{"id":46421529,"url":"https://github.com/nginx/nginx-supportpkg-for-k8s","last_synced_at":"2026-03-05T16:03:07.810Z","repository":{"id":243247535,"uuid":"811759167","full_name":"nginx/nginx-supportpkg-for-k8s","owner":"nginx","description":"NGINX Support Package Tool For Kubernetes","archived":false,"fork":false,"pushed_at":"2026-02-26T15:27:49.000Z","size":478,"stargazers_count":5,"open_issues_count":17,"forks_count":3,"subscribers_count":6,"default_branch":"main","last_synced_at":"2026-02-26T20:10:16.388Z","etag":null,"topics":["diagnostic-tool","troubleshooting"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nginx.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-06-07T08:41:48.000Z","updated_at":"2026-02-25T10:54:59.000Z","dependencies_parsed_at":"2024-06-28T13:54:41.919Z","dependency_job_id":"ebb3ebba-03dd-459e-ad1d-f7eba1cff7c9","html_url":"https://github.com/nginx/nginx-supportpkg-for-k8s","commit_stats":null,"previous_names":["nginxinc/nginx-supportpkg-for-k8s","nginx/nginx-supportpkg-for-k8s"],"tags_count":13,"template":false,"template_full_name":null,"purl":"pkg:github/nginx/nginx-supportpkg-for-k8s","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nginx%2Fnginx-supportpkg-for-k8s","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nginx%2Fnginx-supportpkg-for-k8s/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nginx%2Fnginx-supportpkg-for-k8s/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nginx%2Fnginx-supportpkg-for-k8s/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nginx","download_url":"https://codeload.github.com/nginx/nginx-supportpkg-for-k8s/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nginx%2Fnginx-supportpkg-for-k8s/sbom","scorecard":{"id":1236872,"data":{"date":"2025-09-03T03:30:21Z","repo":{"name":"github.com/nginx/nginx-supportpkg-for-k8s","commit":"e9183f0097e7388a2186155c06cb26b8125ecb9d"},"scorecard":{"version":"v5.1.1","commit":"cd152cb6742c5b8f2f3d2b5193b41d9c50905198"},"score":7.5,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#binary-artifacts"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: jobLevel 'statuses' permission set to 'write': .github/workflows/f5.cla.yml:27","Warn: jobLevel 'actions' permission set to 'write': .github/workflows/f5.cla.yml:24","Info: jobLevel 'contents' permission set to 'read': .github/workflows/f5.cla.yml:25","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-builder.yml:17","Warn: topLevel 'actions' permission set to 'write': .github/workflows/docker-build.yml:5","Info: topLevel 'contents' permission set to 'read': .github/workflows/docker-build.yml:3","Warn: topLevel 'packages' permission set to 'write': .github/workflows/docker-build.yml:4","Info: topLevel 'contents' permission set to 'read': .github/workflows/f5.cla.yml:17","Info: topLevel 'contents' permission set to 'read': .github/workflows/fossa.yml:16","Info: topLevel 'contents' permission set to 'read': .github/workflows/release-builder.yml:4","Info: topLevel permissions set to 'read-all': .github/workflows/scorecards.yml:11"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#token-permissions"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#dependency-update-tool"}},{"name":"Pinned-Dependencies","score":5,"reason":"dependency not pinned by hash detected -- score normalized to 5","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-build.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/nginx/nginx-supportpkg-for-k8s/docker-build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/nginx/nginx-supportpkg-for-k8s/docker-build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/nginx/nginx-supportpkg-for-k8s/docker-build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/nginx/nginx-supportpkg-for-k8s/docker-build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/nginx/nginx-supportpkg-for-k8s/docker-build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-build.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/nginx/nginx-supportpkg-for-k8s/docker-build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/nginx/nginx-supportpkg-for-k8s/docker-build.yml/main?enable=pin","Warn: containerImage not pinned by hash: nginx-utils/Dockerfile:1: pin your Docker image by updating alpine:latest to alpine:latest@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Info:   6 out of   8 GitHub-owned GitHubAction dependencies pinned","Info:   6 out of  11 third-party GitHubAction dependencies pinned","Info:   0 out of   1 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#cii-best-practices"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#license"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: all commits (30) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#sast"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#fuzzing"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/docker-build.yml:13"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#packaging"}},{"name":"Vulnerabilities","score":7,"reason":"3 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2025-3802 / GHSA-557j-xg8c-q2mm","Warn: Project is vulnerable to: GO-2025-3887 / GHSA-9h84-qmv7-982p","Warn: Project is vulnerable to: GO-2025-3888 / GHSA-f9f8-9pmf-xv68"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#vulnerabilities"}},{"name":"Signed-Releases","score":8,"reason":"4 out of the last 4 releases have a total of 4 signed artifacts.","details":["Info: signed release artifact: kubectl-nginx_supportpkg_v0.1.7_checksums.txt.sig: https://github.com/nginx/nginx-supportpkg-for-k8s/releases/tag/v0.1.7","Info: signed release artifact: kubectl-nginx_supportpkg_v0.1.6_checksums.txt.sig: https://github.com/nginx/nginx-supportpkg-for-k8s/releases/tag/v0.1.6","Info: signed release artifact: kubectl-nginx_supportpkg_v0.1.5_checksums.txt.sig: https://github.com/nginx/nginx-supportpkg-for-k8s/releases/tag/v0.1.5","Info: signed release artifact: kubectl-nginx_supportpkg_v0.1.4_checksums.txt.sig: https://github.com/nginx/nginx-supportpkg-for-k8s/releases/tag/v0.1.4","Warn: release artifact v0.1.7 does not have provenance: https://api.github.com/repos/nginx/nginx-supportpkg-for-k8s/releases/220308456","Warn: release artifact v0.1.6 does not have provenance: https://api.github.com/repos/nginx/nginx-supportpkg-for-k8s/releases/190896855","Warn: release artifact v0.1.5 does not have provenance: https://api.github.com/repos/nginx/nginx-supportpkg-for-k8s/releases/175831001","Warn: release artifact v0.1.4 does not have provenance: https://api.github.com/repos/nginx/nginx-supportpkg-for-k8s/releases/167891698"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#signed-releases"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/nginx/.github/SECURITY.md:1","Info: Found linked content: github.com/nginx/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/nginx/.github/SECURITY.md:1","Info: Found text in security policy: github.com/nginx/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#security-policy"}},{"name":"Branch-Protection","score":6,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Info: 'branch protection settings apply to administrators' is required to merge on branch 'main'","Info: 'stale review dismissal' is required to merge on branch 'main'","Warn: required approving review count is 1 on branch 'main'","Info: codeowner review is required on branch 'main'","Info: 'last push approval' is required to merge on branch 'main'","Warn: no status checks found to merge onto branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#branch-protection"}},{"name":"Contributors","score":3,"reason":"project has 1 contributing companies or organizations -- score normalized to 3","details":["Info: found contributions from: nginx"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#contributors"}},{"name":"CI-Tests","score":10,"reason":"5 out of 5 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#ci-tests"}}]},"last_synced_at":"2025-09-03T05:27:06.475Z","repository_id":243247535,"created_at":"2025-09-03T05:27:06.476Z","updated_at":"2025-09-03T05:27:06.476Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30134574,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-05T15:35:27.018Z","status":"ssl_error","status_checked_at":"2026-03-05T15:35:23.768Z","response_time":93,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["diagnostic-tool","troubleshooting"],"created_at":"2026-03-05T16:03:06.041Z","updated_at":"2026-03-05T16:03:07.678Z","avatar_url":"https://github.com/nginx.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![OpenSSFScorecard](https://api.securityscorecards.dev/projects/github.com/nginxinc/nginx-supportpkg-for-k8s/badge)](https://scorecard.dev/viewer/?uri=github.com/nginxinc/nginx-supportpkg-for-k8s)\n[![FOSSA Status](https://app.fossa.com/api/projects/custom%2B5618%2Fgithub.com%2Fnginxinc%2Fnginx-supportpkg-for-k8s.svg?type=shield)](https://app.fossa.com/projects/custom%2B5618%2Fgithub.com%2Fnginxinc%2Fnginx-supportpkg-for-k8s?ref=badge_shield)\n[![Go Report Card](https://goreportcard.com/badge/github.com/nginxinc/nginx-supportpkg-for-k8s)](https://goreportcard.com/report/github.com/nginxinc/nginx-supportpkg-for-k8s)\n![GitHub go.mod Go version](https://img.shields.io/github/go-mod/go-version/nginxinc/nginx-supportpkg-for-k8s?logo=go)\n[![Project Status: Active – The project has reached a stable, usable state and is being actively developed.](https://www.repostatus.org/badges/latest/active.svg)](https://www.repostatus.org/#active)\n\n\n# nginx-supportpkg-for-k8s\n\nA kubectl plugin designed to collect diagnostics information on any NGINX product running on k8s. \n\n## Supported products\n\nCurrently, [NIC](https://github.com/nginxinc/kubernetes-ingress), [NGF](https://github.com/nginxinc/nginx-gateway-fabric) and [NGINX (OSS/NPLUS) in containers](https://github.com/nginx/nginx) are the supported products.\n\n## Features\n\nDepending on the product, the plugin might collect some or all of the following global and namespace-specific information:\n\n- k8s version, nodes information and CRDs\n- pods logs\n- list of pods, events, configmaps, services, deployments, statefulsets, replicasets and leases\n- k8s metrics\n- helm deployments\n- `nginx -T` output from NGINX pods\n\nThe plugin DOES NOT collect secrets or coredumps.\n\n## Prerequisites\n* Install [krew](https://krew.sigs.k8s.io), the plugin manager for kubectl command-line tool, from the [official pages](https://krew.sigs.k8s.io/docs/user-guide/setup/install/)\n* Run `kubectl krew` to check the installation\n* Run through some of the examples in krew's [quickstart guide](https://krew.sigs.k8s.io/docs/user-guide/quickstart/)\n\n## Installation\n\n### Install from krew\nThe `nginx-supportpkg` plugin can be found in the list of kubectl plugins distributed on the centralized [krew-index](https://sigs.k8s.io/krew-index).\n\nTo install `nginx-supportpkg` plugin on your machine:\n* Run `kubectl krew install nginx-supportpkg`\n\n\n### Building from source\nClone the repo and run `make install`. This will build the binary and copy it on `/usr/local/bin/`.\n\nVerify that the plugin is properly found by `kubectl`:\n\n```\n$ kubectl plugin list\nThe following compatible plugins are available:\n\n/usr/local/bin/kubectl-nginx_supportpkg\n```\n\n### Downloading the binary\n\nNavigate to the [releases](https://github.com/nginxinc/nginx-supportpkg-for-k8s/releases) section and download the asset for your operating system and architecture from the most recent version. \n\nDecompress the tarball and copy the binary somewhere in your `$PATH`. Make sure it is recognized by `kubectl`:\n\n```\n$ kubectl plugin list\nThe following compatible plugins are available:\n\n/path/to/plugin/kubectl-nginx_supportpkg\n```\n\n## Usage\n\nThe plugin is invoked via `kubectl nginx-supportpkg` and has two required flags:\n\n* `-n` or `--namespace` indicates the namespace(s) where the product is running.\n* `-p` or `--product` indicates the product to collect information from.\n\n\n```\n$ kubectl nginx-supportpkg -n default -n nginx-ingress-0 -p nic\nRunning job pod-list... OK\nRunning job collect-pods-logs... OK\nRunning job events-list... OK\nRunning job configmap-list... OK\nRunning job service-list... OK\nRunning job deployment-list... OK\nRunning job statefulset-list... OK\nRunning job replicaset-list... OK\nRunning job lease-list... OK\nRunning job k8s-version... OK\nRunning job crd-info... OK\nRunning job nodes-info... OK\nRunning job metrics-information... OK\nRunning job helm-info... OK\nRunning job helm-deployments... OK\nSupportpkg successfully generated: nic-supportpkg-1711384966.tar.gz\n\n```  \n\n## The nginx-utils Package\nPlease refer to its dedicated [README](/nginx-utils/README.md).","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnginx%2Fnginx-supportpkg-for-k8s","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnginx%2Fnginx-supportpkg-for-k8s","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnginx%2Fnginx-supportpkg-for-k8s/lists"}