# Code of Conduct

## Our Pledge

In the interest of fostering an open and welcoming environment, we as
contributors and maintainers pledge to making participation in our project and
our community a harassment-free experience for everyone, regardless of age,
body size, disability, ethnicity, gender identity and expression, level of
experience, nationality, personal appearance, race, religion, or sexual
identity and orientation.

## Our Standards

Examples of behavior that contributes to creating a positive environment

* Using welcoming and inclusive language
* Being respectful of differing viewpoints and experiences
* Gracefully accepting constructive criticism
* Focusing on what is best for the community
* Showing empathy towards other community members

Examples of unacceptable behavior by participants include:

* The use of sexualized language or imagery and unwelcome sexual attention or
* Trolling, insulting/derogatory comments, and personal or political attacks
* Public or private harassment
* Publishing others' private information, such as a physical or electronic
address, without explicit permission
* Other conduct which could reasonably be considered inappropriate in a
professional setting

## Our Responsibilities

Project maintainers are responsible for clarifying the standards of acceptable
behavior and are expected to take appropriate and fair corrective action in
response to any instances of unacceptable behavior.

Project maintainers have the right and responsibility to remove, edit, or
reject comments, commits, code, wiki edits, issues, and other contributions
that are not aligned to this Code of Conduct, or to ban temporarily or
permanently any contributor for other behaviors that they deem inappropriate,
threatening, offensive, or harmful.

## Scope

This Code of Conduct applies both within project spaces and in public spaces
when an individual is representing the project or its community. Examples of
representing a project or community include using an official project e-mail
address, posting via an official social media account, or acting as an
appointed representative at an online or offline event. Representation of a
project may be further defined and clarified by project maintainers.

## Enforcement

Instances of abusive, harassing, or otherwise unacceptable behavior may be
reported by contacting the project team. All complaints will be reviewed and
investigated and will result in a response that is deemed necessary and
appropriate to the circumstances. The project team is obligated to maintain
confidentiality with regard to the reporter of an incident. Further details of
specific enforcement policies may be posted separately.

Project maintainers who do not follow or enforce the Code of Conduct in good
faith may face temporary or permanent repercussions as determined by other
members of the project's leadership.

## Attribution

This Code of Conduct is adapted from the [Contributor Covenant], version 1.4,
available at

[Contributer Covenant]:
# Contributing

First off - Thank you for your interest in contributing to the Open OnDemand project!

There is no pull request too small! Everything from simple misspellings to very
large feature requests are welcome. If you're not quite sure where to get started
you can search our list of [good first issues].

Please note we have a [code of conduct], please follow it in all your
interactions with the project.

## Issues

Issues, bug reports, questions and feature requests are always welcome. Feel
free to open an issue and use any [issue labels] as appropriate.

We mostly use [Discourse] for general questions or help. If you're unsure
of where to route your question, Discourse may be the best forum for it.

## Other Repositories

There are other repositories to Open OnDemand that are important as well. You may want to check
these out too.

* [repository for the Open OnDemand website](
* [repository for the Open OnDemand documentation](
* [repository for the Open OnDemand core library](

## Pull Request Process

If you have a large feature it may be preferential to open an issue and discuss
it first before putting a lot of work into coding something that may not be accepted. Don't
let this discourage you though! Feel free to open tickets and engage with the development
team on proposed changes.

1. [Fork this repo].
2. Branch off of the master branch.
3. Create a PR to merge into the master upstream branch. Make sure at least
unit tests continue to pass by executing `rake test`.
4. We will review it and either add comments for requested changes or merge.
If changes are being requested, don't let this discourage you! This is a
natural part of getting changes right and ensuring quality in what we're building.

### Tips

1. Contributions accompanied by unit tests are recommended.
2. For Ruby code we add [yarndoc] comments above all of our public interface methods as this is used to generate helpful documentation on We do not yet have adopted a strong style guide for code in JavaScript and Python.
3. With the PR for the change, add to the CHANGELOG a line under the "Unreleased" section specifying
4. Follow best conventions with Ruby coding style. We haven't yet adopted a strict style guide, so unless you are using tabs or 4 spaces instead of 2 spaces you will probably not find an objection from us.

[Fork this repo]:
[code of conduct]:
[issue labels]:
[good first issues]:
Expand Up @@ -26,7 +26,7 @@ Installing Open OnDemand simple, use our prepacked RPM distributions or build fr
Learn more about Open OnDemand's system architecture and request lifecycle by visiting our <a href="">documentation</a>.

## Community
Open OnDemand has an active and growing community! Don't hesistate to reach out to the developers via our [Discourse] instance if you would like more information or need help installing or configuring Open OnDemand.
Open OnDemand has an active and growing community! Don't hesitate to reach out to the developers via our [Discourse] instance if you would like more information or need help installing or configuring Open OnDemand.
<a href=""><img src="" width=150></a>
Expand All @@ -46,5 +46,5 @@ This project is maintained by the <a href="">Ohio Supercomput
[MIT License]:
[Open OnDemand Documentation]:
[installation instructions]:
[contributing guide]:
[contributing guide]:
# Security Policy

This document outlines security procedures and general policies for the `OnDemand`

## Security Audits

[Trusted CI](, the NSF Cybersecurity Center of
Excellence, conducted an in-depth vulnerability assessment of Open OnDemand, completing
it in December 2018. This assessment included a careful review of the code, increasing
our confidence in its security. The Ohio Supercomputing Center addressed the implementation
issues (bugs) that were found during this review, producing a more robust revision of Open OnDemand.

## Reporting a Vulnerability

If you have security concerns or think you have found a vulnerability in Open OnDemand,
please contact us directly via [email](mailto:[email protected]) on the news list found
[here]( Emails sent to it are only seen by
the core project team.

## Disclosure Policy

When the team receives a security vulnerability, they will generally assign it
to a primary handler. This person will coordinate the fix and release process,
involving the following steps:

* Confirm the problem and determine the affected versions.
* Audit code to find any potential similar problems.
* Prepare fixes for all releases still under maintenance. These fixes will be
released as fast as possible.

## Comments on this Policy

If you have suggestions on how this process could be improved please submit
a ticket, open a [Discorse]( topic or open a pull request.
"@context": "",
"@type": "Code",
"author": [
"@id": "",
"@type": "Person",
"email": "[email protected]",
"name": "Dave Hudak",
"affiliation": "Ohio Supercomputer Center"
"@id": "",
"@type": "Person",
"email": "[email protected]",
"name": "Doug Johnson",
"affiliation": "Ohio Supercomputer Center"
"@id": "",
"@type": "Person",
"email": "[email protected]",
"name": "Alan Chalker",
"affiliation": "Ohio Supercomputer Center"
"@id": "",
"@type": "Person",
"email": "[email protected]",
"name": "Jeremy Nicklas",
"affiliation": "Ohio Supercomputer Center"
"@id": "",
"@type": "Person",
"email": "[email protected]",
"name": "Eric Franz",
"affiliation": "Ohio Supercomputer Center"
"@id": "",
"@type": "Person",
"email": "[email protected]",
"name": "Trey Dockendorf",
"affiliation": "Ohio Supercomputer Center"
"@id": "",
"@type": "Person",
"email": "[email protected]",
"name": "Brian L. McMichael",
"affiliation": "Ohio Supercomputer Center"
"identifier": "",
"codeRepository": "",
"datePublished": "2017-03-08",
"dateModified": "2017-11-03",
"dateCreated": "2015-07-01",
"description": "Open-source software project that enables HPC centers to install and deploy advanced web and graphical interfaces for their users.",
"keywords": "HPC, apps, portal, gateway, web platform",
"license": "MIT",
"title": "Open OnDemand",
"version": "v1.2.0"
author = {Hudak, David E. and Bitterman, Thomas and Carey, Patricia and Johnson, Douglas and Franz, Eric and Brady, Shaun and Diwan, Piyush},
title = {OSC OnDemand: A Web Platform Integrating Access to HPC Systems, Web and VNC Applications},
booktitle = {Proceedings of the Conference on Extreme Science and Engineering Discovery Environment: Gateway to Discovery},
series = {XSEDE '13},
year = {2013},
isbn = {978-1-4503-2170-9},
location = {San Diego, California, USA},
pages = {49:1--49:6},
articleno = {49},
numpages = {6},
url = {},
doi = {10.1145/2484762.2484780},
acmid = {2484780},
publisher = {ACM},
address = {New York, NY, USA},
keywords = {OpenID, REST, cyberinfrastructure, high performance computing, virtual organizations, web platform},

author = {Hudak, David E. and Johnson, Douglas and Nicklas, Jeremy and Franz, Eric and McMichael, Brian and Gohar, Basil},
title = {Open OnDemand: Transforming Computational Science Through Omnidisciplinary Software Cyberinfrastructure},
booktitle = {Proceedings of the XSEDE16 Conference on Diversity, Big Data, and Science at Scale},
series = {XSEDE16},
year = {2016},
isbn = {978-1-4503-4755-6},
location = {Miami, USA},
pages = {43:1--43:7},
articleno = {43},
numpages = {7},
url = {},
doi = {10.1145/2949550.2949644},
acmid = {2949644},
publisher = {ACM},
address = {New York, NY, USA},
keywords = {Cyberinfrastructure, Federated Authentication, High Performance Computing, OnDemand, OpenID Connect, Virtual Organizations, Web apps, Web platform},
title: 'Open OnDemand: A web-based client portal for HPC centers'
- apps
- portal
- gateway
- web platform
- name: Dave Hudak
affiliation: 1
- name: Doug Johnson
affiliation: 1
- name: Alan Chalker
affiliation: 1
- name: Jeremy Nicklas
affiliation: 1
- name: Eric Franz
affiliation: 1
- name: Trey Dockendorf
affiliation: 1
- name: Brian L. McMichael
affiliation: 1
- name: The Ohio Supercomputer Center
index: 1
date: 8 March 2018
bibliography: paper.bib

# Summary

The web has become the dominant access mechanism for remote compute services in
every computing area except high-performance computing (HPC). Accessing HPC
resources, either at the campus or national level typically requires advanced
knowledge of Linux, familiarity with command-line interfaces and installation
and configuration of custom client software (e.g., Secure Shell (SSH) and
Virtual Network Computing (VNC)). These additional requirements create an
accessibility gap for HPC. To help address this gap we have created the Open
OnDemand Project [@Hudak2016], an open-source software project based on the
proven Ohio Supercomputer Center (OSC) OnDemand platform [@Hudak2013], to allow
HPC centers to provide advanced web and graphical interfaces for their users.

Open OnDemand is the result of substantial development and integration efforts
in four key areas. (1) The per-user NGINX (PUN) architecture including
federated authentication using CILogon, Apache-based web proxy, per-user NGINX
configuration, and Unix domain sockets for secure server-side communication
between the proxy and each PUN. The PUN architecture is an original
contribution of the project. (2) The file browser and file editor which, though
originally based on an existing open source project, have been extensively
modified. (3) The terminal, created by integrating an existing open source
project with minimal effort. (4) Accessibility Apps (Dashboard, Job
Constructor, Job Status, System Status, VDI and iHPC apps) built using the
Rails-based AweSim AppKit (which was developed by this team on a previous
project and leveraged here with minor modifications). The AweSim AppKit allows
for the development of both workflow and interactive applications and includes
mechanisms for user-based app creation, app sharing and app publishing. The
AppKit technology is included as part of the Open OnDemand project.

# Acknowledgements

This work is supported by the National Science Foundation of the United States under the award NSF SI2-SSE-1534949.

# References

