{"id":49113122,"url":"https://github.com/false-systems/kulta","last_synced_at":"2026-05-12T12:09:44.031Z","repository":{"id":324627267,"uuid":"1097872794","full_name":"false-systems/kulta","owner":"false-systems","description":" Gateway API-native progressive delivery controller in Rust. Canary rollouts without service mesh.","archived":false,"fork":false,"pushed_at":"2026-03-02T01:01:43.000Z","size":770,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-21T05:44:39.104Z","etag":null,"topics":["api-gateway","cloud-native","continuous-delivery","devops","devx","kubernetes","kubernetes-deployment","rust"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/false-systems.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-11-17T00:43:35.000Z","updated_at":"2026-03-23T06:01:15.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/false-systems/kulta","commit_stats":null,"previous_names":["yairfalse/kulta","false-systems/kulta"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/false-systems/kulta","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/false-systems%2Fkulta","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/false-systems%2Fkulta/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/false-systems%2Fkulta/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/false-systems%2Fkulta/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/false-systems","download_url":"https://codeload.github.com/false-systems/kulta/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/false-systems%2Fkulta/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32938128,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-12T09:19:52.626Z","status":"ssl_error","status_checked_at":"2026-05-12T09:17:33.438Z","response_time":102,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api-gateway","cloud-native","continuous-delivery","devops","devx","kubernetes","kubernetes-deployment","rust"],"created_at":"2026-04-21T05:38:11.013Z","updated_at":"2026-05-12T12:09:44.009Z","avatar_url":"https://github.com/false-systems.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# KULTA\n\n**Kubernetes Progressive Delivery Controller**\n\n[![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](LICENSE)\n[![Rust](https://img.shields.io/badge/rust-1.83%2B-orange.svg)](https://www.rust-lang.org)\n[![Tests](https://img.shields.io/badge/tests-294%2B-green.svg)]()\n\nA Kubernetes controller for progressive delivery, written in Rust. Supports canary, blue-green, A/B testing, and simple rolling updates with Gateway API traffic routing, Prometheus metrics-based rollback, and CDEvents/FALSE Protocol observability.\n\nPart of the [False Systems](https://github.com/false-systems) toolchain.\n\n---\n\n## Features\n\n| Feature | Description |\n|---------|-------------|\n| **Canary Deployments** | Gradual traffic shifting (0% -\u003e 20% -\u003e 50% -\u003e 100%) with configurable steps |\n| **Blue-Green Deployments** | Instant traffic cutover between two full environments |\n| **A/B Testing** | Statistical significance analysis (Z-test) with header/cookie-based routing |\n| **Simple Rolling Updates** | Standard Kubernetes rolling update with observability |\n| **Gateway API Traffic Routing** | Native HTTPRoute weight-based traffic splitting (no service mesh required) |\n| **Metrics-Based Rollback** | Automatic rollback via Prometheus (error rate, latency thresholds) |\n| **CDEvents Observability** | CNCF-standard deployment events for pipeline integration |\n| **FALSE Protocol** | AI-native occurrence emission for AIOps tooling (AHTI/Kerto) |\n| **Leader Election** | HA-ready with Kubernetes Lease-based leader election |\n| **Time-Based Pauses** | Configurable wait durations between steps |\n| **Manual Promotion** | Annotation-based promotion for human-in-the-loop workflows |\n\n---\n\n## Quick Start\n\n```bash\n# Clone KULTA and its sibling dependency\ngit clone https://github.com/false-systems/kulta\ngit clone https://github.com/false-systems/false-protocol\ncd kulta\ncargo build --release\n\n# Install Gateway API CRDs\nkubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.2.0/standard-install.yaml\n\n# Install KULTA CRD\nkubectl apply -f deploy/crd.yaml\n\n# Run controller\nRUST_LOG=info cargo run\n```\n\n**Requirements:**\n- Rust 1.85+\n- Kubernetes 1.28+\n- Gateway API v1.0+ CRDs installed\n- A Gateway API implementation (Envoy Gateway, NGINX Gateway Fabric, Contour, etc.)\n\n---\n\n## Deployment Strategies\n\n### Canary\n\nGradually shift traffic to a new version while monitoring for errors.\n\n```yaml\napiVersion: kulta.io/v1alpha1\nkind: Rollout\nmetadata:\n name: my-app\nspec:\n replicas: 5\n selector:\n matchLabels:\n app: my-app\n template:\n metadata:\n labels:\n app: my-app\n spec:\n containers:\n - name: app\n image: myregistry/myapp:v2.0.0\n strategy:\n canary:\n stableService: my-app-stable\n canaryService: my-app-canary\n port: 8080\n steps:\n - setWeight: 20\n pause: { duration: \"5m\" }\n - setWeight: 50\n pause: { duration: \"10m\" }\n - setWeight: 80\n pause: {} # Wait for manual promotion\n - setWeight: 100\n trafficRouting:\n gatewayAPI:\n httpRoute: my-app-route\n analysis:\n warmupDuration: \"1m\"\n metrics:\n - name: error-rate\n threshold: 5.0\n - name: latency-p95\n threshold: 500\n```\n\n### Blue-Green\n\nRun two identical environments, instant cutover on promotion.\n\n```yaml\nstrategy:\n blueGreen:\n activeService: my-app-active\n previewService: my-app-preview\n port: 8080\n autoPromotionEnabled: false\n trafficRouting:\n gatewayAPI:\n httpRoute: my-app-route\n```\n\n### A/B Testing\n\nRoute traffic by header or cookie, evaluate with statistical significance.\n\n```yaml\nstrategy:\n abTesting:\n variantAService: checkout-control\n variantBService: checkout-experiment\n port: 8080\n maxDuration: \"24h\"\n variantBMatch:\n header:\n name: X-Variant\n value: B\n trafficRouting:\n gatewayAPI:\n httpRoute: checkout-route\n analysis:\n minDuration: \"1h\"\n minSampleSize: 1000\n confidenceLevel: 0.95\n```\n\nConclude manually or let statistical analysis determine the winner:\n```bash\nkubectl annotate rollout my-app kulta.io/conclude-experiment=true\n```\n\n### Simple\n\nStandard rolling update with CDEvents observability.\n\n```yaml\nstrategy:\n simple:\n analysis:\n metrics:\n - name: error-rate\n threshold: 5.0\n```\n\n---\n\n## Architecture\n\n```\n┌──────────────────────────────────────────────────────────────────────┐\n│ KULTA Controller │\n│ │\n│ ┌──────────────┐ ┌───────────────────┐ ┌────────────────────┐ │\n│ │ Reconciler │──\u003e│ Strategy Handler │──\u003e│ ReplicaSet Manager │ │\n│ │ │ │ Canary/BG/AB/Simple│ │ │ │\n│ └──────┬───────┘ └────────┬──────────┘ └────────────────────┘ │\n│ │ │ │\n│ │ v │\n│ │ ┌───────────────────┐ ┌────────────────────┐ │\n│ │ │ Traffic Router │──\u003e│ HTTPRoute Patcher │ │\n│ │ │ (Gateway API) │ │ │ │\n│ │ └───────────────────┘ └────────────────────┘ │\n│ │ │\n│ v │\n│ ┌──────────────┐ ┌───────────────────┐ ┌────────────────────┐ │\n│ │ Metrics Eval │──\u003e│ Prometheus Client │ │ CDEvents Emitter │ │\n│ │ (Rollback) │ │ + A/B Z-test │ │ + FALSE Protocol │ │\n│ └──────────────┘ └───────────────────┘ └────────────────────┘ │\n│ │\n│ Clock ─── EventSink ─── MetricsQuerier (trait-based injection) │\n└──────────────────────────────────────────────────────────────────────┘\n```\n\n### Phase State Machine\n\n```\nInitializing ──┬──\u003e Progressing (Canary) ──\u003e Paused ──\u003e Completed\n │\n ├──\u003e Preview (Blue-Green) ──────────────\u003e Completed\n │\n ├──\u003e Experimenting (A/B) ──\u003e Concluded ──\u003e Completed\n │\n └──\u003e Completed (Simple)\n\nAny phase can transition to Failed (metrics rollback)\n```\n\n---\n\n## Observability\n\n### CDEvents\n\nKULTA emits [CDEvents](https://cdevents.dev/) for deployment pipeline integration:\n\n| Event | Trigger |\n|-------|---------|\n| `service.deployed` | Rollout started |\n| `service.upgraded` | Canary step progressed |\n| `service.published` | Rollout completed / experiment concluded |\n| `service.rolledback` | Metrics triggered rollback |\n\n### FALSE Protocol\n\nAI-native occurrences for integration with [AHTI](https://github.com/false-systems/ahti) and other False Systems tools:\n\n| Occurrence Type | Trigger |\n|----------------|---------|\n| `canary.rollout.progressing` | Canary step advanced |\n| `bluegreen.rollout.completed` | Blue-green promoted |\n| `abtesting.rollout.failed` | A/B experiment failed |\n| `rolling.rollout.completed` | Simple rollout done |\n\nEach occurrence includes Error, Reasoning, and History blocks per the FALSE Protocol spec.\n\n---\n\n## Configuration\n\n### Environment Variables\n\n| Variable | Default | Description |\n|----------|---------|-------------|\n| `RUST_LOG` | `info` | Log level |\n| `KULTA_LEADER_ELECTION` | `false` | Enable leader election for HA |\n| `KULTA_PROMETHEUS_ADDRESS` | - | Prometheus server URL |\n| `KULTA_CDEVENTS_ENABLED` | `false` | Enable CDEvents emission |\n| `KULTA_CDEVENTS_SINK_URL` | - | CDEvents HTTP sink URL |\n| `KULTA_OCCURRENCE_DIR` | `/tmp/kulta` | FALSE Protocol occurrence output directory |\n| `POD_NAME` | hostname | Identifier for leader election |\n| `POD_NAMESPACE` | `kulta-system` | Namespace for Lease resource |\n\n### Endpoints\n\n| Port | Endpoint | Purpose |\n|------|----------|---------|\n| 8080 | `/healthz` | Liveness probe |\n| 8080 | `/readyz` | Readiness probe |\n| 8080 | `/metrics` | Prometheus metrics |\n\n---\n\n## Development\n\n```bash\ncargo build --release # Build\ncargo test # Run tests (294+)\ncargo clippy -- -D warnings # Lint\ncargo fmt # Format\n```\n\n### Project Structure\n\n```\nsrc/\n├── main.rs # Bootstrap, health server, leader election\n├── crd/\n│ └── rollout.rs # Rollout CRD definition\n├── controller/\n│ ├── rollout/ # Reconciliation (modular)\n│ │ ├── reconcile.rs # Main reconcile loop + Context\n│ │ ├── replicaset.rs # ReplicaSet building + FNV-1a hashing\n│ │ ├── status.rs # Phase state machine\n│ │ ├── traffic.rs # Gateway API HTTPRoute weights\n│ │ └── validation.rs # Rollout spec validation\n│ ├── strategies/\n│ │ ├── mod.rs # RolloutStrategy trait\n│ │ ├── canary.rs # Canary strategy\n│ │ ├── blue_green.rs # Blue-green strategy\n│ │ ├── ab_testing.rs # A/B testing strategy\n│ │ └── simple.rs # Simple rolling update\n│ ├── cdevents.rs # CDEvents emission (EventSink trait)\n│ ├── prometheus.rs # Prometheus client (MetricsQuerier trait)\n│ ├── prometheus_ab.rs # A/B statistical significance (Z-test)\n│ ├── clock.rs # Clock trait (SystemClock / MockClock)\n│ └── occurrence.rs # FALSE Protocol occurrences\n└── server/\n ├── health.rs # /healthz, /readyz\n ├── metrics.rs # /metrics (Prometheus)\n ├── leader.rs # Kubernetes Lease leader election\n └── shutdown.rs # Graceful shutdown\n```\n\n### Local Development with Skaffold\n\n```bash\nkind create cluster --name kulta-dev\nkubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.2.0/standard-install.yaml\nskaffold dev\n```\n\n---\n\n## Comparison\n\n| Feature | KULTA | Argo Rollouts | Flagger |\n|---------|-------|---------------|---------|\n| Language | Rust | Go | Go |\n| Traffic Routing | Gateway API | Istio/NGINX/ALB/Gateway API | Istio/Linkerd/NGINX/Gateway API |\n| Service Mesh Required | No | No | No (with Gateway API) |\n| A/B Testing | Yes | Yes | Yes |\n| CDEvents | Yes | No | No |\n| Metrics Analysis | Prometheus | Prometheus/Datadog/etc | Prometheus/Datadog/etc |\n| Blue-Green | Yes | Yes | Yes |\n| Canary | Yes | Yes | Yes |\n| A/B Testing | Yes | Yes | Yes |\n\n---\n\n## Naming\n\n**Kulta** (Finnish: \"gold\") — part of the False Systems toolchain:\n\n| Tool | Finnish | Domain |\n|------|---------|--------|\n| [SYKLI](https://github.com/yairfalse/sykli) | cycle | CI pipelines |\n| [NOPEA](https://github.com/false-systems/nopea) | fast | GitOps |\n| **KULTA** | gold | Progressive delivery |\n| [RAUTA](https://github.com/false-systems/rauta) | iron | Gateway API |\n| [AHTI](https://github.com/false-systems/ahti) | water spirit | AIOps correlation |\n\n---\n\n## License\n\nApache 2.0\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffalse-systems%2Fkulta","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffalse-systems%2Fkulta","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffalse-systems%2Fkulta/lists"}