{"id":13581586,"url":"https://github.com/lwolf/kube-cleanup-operator","last_synced_at":"2026-01-14T10:45:56.266Z","repository":{"id":24849094,"uuid":"102504769","full_name":"lwolf/kube-cleanup-operator","owner":"lwolf","description":"Kubernetes Operator to automatically delete completed Jobs and their Pods","archived":false,"fork":false,"pushed_at":"2025-07-18T17:52:16.000Z","size":23141,"stargazers_count":523,"open_issues_count":16,"forks_count":109,"subscribers_count":14,"default_branch":"master","last_synced_at":"2025-08-13T22:36:07.591Z","etag":null,"topics":["golang","kubernetes","kubernetes-operator"],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lwolf.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-09-05T16:26:39.000Z","updated_at":"2025-07-06T16:33:16.000Z","dependencies_parsed_at":"2024-11-05T21:33:11.828Z","dependency_job_id":"c8173f96-9d23-4f95-89dc-4ee98ea85f32","html_url":"https://github.com/lwolf/kube-cleanup-operator","commit_stats":null,"previous_names":[],"tags_count":19,"template":false,"template_full_name":null,"purl":"pkg:github/lwolf/kube-cleanup-operator","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lwolf%2Fkube-cleanup-operator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lwolf%2Fkube-cleanup-operator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lwolf%2Fkube-cleanup-operator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lwolf%2Fkube-cleanup-operator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lwolf","download_url":"https://codeload.github.com/lwolf/kube-cleanup-operator/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lwolf%2Fkube-cleanup-operator/sbom","scorecard":{"id":606640,"data":{"date":"2025-08-11","repo":{"name":"github.com/lwolf/kube-cleanup-operator","commit":"538f00d447db507f528fd6f94fa2c3d81b9302f3"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.3,"checks":[{"name":"Code-Review","score":6,"reason":"Found 15/24 approved changesets -- score normalized to 6","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: topLevel 'contents' permission set to 'write': .github/workflows/release.yml:9","Warn: no topLevel permission defined: .github/workflows/test.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v0.8.4 not signed: https://api.github.com/repos/lwolf/kube-cleanup-operator/releases/158041663","Warn: release artifact v0.8.3 not signed: https://api.github.com/repos/lwolf/kube-cleanup-operator/releases/142358437","Warn: release artifact v0.8.2 not signed: https://api.github.com/repos/lwolf/kube-cleanup-operator/releases/45980786","Warn: release artifact v0.8.1 not signed: https://api.github.com/repos/lwolf/kube-cleanup-operator/releases/29105659","Warn: release artifact v0.8.0 not signed: https://api.github.com/repos/lwolf/kube-cleanup-operator/releases/28218387","Warn: release artifact v0.8.4 does not have provenance: https://api.github.com/repos/lwolf/kube-cleanup-operator/releases/158041663","Warn: release artifact v0.8.3 does not have provenance: https://api.github.com/repos/lwolf/kube-cleanup-operator/releases/142358437","Warn: release artifact v0.8.2 does not have provenance: https://api.github.com/repos/lwolf/kube-cleanup-operator/releases/45980786","Warn: release artifact v0.8.1 does not have provenance: https://api.github.com/repos/lwolf/kube-cleanup-operator/releases/29105659","Warn: release artifact v0.8.0 does not have provenance: https://api.github.com/repos/lwolf/kube-cleanup-operator/releases/28218387"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/lwolf/kube-cleanup-operator/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/lwolf/kube-cleanup-operator/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/lwolf/kube-cleanup-operator/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/lwolf/kube-cleanup-operator/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/lwolf/kube-cleanup-operator/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/lwolf/kube-cleanup-operator/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/lwolf/kube-cleanup-operator/test.yml/master?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:1","Warn: containerImage not pinned by hash: Dockerfile:12: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: Dockerfile.releaser:1: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: goCommand not pinned by hash: vendor/github.com/json-iterator/go/build.sh:10","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   3 third-party GitHubAction dependencies pinned","Info:   0 out of   3 containerImage dependencies pinned","Info:   0 out of   1 goCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 22 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":6,"reason":"4 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2024-3333","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw","Warn: Project is vulnerable to: GO-2025-3488 / GHSA-6v2p-p543-phr9"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-21T01:45:50.924Z","repository_id":24849094,"created_at":"2025-08-21T01:45:50.924Z","updated_at":"2025-08-21T01:45:50.924Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28417716,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T10:25:19.714Z","status":"ssl_error","status_checked_at":"2026-01-14T10:22:49.371Z","response_time":107,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["golang","kubernetes","kubernetes-operator"],"created_at":"2024-08-01T15:02:06.627Z","updated_at":"2026-01-14T10:45:56.240Z","avatar_url":"https://github.com/lwolf.png","language":"Go","funding_links":[],"categories":["Go","Operators vs Controllers","kubernetes"],"sub_categories":["Cleanup"],"readme":"# Kubernetes cleanup operator\n\n[![Build Status](https://travis-ci.org/lwolf/kube-cleanup-operator.svg?branch=master)](https://travis-ci.org/lwolf/kube-cleanup-operator)\n[![Go Report Card](https://goreportcard.com/badge/github.com/lwolf/kube-cleanup-operator)](https://goreportcard.com/report/github.com/lwolf/kube-cleanup-operator)\n[![Docker Repository on Quay](https://quay.io/repository/lwolf/kube-cleanup-operator/status \"Docker Repository on Quay\")](https://quay.io/repository/lwolf/kube-cleanup-operator)\n[![codecov](https://codecov.io/gh/lwolf/kube-cleanup-operator/branch/master/graph/badge.svg)](https://codecov.io/gh/lwolf/kube-cleanup-operator)\n\nKubernetes Controller to automatically delete completed Jobs and Pods.\nController listens for changes in Pods and Jobs and acts accordingly with config arguments.\n\nSome common use-case scenarios:\n* Delete Jobs and their pods after their completion\n* Delete Pods stuck in a Pending state\n* Delete Pods in Evicted state\n* Delete orphaned Pods (Pods without an owner in non-running state)\n\n| flag name                  | pod                                                   | job                           |\n| -------------------------- | ----------------------------------------------------- | ----------------------------- |\n| delete-successful-after    | delete after specified period if owned by the job     | delete after specified period |\n| delete-failed-after        | delete after specified period if owned by the job     | delete after specified period |\n| delete-orphaned-pods-after | delete after specified period (any completion status) | N/A                           |\n| delete-evicted-pods-after  | delete on discovery                                   | N/A                           |\n| delete-pending-pods-after  | delete after specified period                         | N/A                           |\n\n\n## Helm chart\n\nChart is available to install from https://charts.lwolf.org/ (https://github.com/lwolf/kube-charts)\n\n```\n$ helm repo add lwolf-charts http://charts.lwolf.org\n\"lwolf-charts\" has been added to your repositories\n$ helm search kube-cleanup\nNAME                              \tCHART VERSION\tAPP VERSION\tDESCRIPTION\nlwolf-charts/kube-cleanup-operator\t1.0.0        \tv0.8.1     \tKubernetes Operator to automatically delete completed Job...\n```\n\n\n## Usage\n\n![screensharing](http://g.recordit.co/aDU52FJIwP.gif)\n\n```\n# remember to change namespace in RBAC manifests for monitoring namespaces other than \"default\"\n\nkubectl create -f https://raw.githubusercontent.com/lwolf/kube-cleanup-operator/master/deploy/deployment/rbac.yaml\n\n# create deployment\nkubectl create -f https://raw.githubusercontent.com/lwolf/kube-cleanup-operator/master/deploy/deployment/deployment.yaml\n\n\nkubectl logs -f $(kubectl get pods --namespace default -l \"run=cleanup-operator\" -o jsonpath=\"{.items[0].metadata.name}\")\n\n# Use simple job to test it\nkubectl create -f https://k8s.io/examples/controllers/job.yaml\n```\n\n\n## Docker images\n\n```docker pull quay.io/lwolf/kube-cleanup-operator```\n\nor you can build it yourself as follows:\n\n```console\n$ docker build .\n```\n\n## Development\n\n```console\n$ make install_deps\n$ make build\n$ ./bin/kube-cleanup-operator -run-outside-cluster -dry-run=true\n```\n\n## Usage\n\nPre v0.7.0\n\n```\n    $ ./bin/kube-cleanup-operator --help\n    Usage of ./bin/kube-cleanup-operator:\n      -namespace string\n            Watch only this namespace (omit to operate clusterwide)\n      -run-outside-cluster\n            Set this flag when running outside of the cluster.\n      -keep-successful\n            the number of hours to keep a successful job\n            -1 - forever \n            0  - never (default)\n            \u003e0 - number of hours\n      -keep-failures\n            the number of hours to keep a failed job\n            -1 - forever (default)\n            0  - never\n            \u003e0 - number of hours\n      -keep-pending\n            the number of hours to keep a pending job\n            -1 - forever (default)\n            0  - forever\n            \u003e0 - number of hours\n      -dry-run\n            Perform dry run, print only\n``` \n\nAfter v0.7.0\n\n```\nUsage of ./bin/kube-cleanup-operator:\n  -delete-evicted-pods-after duration\n        Delete pods in evicted state (golang duration format, e.g 5m), 0 - never delete (default 15m0s)\n  -delete-failed-after duration\n        Delete jobs and pods in failed state after X duration (golang duration format, e.g 5m), 0 - never delete\n  -delete-orphaned-pods-after duration\n        Delete orphaned pods. Pods without an owner in non-running state (golang duration format, e.g 5m), 0 - never delete (default 1h0m0s)\n  -delete-pending-pods-after duration\n        Delete pods in pending state after X duration (golang duration format, e.g 5m), 0 - never delete\n  -delete-successful-after duration\n        Delete jobs and pods in successful state after X duration (golang duration format, e.g 5m), 0 - never delete (default 15m0s)\n  -dry-run\n        Print only, do not delete anything.\n  -ignore-owned-by-cronjobs\n        [EXPERIMENTAL] Do not cleanup pods and jobs created by cronjobs\n  -keep-failures int\n        Number of hours to keep failed jobs, -1 - forever (default) 0 - never, \u003e0 number of hours (default -1)\n  -keep-pending int\n        Number of hours to keep pending jobs, -1 - forever (default) \u003e0 number of hours (default -1)\n  -keep-successful int\n        Number of hours to keep successful jobs, -1 - forever, 0 - never (default), \u003e0 number of hours\n  -legacy-mode true\n        Legacy mode: true - use old `keep-*` flags, `false` - enable new `delete-*-after` flags (default true)\n  -listen-addr string\n        Address to expose metrics. (default \"0.0.0.0:7000\")\n  -namespace string\n        Limit scope to a single namespace\n  -run-outside-cluster\n        Set this flag when running outside of the cluster.\n  -label-selector\n        Delete only jobs and pods that meet label selector requirements. #See https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/\n```\n\n### Optional parameters \n\nDISCLAIMER: These parameters are not supported on this project since they are implemented by the underlying libraries. Any malfunction regarding the use them is not covered by this GitHub repository. They are included in this documentation since the debugging process is simplified.\n\n```\n-alsologtostderr\n  log to standard error as well as files\n-log_backtrace_at value\n  when logging hits line file:N, emit a stack trace\n-log_dir string\n  If non-empty, write log files in this directory\n-logtostderr\n  log to standard error instead of files\n-vmodule value\n  comma-separated list of pattern=N settings for file-filtered logging\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flwolf%2Fkube-cleanup-operator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flwolf%2Fkube-cleanup-operator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flwolf%2Fkube-cleanup-operator/lists"}