kube-linter VS crossplane

Kustomize: It provides a solution to customize the Kubernetes resource base configuration and differential configuration without template and DSL. It does not solve the constraint problem itself, but needs to cooperate with a large number of additional tools to check constraints, such as Kube-linter, Checkov and kubescape.

Kube linter would be a first citizen for your need https://github.com/stackrox/kube-linter. If you use Helm would be Helm linter as well. Kube score is another interesting tool offering you best practices patterns. I usually develop with vscode and have a Yaml + Kubernetes extension. These could be enough to help you get through. Nevertheless, consider adopting a skaffold with a k3s for a faster feedback on the local dev lifecycle.

Another great tool is KubeLinter which checks for a lot of helpful stuff, including dangling references. This is nice, but it is a command-line tool, so I don't get live feedback in my editor.

It is always a good practice to scan your Kubernetes deployment or Helm chart before deploying. We can use Checkov to scans Kubernetes manifests and identifies security and configuration issues. It also supports Helm chart scanning. We can also use terrascan and kubeLinter to scan the Kubernetes manifest.

Verify it with manifest verification tools (kubeval or kube-linter).

Its worth mentioning about Kube-linter (https://github.com/stackrox/kube-linter) its FOSS and has a very minimal and effective set of commands

did anyone adopt in production https://crossplane.io ?

- https://github.com/crossplane/crossplane/blob/master/design/one-pager-composition-environment.md

In the overall scheme of things , look at services like backstage.io , crossplane.io and opslevel.com to get ideas. This is not necessarily an endorsement of the services. If all you want is to handle cloud resources and that's it, Terraform can be enough with what ever flavor of web technologies you and your team are comfortable with and can support it along the way. Doesn't take much to create a js based website to collect data from a form, or use other means to collecting data as long as its recorded and transparent for accountability.

XRs are written in a fully declarative manner. And when I am building my XR from underlying managed resources provided by some crossplane provider I need to parametrize resources, use conditionals and create arrays of resuorces The issues of declarativeness in the world of automation are well known- we typically resort to some form of templating and we invent some imperative expressions into that templating language/format. This is currently not very well supported with Crossplane however Crossplane team realizes this issue and they are conteptualizing solution here

I have an idea for a project that would interface with Crossplane. The project has some code that would save tons of time if I could use it directly in my project, but it is located in the internal directory. I can't import the modules directly, but the project is open sourced under an Apache 2.0 license, so the code itself is available for use under that license.

There are always new projects like crossplane that sit on top on architecture systems like terraform, vagrant. The pressure to abstract away any sort of resources is mounting, companies can save a lot by for example by alt hosting S3 endpoints. The train is going the direction not to tie anything to a specific platform implementation if its not a must. Most of the companies I work with use AWS as a hosting provider, but Microsoft for github and related CI matters. As I learned, AWS quality is very dependent on location, eu-central-1 is dead stable for our use cases serving about millions requests a day.

Practically, you'll be replacing stock k8s resources (deployments) with custom ones like Argo Rollouts with Keda autoscaling, so you have to plan the respective Gitops CD pipeline (fluxcd/argocd with some crossplane), as well.