{"id":20841534,"url":"https://github.com/wavesoftware/passless-operator","last_synced_at":"2025-08-30T17:12:57.618Z","repository":{"id":41852100,"uuid":"242792421","full_name":"wavesoftware/passless-operator","owner":"wavesoftware","description":"Passless Operator implements a concept of secret management without credentials storage utilizing master password algorithm.","archived":false,"fork":false,"pushed_at":"2023-03-07T00:20:42.000Z","size":188,"stargazers_count":10,"open_issues_count":7,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-05-08T22:14:21.979Z","etag":null,"topics":["k8s-custom-resource","k8s-operator","kubernetes","master-password","operator","password-generator","password-manager","passwordless","secret-management"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wavesoftware.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-02-24T16:58:47.000Z","updated_at":"2024-08-29T16:42:46.000Z","dependencies_parsed_at":"2024-06-19T17:36:08.182Z","dependency_job_id":"6c6e1a7e-88fe-4c30-80c7-a7558a36992f","html_url":"https://github.com/wavesoftware/passless-operator","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/wavesoftware/passless-operator","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wavesoftware%2Fpassless-operator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wavesoftware%2Fpassless-operator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wavesoftware%2Fpassless-operator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wavesoftware%2Fpassless-operator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wavesoftware","download_url":"https://codeload.github.com/wavesoftware/passless-operator/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wavesoftware%2Fpassless-operator/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":272878320,"owners_count":25008336,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-30T02:00:09.474Z","response_time":77,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["k8s-custom-resource","k8s-operator","kubernetes","master-password","operator","password-generator","password-manager","passwordless","secret-management"],"created_at":"2024-11-18T01:20:33.054Z","updated_at":"2025-08-30T17:12:57.600Z","avatar_url":"https://github.com/wavesoftware.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# PassLess Operator for Kubernetes\n\n[![Build](https://github.com/wavesoftware/passless-operator/actions/workflows/go.yml/badge.svg)](https://github.com/wavesoftware/passless-operator/actions/workflows/go.yml)\n[![Go Report Card](https://goreportcard.com/badge/github.com/wavesoftware/passless-operator)](https://goreportcard.com/report/github.com/wavesoftware/passless-operator)\n\nPassLess Operator implements a concept of secret management without the need of\ncredentials storage for usage in Kubernetes. It utilize \n[master password algorithm](https://en.wikipedia.org/wiki/Master_Password) to \nachieve that.\n\nUsing PassLess you can avoid storing passwords in your GitOps workflow or the \nneed of secure data source like LDAP, or HashiCorp's Vault.\n\n## Installation\n\nDeploy operator with:\n\n```bash\nkubectl apply -f \\\n  https://github.com/wavesoftware/passless-operator/releases/download/v0.3.0/passless.yaml\n```\n\n## Usage\n\nThis is an example passless resource:\n\n```yaml\n---\napiVersion: wavesoftware.pl/v1alpha1\nkind: PassLess\nmetadata:\n  name: example\nspec:\n  db-password:\n    version: 1\n    scope: alnum\n    length: 16\n```\n\nIt define a Kubernetes secret's template. If you have Passless operator running,\nand you create such a resource, operator will create a secret for you. It will \nalso, update it if you change passless resource!\n\n```\n$ kubectl get passless\nNAME      AGE\nexample   12s\n\n$ kubectl get secrets\nNAME      TYPE     DATA   AGE   \nexample   Opaque   1      10s\n\n$ kubectl get secret example -o jsonpath='{.data.db-password}' | base64 -d\neoXdlNHgrtaxoO34\n```\n\nEach PassLess specification element defines a secret element to be created, and \neach password generation can be influenced by providing an options:\n\n### Parameters\n\n* `version` - A sequential password number. Changing the password should be \n   done by advancing this number. Default value is `1`.\n * `scope` - A definition of scope that the password will be generated from. It \n   may be one of (defaults to `alnum`): \n    * `num` for numeric passwords,\n    * `alpha` for alphabet based passwords, both big and small caps,\n    * `alnum` for alphanumeric passwords, both big and small caps,\n    * `human` for letters and numbers that are easy to distinguish by human,\n    * `keys` for passwords that can be typed by keyboard, so letters, and \n      numbers, and special characters,\n    * `utf8` these passwords contain utf-8 characters, so also a characters \n      that aren't easy to type by keyboard,\n    * `list:` followed by list of chars that might be used. Ex.: \n      `list:abcdef1234567890!$`,\n * `length` - A length of password to be generated in number of signs. Default \n   value is `16`.\n\n### Password generator configuration\n\nPassLess created secrets use Master Password algorithm. The master key is derived  \nfrom `default-token` secret form `kube-system` namespace. Site key uses the name\nof passless resource and namespace in which it is created.\n\nAbove means that the password for the same parameters given will the same, but \ndifferent if created in other namespace or with other name. All passwords will \nchange if `default-token` secret form `kube-system` namespace is changed.\n\nFor now, this behavior isn't configurable, but it's good idea for future \nfeatures.\n\n## Building\n\nIf you'd like to build the operator yourself, you will need to have\n[Golang](https://golang.org/) installed on your machine. Check the `go.mod`\nfile for current minimum version.\n\nTo build the operator, invoke the following command:\n\n```sh\n$ make build\n```\n\nProject will check, test and build binaries. You'll get an executable \noperator controller `build/bin` dir.\n\nYou could also deploy the operator on Kubernetes cluster with following \ncommand. Remember to set environment variable `IMAGE_TAG_BASE` to be used as \na base of image used.\n\n```sh\n$ export IMAGE_TAG_BASE=gcr.io/vivid-osmos-110/passless-operator \n$ make deploy\n```\n\nTo remove operator from cluster run:\n\n```sh\n$ make undeploy\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwavesoftware%2Fpassless-operator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwavesoftware%2Fpassless-operator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwavesoftware%2Fpassless-operator/lists"}