Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/appuio/emergency-credentials-controller

Kubernetes controller that manages and rotates emergency credentials for a cluster.
https://github.com/appuio/emergency-credentials-controller

vshn-project-ocp vshn-team-aldebaran

Last synced: 4 days ago
JSON representation

Kubernetes controller that manages and rotates emergency credentials for a cluster.

Host: GitHub
URL: https://github.com/appuio/emergency-credentials-controller
Owner: appuio
License: bsd-3-clause
Created: 2023-10-30T14:33:06.000Z (about 1 year ago)
Default Branch: master
Last Pushed: 2024-12-31T10:38:52.000Z (6 days ago)
Last Synced: 2024-12-31T11:31:11.765Z (6 days ago)
Topics: vshn-project-ocp, vshn-team-aldebaran
Language: Go
Homepage:
Size: 104 KB
Stars: 0
Watchers: 6
Forks: 0
Open Issues: 11
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: CODEOWNERS

Awesome Lists containing this project

README

# emergency-credentials-controller

Emergency Credentials Controller is a Kubernetes controller that manages emergency credentials for a cluster.
It creates tokens using the [`v1.TokenRequest`](https://kubernetes.io/docs/reference/kubernetes-api/authentication-resources/token-request-v1/) API and stores the token in various credential stores.

## Getting Started
You’ll need a Kubernetes cluster to run against. You can use [KIND](https://sigs.k8s.io/kind) to get a local cluster for testing, or run against a remote cluster.
**Note:** Your controller will automatically use the current context in your kubeconfig file (i.e. whatever cluster `kubectl cluster-info` shows).

### Running on the cluster
1. Install Instances of Custom Resources:

```sh
# apply some objects to the cluster to your discretion
kubectl apply -f config/samples/
```

2. Build and push your image to the location specified by `IMG`:

```sh
make docker-build docker-push IMG=/emergency-credentials-controller:tag
```

3. Deploy the controller to the cluster with the image specified by `IMG`:

```sh
make deploy IMG=/emergency-credentials-controller:tag
```

### Uninstall CRDs
To delete the CRDs from the cluster:

```sh
make uninstall
```

### Undeploy controller
UnDeploy the controller from the cluster:

```sh
make undeploy
```

### How it works
This project aims to follow the Kubernetes [Operator pattern](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/).

It uses [Controllers](https://kubernetes.io/docs/concepts/architecture/controller/),
which provide a reconcile function responsible for synchronizing resources until the desired state is reached on the cluster.

### Test It Out
1. Install the CRDs into the cluster:

```sh
make install
```

2. Run your controller (this will run in the foreground, so switch to a new terminal if you want to leave it running):

```sh
make run
```

**NOTE:** You can also run this in one step by running: `make install run`

### Modifying the API definitions
If you are editing the API definitions, generate the manifests such as CRs or CRDs using:

```sh
make manifests
```

**NOTE:** Run `make --help` for more information on all potential `make` targets

More information can be found via the [Kubebuilder Documentation](https://book.kubebuilder.io/introduction.html)