaching out to people to see if we have the support we need.
cc/ @ohaiwalt — you pointed me to this repo and I'll never be more grateful; do you have any thoughts on the matter?
@ermik the buzfeed/sso does not seem to be depend on this proxy https://github.com/buzzfeed/sso/blob/master/Godeps. I am not sure, if it makes sense to couple the two projects.
This project has a well established user base in the Kubernetes community. It must continue to be maintained.
I would say, the simplest way to move forward, it is to create a new organisation with a group of maintainers, and then ask bitly to transfer the ownership of this repo to that organisation.
@skwashd Do you think, would this work onbitly side?
If we can't get any response from bitly engineers then it may not be possible to move the repo.
Please could someone from bitly provide an official statement to this issue? I am mentioning all current members of bitly organisation. Sorry for noise!
@apriendeau @hlhendy @jctbitly @jehiah @kpurdon @lrmay @markrechler @mrwoof @russtacular @sioanis @tpherndon
I tried a couple of times to reach the company via twitter. (first attempt and second attempt). The second one lead to a short email exchange with the CEO. It was passed onto @jehiah, who never responded.
Bitly don't owe us anything. They are free to throw their code over the wall and do nothing else. That's how open source works. That said, it is disappointing that they won't engage with the community that they built. Priorities change, life moves on, we accept that. It would have been nice if they either came out and said why the tumbleweed is blowing around the project or worked with interested members of the community to move it to a new home. Sadly there appears to be no interest in either option.
I would be happy to play a role in any fork, but I don't feel like I have the time nor the skills to provide the technical leadership. Without leadership we will remain an unruly mob moving pitch forks.
With all this in mind I created 2bitproxy/oauth2_proxy. I picked the name as it includes bit as a reference to the bitly heritage and a tongue in cheek reference the negative "two bit". (It takes under a minute to rename it with sed).
I believe the first 3 points from the plan I posted last week have been resolved. Who wants to help with the remaining 2?
Hi all ... I've reached out internally here at Bitly and will make sure we get a response here soon. Just wanted to drop a line here so you all know we are listening.
@skwashd It's great we have a home for the time being — thanks for stashing away a nice org name! I think you have it right: we can work on improving the project while this gets resolved. A certain breathing room needs to be maintained for @bitly and other community members, as well as possible maintainers, to chime in to this conversation.
@kpurdon Great news! I don't presume to speak for everyone, but I would say the key thing to resolve here is a managerial one. There is no need for a fork if and only if the team at @bitly is dedicated to working towards granting some community members merge permissions and working towards reinforcing the community support itself for this repository.
Hello all,
Sorry it's taken so long to respond—it's often difficult to acknowledge that you can no longer maintain something that you've built and nurtured for so many years.
While this project has served us well internally for a while, we haven't been able to find someone on our team to push it forward and shepherd community contributions that weren't part of our roadmap. We've also since moved on to other priorities and are even investigating switching to buzzfeed/sso since it's a newer fork of oauth2_proxy.
As a result, we've decided to make this read-only and archive this project at the end of September. We're happy to update the readme to point people to newer, maintained forks, so please update this issue (or start a new one) with possible successors in order to make this transition as easy as possible.
I'm calling for a goodbye party to be hosted at one of Flatiron bars. @russtacular
The openshift fork https://github.com/openshift/oauth-proxy has already been mentioned. I've started a humble and initially somewhat minimal fork myself, and I've made a release: https://github.com/ploxiln/oauth2_proxy/releases
