Detects orphan configmaps and secrets in a Kubernetes cluster

Related tags

Utilities kubernetes rust kubernetes-tools
Overview

KubExplorer

Rust build & tests

Warning: Proof of concept. Feedback is much welcome.

Discovers and prints out any Configmaps and Secrets not linked to any of the following resources:

  1. Deployments,
  2. ReplicaSets,
  3. StatefulSets,
  4. DaemonSets,
  5. Jobs,
  6. CronJobs,
  7. ReplicationControllers,
  8. Pods,
  9. Ingresses.

Running

Pre-compiled x86_64-unknown-linux-gnu binaries are available. For other platforms, compilation is an easy, but necessary step.

  1. Install Rust
  2. Simply invoke cargo run -- -h (add the --release flag for optimal performance) to obtain instructions.

> cargo run -- -h

KubEx - Kubernetes Explorer 0.1.0
Pavel Pscheidl <[email protected]>
Discovers unused ConfigMaps and Secrets

USAGE:
    kubex [OPTIONS]

FLAGS:
    -h, --help       Prints help information
    -V, --version    Prints version information

OPTIONS:
    -k, --kubeconfig <PATH_TO_KUBECONFIG>    Path to a KUBECONFIG file. When not set, env is used.
    -n, --namespace <NAMESPACE>              Namespace to search in.
    -o, --output <OUTPUT>                    Output format. YAML by default. [default: yaml]  [possible values: yaml,
                                             json]

E.g. cargo run --release -- -k /etc/rancher/k3s/k3s.yaml -n default -o json to explicitly specify the KUBECONFIG and the namespace. If KUBECONFIG is not specified, the KUBECONFIG env variable is looked for. When not found, an error is thrown. If namespace is not defined, the default namespace from KUBECONFIG is used.

Testing

Run tests using cargo test. Tests require:

  1. Running Kubernetes cluster with supported API version 1_19,
  2. KUBECONFIG environment variable set.

An easy way to obtain a Kubernetes cluster is k3s.io - curl -sfL https://get.k3s.io | sh -. After installation, export KUBECONFIG=/etc/rancher/k3s/k3s.yaml and make sure to chown or chmod the $KUBECONFIG file for current user to be able to read it.

You might also like...
The last kubernetes tool you'll ever need.

Neatkube The last kubernetes tool you'll ever need. Kubernetes is a mess. Everthing ships it's own command line tools that you need to install and tra

git repositories with lazers 5 Aug 3, 2022
Kubernetes + wasmCloud
Kubernetes + wasmCloud

KasmCloud Managing and Running Actors, Providers, and Links in Kubernetes ⚠️ Warning This is a contributor-led experimental project and is not recomme

wasmcloud 22 Oct 8, 2023
KFtray - A tray application that manages port forwarding in Kubernetes.
KFtray - A tray application that manages port forwarding in Kubernetes.

Ktray is written in Rust and React, with Tauri framework. The app simplifies the process of starting and stopping multiple port forwarding configurations through a user-friendly interface.

Henrique Cavarsan 42 Dec 17, 2023
Fusion is a cross-platform App Dev ToolKit build on Rust . Fusion lets you create Beautiful and Fast apps for mobile and desktop platform.
Fusion is a cross-platform App Dev ToolKit build on Rust . Fusion lets you create Beautiful and Fast apps for mobile and desktop platform.

Fusion is a cross-platform App Dev ToolKit build on Rust . Fusion lets you create Beautiful and Fast apps for mobile and desktop platform.

Fusion 1 Oct 19, 2021
List of Persian Colors and hex colors for CSS, SCSS, PHP, JS, Python, and Ruby.

Persian Colors (Iranian colors) List of Persian Colors and hex colors for CSS, SCSS, PHP, C++, QML, JS, Python, Ruby and CSharp. Persian colors Name H

Max Base 12 Sep 3, 2022
Time related types (and conversions) for scientific and astronomical usage.

astrotime Time related types (and conversions) for scientific and astronomical usage. This library is lightweight and high performance. Features The f

Michael Dilger 3 Aug 22, 2022
A Diablo II library for core and simple client functionality, written in Rust for performance, safety and re-usability

A Diablo II library for core and simple client functionality, written in Rust for performance, safety and re-usability

null 4 Nov 30, 2022
UnTeX is both a library and an executable that allows you to manipulate and understand TeX files.

UnTeX UnTeX is both a library and an executable that allows you to manipulate and understand TeX files. Usage Executable If you wish to use the execut

Jérome Eertmans 1 Apr 5, 2022
A convenient tracing config and init lib, with symlinking and local timezone.
A convenient tracing config and init lib, with symlinking and local timezone.

clia-tracing-config A convenient tracing config and init lib, with symlinking and local timezone. Use these formats default, and can be configured: pr

Cris Liao 5 Jan 3, 2023
Comments
  • Search for secrets in Ingresses

    Search for secrets in Ingresses

    Ingresses might link to secret maps and configs as well, e.g. in the tls section.

    --- 
apiVersion: extensions/v1beta1
kind: Ingress
metadata: 
name: tls-example-ingress
spec: 
rules: 
- 
host: mydomain.com
http: 
paths: 
- 
backend: 
serviceName: my-service
servicePort: 80
path: /
tls: 
- 
hosts: 
- mydomain.com
secretName: my-tls-secret
    opened by Pscheidl 0
  • Detect standalone pods

    Detect standalone pods

    Pods not tied to any deployment/replica set etc.

    In some cases, pods are spawned by custom controllers. How to deal with that ? Define custom rule/path ? Ignore for now ?

    opened by Pscheidl 0
Releases(latest)
Owner
Pavel Pscheidl
Software engineer | Rustacean
Pavel Pscheidl
GitHub
A Kubernetes Operator that uses Bitwarden to provision secrets, written in Rust with kube-rs

bitwarden-secret-operator-rs bitwarden-secret-operator-rs is a kubernetes Operator written in Rust thanks to kube-rs. The goal is to create Kubernetes

Blowa 4 Mar 28, 2024
Gossip-based cluster membership discovery (SWIM)

Foca: Cluster membership discovery on your terms Foca is a building block for your gossip-based cluster discovery. It's a small no_std + alloc crate t

null 43 Jan 3, 2023
A lambda extension to hot reload parameters from SSM Parameter Store, Secrets Manager, DynamoDB, AppConfig

A lambda extension to hot reload parameters from SSM Parameter Store, Secrets Manager, DynamoDB, AppConfig

Jake Scott 7 Jun 12, 2022
💫 Small microservice to handle state changes of Kubernetes pods and post them to Instatus or Statuspages

?? Kanata Small microservice to handle state changes of Kubernetes pods and post to Instatus ?? Why? I don't really want to implement and repeat code

Noel ʕ •ᴥ•ʔ 4 Mar 4, 2022
Continuous Delivery for Declarative Kubernetes, Serverless and Infrastructure Applications

Continuous Delivery for Declarative Kubernetes, Serverless and Infrastructure Applications Explore PipeCD docs » Overview PipeCD provides a unified co

PipeCD 650 Dec 29, 2022
A crate to implement leader election for Kubernetes workloads in Rust.

Kubernetes Leader Election in Rust This library provides simple leader election for Kubernetes workloads.

Hendrik Maus 33 Dec 29, 2022
kubernetes openapi unmangler

kopium A kubernetes openapi unmangler. Creates rust structs from a named crd by converting the live openapi schema. ⚠️ WARNING: ALPHA SOFTWARE ⚠️ Inst

kube-rs 48 Jan 3, 2023
engula-operator creates/configures/manages engula clusters atop Kubernetes

Engula Operator The engula operator manages engula clusters deployed to Kubernetes and automates tasks related to operating an engula cluster. Backgro

小母牛坐飞机 12 Apr 27, 2022
Ultralight, security-first service mesh for Kubernetes. Main repo for Linkerd 2.x.

Linkerd ?? Welcome to Linkerd! ?? Linkerd is an ultralight, security-first service mesh for Kubernetes. Linkerd adds critical security, observability,

Linkerd 9.2k Jan 1, 2023
Rust Kubernetes runtime helpers. Based on kube-rs.

kubert Rust Kubernetes runtime helpers. Based on kube-rs. Features clap command-line interface support; A basic admin server with /ready and /live pro

Oliver Gould 63 Dec 17, 2022