https://github.com/neticdk/k8s-oaas-sccd

a gitops based secure cluster and secure namespaces setup for kubernetes as a part of Operations as a Service (OaaS)
https://github.com/neticdk/k8s-oaas-sccd

gitops kubernetes oaas secure-namespaces

Last synced: 2 months ago
JSON representation

a gitops based secure cluster and secure namespaces setup for kubernetes as a part of Operations as a Service (OaaS)

• Host: GitHub
• URL: https://github.com/neticdk/k8s-oaas-sccd
• Owner: neticdk
• License: mit
• Created: 2021-01-12T06:54:36.000Z (about 5 years ago)
• Default Branch: main
• Last Pushed: 2025-12-04T06:36:56.000Z (4 months ago)
• Last Synced: 2025-12-07T13:30:57.647Z (4 months ago)
• Topics: gitops, kubernetes, oaas, secure-namespaces
• Language: Smarty
• Homepage:
• Size: 112 KB
• Stars: 1
• Watchers: 4
• Forks: 0
• Open Issues: 3
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

          
# k8s-oaas-sccd

A GitOps based approach to configuring a [secure cluster](docs/secure-cluster-concepts.md) and

provisioning [secure namespaces](README.md) as a part of Operations as a Service (OaaS).

Kubernetes Operations as a Service - [Secure Cluster](docs/secure-cluster-concepts.md) consists

of a Helm chart for provisioning namespaces as well as an example setting this up. The roadmap

includes creating a Kubernetes operator to take over responsibility for namespace provisioning

in a more powerful and dynamic way.

## Operation as a Service for Kubernetes

Operations as a Service (OaaS) for Kubernetes is a "shift-left" approach for development for security and operations. OaaS for Kubernetes

consists of a number of repositories besides this one:

* [observable cluster (potential common ingestpoint for operations on-demand)](https://github.com/neticdk/k8s-oaas-observability)

* [cluster tools (advanced secrets management including backup and restore)](https://github.com/neticdk/k8s-oaas-tools)

## Operations as a Service - Secure Cluster

The Secure Cluster is the coined term used for a gitOps enabled cluster setup, that installs a gitOps engine in a

dedicated namespace and sets a number of sensible defaults for the cluster as well as for each additionally generated namespace.

## Operations as a Service - Secure Namespace

The defaults are e.g. pod security policies, pod security context, default limits and network polices which should be

helpful to have configured from the start of development. The target audience for this is clusters used by one or more

teams developing applications and services.

## Examples

An example setting up a cluster configured using GitOps and flux2 as well as using the `oaas-namespace` chart creating

namespaces for two teams is found under [examples](examples).