Add readme, license, security and contributing guidelines.

CONTRIBUTING.md

@@ -0,0 +1,37 @@
+# How to contribute to this repo
+
+We love your input! We want to make contributing to this project as easy and transparent as possible, whether it's:
+
+- Reporting a bug
+- Proposing new features
+- Discussing the current state of the code
+- Submitting a fix
+
+This is how you should do it:
+
+Use our [issue list](../../issues) to report a **bug** or **propose a new feature**, including
+
+### For **bug report**  
+- A quick summary and/or background
+- Steps to reproduce
+   - Be specific!
+   - Give sample code if you can
+- What you expected would happen
+- What actually happens
+
+The team love thorough bug reports - no it's not a joke!
+
+### For **feature request**  
+- Brief description of the feature
+- What problem/issue will this solve
+- A sort of Definition of Done - "How should it look when finsihed"
+
+### When submitting a fix using a Pull Request (PR)  
+
+- Fork this repository from GitHub  
+- Once, you have a local copy (after forking) you can make edits to the code, make formatting changes, reorganise the code, add documentation etc …  
+- After you have made the changes, you have to create a pull request  
+
+We will review the pull request and if it appropriate and there are no clashes or vulnerabilities, it will be merged to the main code  
+
+Voila! you have contributed to a piece of software and the cycle repeats.

LICENCE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2019 Equinor
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,61 @@
+# Radix Oauth Guard
+
+The Guard is a HTTP Server that responds to requests on http://localhost:8000/auth and authenticates the header `Authorization: Bearer JWT` against the configured ISSUER, AUDIENCE and authorizes the request agains a comma separated list of subjects.
+
+## Configuration
+
+ - `ISSUER` - Required. A issuer to verify JWT against. Must support the `${ISSUER}.well-known/openid-configuration` endpoint.
+ - `AUDIENCE` - Required. The configured Audience in the token.
+ - `SUBJECTS` - Required. Comma seperated list of subjects that are authorized.
+ - `LOG_LEVEL` - Defaults to info.  
+ - `LOG_PRETTY` - Defaults to json. Output is ANSI colored text instead of json.
+
+## Developing
+
+You need Go installed. Linting is done by [`golangci-lint`](https://golangci-lint.run/)
+
+### Dependencies - go modules
+
+Go modules are used for dependency management. See [link](https://blog.golang.org/using-go-modules) for information how to add, upgrade and remove dependencies. E.g. To update `radix-operator` dependency:
+
+- list versions: `go list -m -versions github.com/coreos/go-oidc/v3`
+- update: `go get github.com/coreos/go-oidc/v3@v3.10.0`
+
+### Running locally
+
+The following env vars are needed. Useful default values in brackets.
+
+```shell
+LOG_PRETTY=True ISSUER=https://issuer-url/ AUDIENCE=some-audience SUBJECTS=default,kubernetes,somename go run .
+```
+
+#### Validate code
+
+- run `make lint`
+
+#### Update version
+We follow the [semantic version](https://semver.org/) as recommended by [go](https://blog.golang.org/publishing-go-modules).
+
+* `tag` in git repository (in `main` branch):
+
+    Run following command to set `tag` (with corresponding version)
+    ```
+    git tag v1.0.0
+    git push origin v1.0.0
+    ```
+
+## Deployment
+
+TODO
+
+## Pull request checking
+
+Radix API makes use of [GitHub Actions](https://github.com/features/actions) for build checking in every pull request to the `main` branch. Refer to the [configuration file](.github/workflows/pr.yml) of the workflow for more details.
+
+## Contributing
+
+Read our [contributing guidelines](./CONTRIBUTING.md)
+
+------------------
+
+[Security notification](./SECURITY.md)

SECURITY.md

@@ -0,0 +1,18 @@
+# How to manage security in this repo
+
+If you discover a security vulnerability in this project, please follow these steps to responsibly disclose it:
+
+1. **Do not** create a public GitHub issue for the vulnerability.
+2. Follow our guideline for Responsible Disclosure Policy at [https://www.equinor.com/about-us/csirt](https://www.equinor.com/about-us/csirt) to report the issue
+
+The following information will help us triage your report more quickly:
+
+- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+- Full paths of source file(s) related to the manifestation of the issue
+- The location of the affected source code (tag/branch/commit or direct URL)
+- Any special configuration required to reproduce the issue
+- Step-by-step instructions to reproduce the issue
+- Proof-of-concept or exploit code (if possible)
+- Impact of the issue, including how an attacker might exploit the issue
+
+We prefer all communications to be in English.