autobucket-operator
rbacsync
autobucket-operator | rbacsync | |
---|---|---|
2 | 1 | |
11 | 236 | |
- | -0.4% | |
0.0 | 3.9 | |
over 3 years ago | 5 months ago | |
Go | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
autobucket-operator
-
Autobucket Operator
The operator provides a special deployment annotation “ab.leclouddev.com/on-delete-policy” which can be set to “destroy” or “ignore”. If it is set to “destroy” as in our example above, the operator will delete the Cloud Storage bucket when the Bucket CR is deleted, and also when the Deployment is deleted since a Deployment deletion triggers a Bucket CR deletion (use carefully as you might lose data). This is done through Kubernetes Finalizers, which I highly encourage you to read on, and you can check the full code here.
rbacsync
-
Struggling to understand how Google Groups for RBAC is scalable
Prior to google groups being supported in any manner we made rbacsync that does analogous. It's a custom controller that takes IaC declarations for rolebindings, and maps a given google group name to them on a per namespace or cluster basis. In GKE, this worked with a user's auth token from GCP (claims were in the JWT). Id expect it to work with your OIDC integration as well.
What are some alternatives?
helmify - Creates Helm chart from Kubernetes yaml
openunison-k8s-login-oidc - Kubernetes login portal for both kubectl and the dashboard using OpenID Connect. Use groups from your assertion in RBAC policies to control access to your cluster. Supports impersonation and OpenID Connect integration with your API server.
controller-runtime - Repo for the controller-runtime subproject of kubebuilder (sig-apimachinery)
nifikop - The NiFiKop NiFi Kubernetes operator makes it easy to run Apache NiFi on Kubernetes. Apache NiFI is a free, open-source solution that support powerful and scalable directed graphs of data routing, transformation, and system mediation logic.
ginkgo - A Modern Testing Framework for Go
argocd-operator - A Kubernetes operator for managing Argo CD clusters.
bucket-text-api - Simple REST API (built with Go) to write text files to Cloud Buckets.
k8s-pod-restart-info-collector - Automated troubleshooting of Kubernetes Pods issues. Collect K8s pod restart reasons, logs, and events automatically.
kube-httpcache - Varnish Reverse Proxy on Kubernetes
spicedb-operator - Kubernetes controller for managing instances of SpiceDB
skipper - An HTTP router and reverse proxy for service composition, including use cases like Kubernetes Ingress