rbacsync
controller-idioms
rbacsync | controller-idioms | |
---|---|---|
1 | 1 | |
236 | 163 | |
-0.4% | 0.6% | |
3.9 | 4.9 | |
5 months ago | 3 days ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
rbacsync
-
Struggling to understand how Google Groups for RBAC is scalable
Prior to google groups being supported in any manner we made rbacsync that does analogous. It's a custom controller that takes IaC declarations for rolebindings, and maps a given google group name to them on a per namespace or cluster basis. In GKE, this worked with a user's auth token from GCP (claims were in the JWT). Id expect it to work with your OIDC integration as well.
controller-idioms
-
Writing a Kubernetes Operator
Since Go got generics, working with the Kubernetes API could become far more ergonomic. It's been pulling teeth until now. I'm eager to see how the upstream APIs change over time.
In the mean time, one of the creators of the Operator Framework[0] built a bunch of useful patterns using generics that we used to build the SpiceDB Operator[1] called controller-idioms[2].
Does anyone know of other efforts to improve the status quo?
[0]: https://operatorframework.io
[1]: https://github.com/authzed/spicedb-operator
[2]: https://github.com/authzed/controller-idioms
What are some alternatives?
openunison-k8s-login-oidc - Kubernetes login portal for both kubectl and the dashboard using OpenID Connect. Use groups from your assertion in RBAC policies to control access to your cluster. Supports impersonation and OpenID Connect integration with your API server.
kubectl-operator - Manage Kubernetes Operators from the command line
nifikop - The NiFiKop NiFi Kubernetes operator makes it easy to run Apache NiFi on Kubernetes. Apache NiFI is a free, open-source solution that support powerful and scalable directed graphs of data routing, transformation, and system mediation logic.
databricks-kube-operator - A Kubernetes operator to enable GitOps style deploys for Databricks resources
argocd-operator - A Kubernetes operator for managing Argo CD clusters.
kubeplus - Kubernetes Operator to create multi-instance SaaS from Helm charts using Kubernetes-native APIs
k8s-pod-restart-info-collector - Automated troubleshooting of Kubernetes Pods issues. Collect K8s pod restart reasons, logs, and events automatically.
cronjobber - Cronjobber is a cronjob controller for Kubernetes with support for time zones
kube-httpcache - Varnish Reverse Proxy on Kubernetes
kubebuilder - Kubebuilder - SDK for building Kubernetes APIs using CRDs
spicedb-operator - Kubernetes controller for managing instances of SpiceDB
prometheus-operator - Prometheus Operator creates/configures/manages Prometheus clusters atop Kubernetes