https://github.com/frnn4268/k8s_cloud-native-pg_trivy-operator

This repository contains auxiliary tooling for managing PostgreSQL clusters on Kubernetes, including CloudNativePG, Trivy Operator, and Cert Manager. It simplifies deployment, operation, and security scanning of containerized applications, providing examples and automation through Taskfiles.
https://github.com/frnn4268/k8s_cloud-native-pg_trivy-operator

automation backup cert-manager cloudnative devops helm kubernetes postgresql security trivy

Last synced: about 2 months ago
JSON representation

This repository contains auxiliary tooling for managing PostgreSQL clusters on Kubernetes, including CloudNativePG, Trivy Operator, and Cert Manager. It simplifies deployment, operation, and security scanning of containerized applications, providing examples and automation through Taskfiles.

• Host: GitHub
• URL: https://github.com/frnn4268/k8s_cloud-native-pg_trivy-operator
• Owner: Frnn4268
• Created: 2024-11-30T21:11:52.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2024-12-01T16:22:43.000Z (over 1 year ago)
• Last Synced: 2025-08-08T17:38:18.997Z (11 months ago)
• Topics: automation, backup, cert-manager, cloudnative, devops, helm, kubernetes, postgresql, security, trivy
• Language: Nix
• Homepage:
• Size: 8.79 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Auxillary Tooling

## CloudNativePG (https://cloudnative-pg.io/)

CloudNativePG makes deploying/operating PostgreSQL clusters on Kubernetes much easier. The project extends the Kubernetes API with custom resources and encodes the logic needed to operate those clusters into an application that run in the cluster.

The examples shown provide both a minimal configuration, as well as a configuration that takes periodic backups of the database and stores them in an object store (Google Cloud Storage and Civo Cloud object storage are shown).

## Trivy Operator (https://aquasecurity.github.io/trivy-operator/latest/)

The Trivy Operator automatically scans every container image that runs in the cluster and produces a report of CVEs an potential security implications of other cluster/application configurations.

It also re-scans each image at a specified interval which helps to catch potential vulnerabilities that were discovered after the image was initially built (if you are running a scan within a Continuous Integration pipeline for example).

## Cert Manager (https://cert-manager.io/)

Cert manager provides tooling for provisioning ands managing TLS certificates to enable encryption for traffic to your cluster and services. It integrates with certificate authorities like Let's encrypt and with Ingress Controllers to automate the process.

I have not implemented it within this repo, but it is common/important enough to mention here and setting it up would be a great exercise to test your Kubernetes knowledge.