ContainerImage.Pinniped/ROADMAP.md


## **Pinniped Project Roadmap**


### 
**About this document**

This document provides a link to the[ Pinniped Project issues](https://github.com/vmware-tanzu/pinniped/issues) list that serves as the up to date description of items that are in the Pinniped release pipeline. Most items are gathered from the community or include a feedback loop with the community. This should serve as a reference point for Pinniped users and contributors to understand where the project is heading, and help determine if a contribution could be conflicting with a longer term plan.


### 
**How to help?**

Discussion on the roadmap can take place in threads under [Issues](https://github.com/vmware-tanzu/pinniped/issues) or in [community meetings](https://github.com/vmware-tanzu/pinniped/blob/main/CONTRIBUTING.md#meeting-with-the-maintainers). Please open and comment on an issue if you want to provide suggestions and feedback to an item in the roadmap. Please review the roadmap to avoid potential duplicated effort.


### 
**Need an idea for a contribution?**

We’ve created an [Opportunity Areas](https://github.com/vmware-tanzu/pinniped/discussions/483) discussion thread that outlines some areas we believe are excellent starting points for the community to get involved. In that discussion we’ve included specific work items that one might consider that also support the high-level items presented in our roadmap. 


### 
**How to add an item to the roadmap?**

Please open an issue to track any initiative on the roadmap of Pinniped (usually driven by new feature requests). We will work with and rely on our community to focus our efforts to improve Pinniped.


### 
**Current Roadmap**

The following table includes the current roadmap for Pinniped. If you have any questions or would like to contribute to Pinniped, please attend a [community meeting](https://github.com/vmware-tanzu/pinniped/blob/main/CONTRIBUTING.md#meeting-with-the-maintainers) to discuss with our team. If you don't know where to start, we are always looking for contributors that will help us reduce technical, automation, and documentation debt. Please take the timelines & dates as proposals and goals. Priorities and requirements change based on community feedback, roadblocks encountered, community contributions, etc. If you depend on a specific item, we encourage you to attend community meetings to get updated status information, or help us deliver that feature by contributing to Pinniped.


Last Updated: March 2022
|Theme|Description|Timeline|
|--|--|--|
|Improving Security Posture|Support Audit logging of security events related to Authentication |May/June 2022|
|Improving Usability|Support for integrating with UI/Dashboards  |May/June 2022|
|Improving Security Posture|TLS hardening contd|June/July 2022|
|Multiple IDP support|Support multiple IDPs configured on a single Supervisor|Exploring/Ongoing|
|Improving Security Posture|mTLS for Supervisor sessions |Exploring/Ongoing|
|Improving Security Posture|Key management/rotation for Pinniped components with minimal downtime |Exploring/Ongoing|
|Improving Security Posture|Support for Session Logout |Exploring/Ongoing|
|Improving Security Posture|Support for Idle Session/ Inactivity timeout|Exploring/Ongoing|
|Improving Security Posture|Support for Max Concurrent Sessions|Exploring/Ongoing|
|Improving Security Posture|Support for configurable Session Length |Exploring/Ongoing|
|Improving Security Posture|Reject use of username and groups with system: prefix  |Exploring/Ongoing|
|Improving Security Posture|Support for using external KMS for Supervisor signing keys |Exploring/Ongoing|
|Improving Security Posture|Client side use of Secure Enclaves for Session data |Exploring/Ongoing|
|Improving Security Posture|Enforce the use of HTTP Strict Transport (HSTS) |Exploring/Ongoing|
|Improving Security Posture|Assert that Pinniped runs under the restricted PSP version2 levels  |Exploring/Ongoing|
|Wider Concierge cluster support|Support for OpenShift cluster types in the Concierge|Exploring/Ongoing|
|Identity transforms|Support prefixing, filtering, or performing coarse-grained checks on upstream users and groups|Exploring/Ongoing|
|CLI SSO|Support Kerberos based authentication on CLI |Exploring/Ongoing|
|Extended IDP support|Support more types of identity providers on the Supervisor|Exploring/Ongoing|
|Improved Documentation|Reorganizing and improving Pinniped docs; new how-to guides and tutorials|Exploring/Ongoing|
|Improve our CI/CD systems|Upgrade tests; make Kind more efficient and reliable for CI ; Windows tests; performance tests; scale tests; soak tests|Exploring/Ongoing|
|CLI Improvements|Improving CLI UX for setting up Supervisor IDPs|Exploring/Ongoing|
|Telemetry|Adding some useful phone home metrics as well as some vanity metrics|Exploring/Ongoing|
|Observability|Expose Pinniped metrics through Prometheus Integration|Exploring/Ongoing|
|Device Code Flow|Add support for OAuth 2.0 Device Authorization Grant in the Pinniped CLI and Supervisor|Exploring/Ongoing|
|Supervisor with New Clients|Enable registering new clients with Supervisor|Exploring/Ongoing|
-												Create ROADMAP.md in actual markdown

fixed the random html generated when converting the google doc to markdown
											
										
										
											2021-03-10 02:41:40 +00:00
 								## **Pinniped Project Roadmap**
 								###
 								**About this document**
 								This document provides a link to the[ Pinniped Project issues](https://github.com/vmware-tanzu/pinniped/issues) list that serves as the up to date description of items that are in the Pinniped release pipeline. Most items are gathered from the community or include a feedback loop with the community. This should serve as a reference point for Pinniped users and contributors to understand where the project is heading, and help determine if a contribution could be conflicting with a longer term plan.
 								###
 								**How to help?**
 								Discussion on the roadmap can take place in threads under [Issues](https://github.com/vmware-tanzu/pinniped/issues) or in [community meetings](https://github.com/vmware-tanzu/pinniped/blob/main/CONTRIBUTING.md#meeting-with-the-maintainers). Please open and comment on an issue if you want to provide suggestions and feedback to an item in the roadmap. Please review the roadmap to avoid potential duplicated effort.
 								###
 								**Need an idea for a contribution?**
-												Update ROADMAP.md
											
										
										
											2021-03-11 21:58:34 +00:00
+								We’ve created an [Opportunity Areas](https://github.com/vmware-tanzu/pinniped/discussions/483) discussion thread that outlines some areas we believe are excellent starting points for the community to get involved. In that discussion we’ve included specific work items that one might consider that also support the high-level items presented in our roadmap.
-												Create ROADMAP.md in actual markdown

fixed the random html generated when converting the google doc to markdown
											
										
										
											2021-03-10 02:41:40 +00:00
 								###
 								**How to add an item to the roadmap?**
 								Please open an issue to track any initiative on the roadmap of Pinniped (usually driven by new feature requests). We will work with and rely on our community to focus our efforts to improve Pinniped.
 								###
 								**Current Roadmap**
 								The following table includes the current roadmap for Pinniped. If you have any questions or would like to contribute to Pinniped, please attend a [community meeting](https://github.com/vmware-tanzu/pinniped/blob/main/CONTRIBUTING.md#meeting-with-the-maintainers) to discuss with our team. If you don't know where to start, we are always looking for contributors that will help us reduce technical, automation, and documentation debt. Please take the timelines & dates as proposals and goals. Priorities and requirements change based on community feedback, roadblocks encountered, community contributions, etc. If you depend on a specific item, we encourage you to attend community meetings to get updated status information, or help us deliver that feature by contributing to Pinniped.
-												Update ROADMAP.md

Changed last updated field for March
											
										
										
											2022-03-18 14:12:50 +00:00
+								Last Updated: March 2022
-												Fix roadmap table formatting

We seem to have missed a `|` at the start of the table.
											
										
										
											2021-09-01 19:33:23 +00:00
+								|Theme|Description|Timeline|
-												Create ROADMAP.md in actual markdown

fixed the random html generated when converting the google doc to markdown
											
										
										
											2021-03-10 02:41:40 +00:00
+								|--|--|--|
-												Update ROADMAP.md

Changes made to reflect status as of May 4th, 2022
											
										
										
											2022-05-04 20:06:33 +00:00
+								|Improving Security Posture|Support Audit logging of security events related to Authentication |May/June 2022|
 								|Improving Usability|Support for integrating with UI/Dashboards  |May/June 2022|
-												Update ROADMAP.md

Edits to the wiki based on our current backlog 4/5/2022
											
										
										
											2022-04-06 20:08:04 +00:00
+								|Improving Security Posture|TLS hardening contd|June/July 2022|
-												Update ROADMAP.md

Updated roadmap with current priorities
											
										
										
											2022-03-17 13:36:24 +00:00
+								|Multiple IDP support|Support multiple IDPs configured on a single Supervisor|Exploring/Ongoing|
-												Update ROADMAP.md

Updated roadmap to reflect current focus of Pinniped project
											
										
										
											2021-10-21 14:10:19 +00:00
+								|Improving Security Posture|mTLS for Supervisor sessions |Exploring/Ongoing|
 								|Improving Security Posture|Key management/rotation for Pinniped components with minimal downtime |Exploring/Ongoing|
 								|Improving Security Posture|Support for Session Logout |Exploring/Ongoing|
 								|Improving Security Posture|Support for Idle Session/ Inactivity timeout|Exploring/Ongoing|
 								|Improving Security Posture|Support for Max Concurrent Sessions|Exploring/Ongoing|
 								|Improving Security Posture|Support for configurable Session Length |Exploring/Ongoing|
 								|Improving Security Posture|Reject use of username and groups with system: prefix  |Exploring/Ongoing|
 								|Improving Security Posture|Support for using external KMS for Supervisor signing keys |Exploring/Ongoing|
 								|Improving Security Posture|Client side use of Secure Enclaves for Session data |Exploring/Ongoing|
 								|Improving Security Posture|Enforce the use of HTTP Strict Transport (HSTS) |Exploring/Ongoing|
 								|Improving Security Posture|Assert that Pinniped runs under the restricted PSP version2 levels  |Exploring/Ongoing|
-												Update ROADMAP.md

Updated Roadmap to reflect the work on Supervisor token refresh for OIDC and LDAP/AD. Also changed ordering on Multiple IDP Support as we are seeing more user interest for this feature.
											
										
										
											2021-10-05 23:31:33 +00:00
+								|Wider Concierge cluster support|Support for OpenShift cluster types in the Concierge|Exploring/Ongoing|
-												Add "Identity transforms" feature to roadmap.
											
										
										
											2021-07-01 15:17:40 +00:00
+								|Identity transforms|Support prefixing, filtering, or performing coarse-grained checks on upstream users and groups|Exploring/Ongoing|
-												Update ROADMAP.md

Updated September roadmap to reflect work on Improving Security Posture. Added CLI SSO as Future roadmap item.
											
										
										
											2021-09-02 01:35:47 +00:00
+								|CLI SSO|Support Kerberos based authentication on CLI |Exploring/Ongoing|
-												Add "Extended IDP support" to the roadmap.
											
										
										
											2021-07-01 15:48:13 +00:00
+								|Extended IDP support|Support more types of identity providers on the Supervisor|Exploring/Ongoing|
-												Update ROADMAP.md
											
										
										
											2021-06-10 15:27:20 +00:00
+								|Improved Documentation|Reorganizing and improving Pinniped docs; new how-to guides and tutorials|Exploring/Ongoing|
-												Create ROADMAP.md in actual markdown

fixed the random html generated when converting the google doc to markdown
											
										
										
											2021-03-10 02:41:40 +00:00
+								|Improve our CI/CD systems|Upgrade tests; make Kind more efficient and reliable for CI ; Windows tests; performance tests; scale tests; soak tests|Exploring/Ongoing|
-												Update ROADMAP.md

Update ROADMAP.md with Pablo.
											
										
										
											2021-04-15 18:43:01 +00:00
+								|CLI Improvements|Improving CLI UX for setting up Supervisor IDPs|Exploring/Ongoing|
-												Create ROADMAP.md in actual markdown

fixed the random html generated when converting the google doc to markdown
											
										
										
											2021-03-10 02:41:40 +00:00
+								|Telemetry|Adding some useful phone home metrics as well as some vanity metrics|Exploring/Ongoing|
 								|Observability|Expose Pinniped metrics through Prometheus Integration|Exploring/Ongoing|
-												Update ROADMAP.md

Update ROADMAP.md with Pablo.
											
										
										
											2021-04-15 18:43:01 +00:00
+								|Device Code Flow|Add support for OAuth 2.0 Device Authorization Grant in the Pinniped CLI and Supervisor|Exploring/Ongoing|
-												Update ROADMAP.md

Added https://github.com/vmware-tanzu/pinniped/issues/577 to Roadmap
											
										
										
											2021-07-15 16:29:51 +00:00
+								|Supervisor with New Clients|Enable registering new clients with Supervisor|Exploring/Ongoing|
-												Create ROADMAP.md in actual markdown

fixed the random html generated when converting the google doc to markdown
											
										
										
											2021-03-10 02:41:40 +00:00