{"id":24915430,"url":"https://github.com/gurghet/github-deploy-key-operator","last_synced_at":"2025-04-14T17:54:43.514Z","repository":{"id":275184490,"uuid":"915491708","full_name":"gurghet/github-deploy-key-operator","owner":"gurghet","description":"Kubernetes operator that automatically manages GitHub Deploy Keys for your repositories","archived":false,"fork":false,"pushed_at":"2025-02-23T16:13:48.000Z","size":62,"stargazers_count":8,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-28T06:31:14.603Z","etag":null,"topics":["deployment-automation","github-actions","gitops","kubernetes"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gurghet.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-01-12T01:25:50.000Z","updated_at":"2025-02-23T22:26:12.000Z","dependencies_parsed_at":"2025-02-23T17:20:55.451Z","dependency_job_id":"7f96285d-213a-4911-97b1-422768ff23eb","html_url":"https://github.com/gurghet/github-deploy-key-operator","commit_stats":null,"previous_names":["gurghet/github-deploy-key-operator"],"tags_count":15,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gurghet%2Fgithub-deploy-key-operator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gurghet%2Fgithub-deploy-key-operator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gurghet%2Fgithub-deploy-key-operator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gurghet%2Fgithub-deploy-key-operator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gurghet","download_url":"https://codeload.github.com/gurghet/github-deploy-key-operator/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248931917,"owners_count":21185265,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["deployment-automation","github-actions","gitops","kubernetes"],"created_at":"2025-02-02T07:17:41.732Z","updated_at":"2025-04-14T17:54:43.480Z","avatar_url":"https://github.com/gurghet.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# GitHub Deploy Key Operator\n\n🔑 Automatically manage GitHub Deploy Keys in your Kubernetes cluster\n\n## Why?\n\nManaging deploy keys across multiple repositories is a common challenge in GitOps:\n- Manual key creation is error-prone\n- Key rotation is often forgotten\n- Tracking which keys belong to which clusters is difficult\n\nThis operator automates these tasks by:\n1. Creating and rotating SSH keys automatically\n2. Storing keys securely in Kubernetes secrets\n3. Managing keys through Kubernetes resources\n\n```\n┌──────────────┐         ┌──────────────┐\n│              │   1️⃣    │              │\n│  GitHubKey   │────────▶│   Operator   │\n│     CRD      │         │              │\n│              │         │              │\n└──────────────┘         └───────┬──────┘\n                                 │\n                                 │ 2️⃣\n                                 ▼\n                         ┌──────────────┐\n                         │   Generate   │\n                         │ SSH keypair  │\n                         └───────┬──────┘\n                                 │\n                         3️⃣      │\n               ┌─────────────────┴─────────────┐\n               │                               │\n               ▼                               ▼\n     ┌──────────────┐                 ┌──────────────┐\n     │   GitHub     │                 │  Kubernetes  │\n     │ Deploy Key   │                 │   Secret     │\n     │  (public)    │                 │  (private)   │\n     └──────────────┘                 └──────────────┘\n```\n\n## Quick Start (5 minutes)\n\n```bash\n# 1. Add the Helm repository\nflux create source helm github-deploy-key-operator \\\n  --url=oci://ghcr.io/gurghet/github-deploy-key-operator \\\n  --namespace=flux-system\n\n# 2. Create GitHub token secret\nkubectl create secret generic github-token \\\n  --namespace=flux-system \\\n  --from-literal=GITHUB_TOKEN=your_github_token\n\n# 3. Install the operator\nflux create helmrelease github-deploy-key-operator \\\n  --namespace=flux-system \\\n  --source=HelmRepository/github-deploy-key-operator \\\n  --chart=github-deploy-key-operator \\\n  --values='{\"github\":{\"existingSecret\":\"github-token\",\"existingSecretKey\":\"GITHUB_TOKEN\"}}'\n```\n\n## Usage\n\nCreate a GitHubDeployKey resource:\n\n```yaml\napiVersion: github.com/v1alpha1\nkind: GitHubDeployKey\nmetadata:\n  name: my-repo-key\n  namespace: flux-system # or your preferred namespace\nspec:\n  repository: \"owner/repository\"\n  title: \"Kubernetes-managed deploy key\"\n  readOnly: true  # Recommended for security\n```\n\nThe operator will:\n- Generate a new SSH key pair\n- Add the public key to your GitHub repository\n- Store the private key in a Kubernetes secret\n- Monitor and maintain the key's existence\n\n## Security\n\n- Private keys are stored only in Kubernetes secrets\n- Deploy keys are read-only by default\n- SSH keys use RSA 4096-bit encryption\n- Automatic key rotation on CRD updates\n- GitHub token needs only repo deploy key permissions\n\n## Troubleshooting\n\nCommon issues:\n1. **Key creation fails**: Check GitHub token permissions\n2. **Pod fails to start**: Verify secret exists and is readable\n3. **Key rotation fails**: Ensure old key exists in GitHub\n\nFor detailed configuration and advanced usage, see our [Helm chart documentation](charts/github-deploy-key-operator/values.yaml).\n\n## Contributing\n\nContributions are welcome! Please feel free to submit a Pull Request.\n\n## License\n\nApache License 2.0\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgurghet%2Fgithub-deploy-key-operator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgurghet%2Fgithub-deploy-key-operator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgurghet%2Fgithub-deploy-key-operator/lists"}