Skip to content

testifysec/galadriel

 
 

Repository files navigation

Galadriel

CodeQL PR Build Scorecards supply-chain security trivy


Project Galadriel, or just Galadriel, is an open source project that enables scalable and easy configuration of Federation relationships among SPIRE Servers. It works as a central hub for managing and auditing Federation relationships.

What Galadriel IS?

  • Alternative approach to SPIRE Federation: it's built on top of SPIRE APIs to facilitate foreign Trust Bundles management.
  • Multi-tenant: multiple organizations can leverage the same Galadriel deployment, while ensuring data and operations isolation.
  • Federation at scale: configuring multiple SPIRE Server federation should be easy and secure by default, that is Galadriel's main focus.
  • Central hub: it's a central place where federation relationships can be defined and audited.

What Galadriel IS NOT?

  • A replacement of SPIRE/SPIFFE Federation: it doesn't replace SPIRE Federation, it leverages what's already built in there.
  • A SPIRE plugin: it's deployed as a separate component, not as a SPIRE plugin.

Get started

Contribute

Project Galadriel is an open source project under the Apache 2 license, and as such, any kind of contribution is welcome, being documentation, new features, bugfixing, issues, etc. Check out our Contributing guidelines to learn how we manage contributions, and the Governance policy to learn about the different roles in the project.

Roadmap

Project Galadriel has currently reached the Proof of Concept milestone (v0.1.0). Refer to the Roadmap to learn what's next.

Want to know more?

Design document

Please feel free to check out our Design Document, where you can find more information about the architecture and future plans for Galadriel. Comments and suggestions are welcome and highly appreciated.

Community Presentations & Blog Posts

Found a security issue?

Please refer to the Security policy to learn more about security updates and reporting potential vulnerabilities.

About

SPIFFE Federation the easy way

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 94.5%
  • Makefile 4.8%
  • Dockerfile 0.7%