Changelog

v0.1

The first gdsgate release: a single binary that gates identity-aware, audited, least-privilege access to SSH, databases, Kubernetes, MCP, and TCP services through one proxy.

Access & identity

• Single binary, four roles (Auth / Proxy / Agent / client) by subcommand.
• OIDC login — device flow and Authorization Code + PKCE; identity tokens verified against the provider's JWKS (RS256), claims mapped to a principal and its groups.
• Cedar authorisation over (principal, action, resource), with the action derived from the resource's kind; deny-all by default.
• Short-lived access certificates issued on Allow; expiry is the revocation mechanism.

Resources

• SSH model A (agent-terminated, recorded) and model B (jump host with per-connection downstream certificate), PostgreSQL / MySQL (forwarded with a query-log tap), Kubernetes (identity impersonation), MCP (tools/call allow-list), raw TCP — declared per agent in [[agent.backends]].
• Native client experience: gdsgate login, then ssh, psql / mysql, kubectl, redis-cli through the gateway.
• SSH -L and -R with two-layer gating (per-backend allow-list × Cedar sshForwardLocal / sshForwardRemote).
• Persistent agent-side SSH host key — a client's known_hosts entry keeps verifying across sessions.

Transport & trust

• Node registration with one-time tokens; internal mutual TLS and public TLS off a persisted transport CA; the agent reverse tunnel (gRPC, WebSocket fallback, HTTP CONNECT proxy support) so backends need no inbound access.
• Three certificate authorities — transport, User SSH, Onward SSH — all persisted, the latter two paced-double-signing rotatable at runtime.
• Tamper-evident, hash-chained, durable audit (persist-before-grant) with JSON / Splunk HEC / CEF export.

Discovery & JIT

• Resource catalog seeded from [discovery] — surfaces in gdsgate ls and supplies live attributes (environment, labels) to Cedar.
• Just-in-time access via gdsgate request-access / gdsgate approve, with a per-resource / per-environment / global approvers cascade.

Supply chain

• Reproducible, byte-for-byte builds; cosign-signed SHA256SUMS; CycloneDX SBOM. Verify with cosign verify-blob + sha256sum -c — see Admin guide → Installation and Operations.

Validation

• The full multi-node topology has been exercised end to end against a real Keycloak identity provider, proving group-scoped access over databases, SSH (both models), Kubernetes, raw TCP, and MCP (allow for one group, deny for another); node registration with mutual TLS; public-TLS verification; network-zone isolation; least-privilege containers.

Targets: x86_64-unknown-linux-gnu and a static x86_64-unknown-linux-musl.