Golang Integration Testing Framework For Kong Kubernetes APIs and Controllers.

ktf-banner

tests codecov Go Report Card GoDoc License

Kong Kubernetes Testing Framework (KTF)

Testing framework used by the Kong Kubernetes Team for the Kong Kubernetes Ingress Controller (KIC).

Requirements

  • Go v1.16.x+

Usage

The following are some of the available features of the KTF:

  • integration testing libraries for Kong on Kubernetes (Golang)
  • unit testing libraries for the Kong Proxy (Golang)
  • command line tool for testing environments and other testing features

For the integration testing libraries you have the option to deploy the Kong Proxy only to the Kubernetes cluster or to deploy the entire stack depending on your testing needs.

Command Line Tool

This project provides a command line tool ktf which can be used for reason such as building and maintaining a testing environment for Kong on Kubernetes.

Install

If you have Golang installed locally you can install with go:

$ go install github.com/kong/kubernetes-testing-framework/cmd/ktf@latest

Otherwise you can use the shell script to install the latest release for your operating system:

$ curl --proto '=https' -sSf https://kong.github.io/kubernetes-testing-framework/install.sh | sh

Testing Environments

You can deploy a testing environment with the following command:

$ ktf environments create --generate-name

And it can be torn down with this command:

$ ktf environments delete --name <NAME>

Examples

The most common use cases will require some addon applications to be deployed to the cluster, particular actually deploying the Kong Proxy itself.

You can deploy a cluster with the Kong proxy already deployed and accessible via LoadBalancer services by running the following:

$ ktf environments create --name kong-proxy-testing --addon metallb --addon kong

Once the cluster is up configure your kubectl to use it:

$ kubectl cluster-info --context kind-kong-proxy-testing

You can see the IP addresses where you can reach the proxy and the Admin API with:

$ kubectl -n kong-system get services

Contributing

See CONTRIBUTING.md.

Community

If you have any questions about this tool and want to get in touch with the maintainers, check in on #kong in Kubernetes Slack.

Owner
Kong
The Cloud Connectivity Company. Community Driven & Enterprise Adopted.
Kong
https://github.com/Kong/kubernetes-testing-framework https://kong.github.io/kubernetes-testing-framework/
Comments
  • Support k8s v1.25

    Support k8s v1.25

    This issue tracks support for kubernetes v1.25.

    So far these are the features/components that make ktf not fully support k8s v1.25:

    • metallb addon using version v0.12.1 which uses PodSecurityPolicy which was removed after being deprecated v1.21

      Error: tests failed: failed to deploy addon metallb: resource mapping not found for name: "controller" namespace: "" from "https://raw.githubusercontent.com/metallb/metallb/v0.12.1/manifests/metallb.yaml": no matches for kind "PodSecurityPolicy" in version "policy/v1beta1"
ensure CRDs are installed first
resource mapping not found for name: "speaker" namespace: "" from "https://raw.githubusercontent.com/metallb/metallb/v0.12.1/manifests/metallb.yaml": no matches for kind "PodSecurityPolicy" in version "policy/v1beta1"
  • enable enterprise deployment

    enable enterprise deployment

    Problem: Fix issue https://github.com/Kong/kubernetes-ingress-controller/issues/1279 Solution: Bump Enterprise Postgres 2.5 using secret enterprise-license and superuser-password. W/ this image, workspace, rbac admin API is enabled, which provides a test-bed that KIC can interact using admin-token, non-admin-token, non-default workspace.

  • chore(deps): bump google.golang.org/api from 0.102.0 to 0.103.0

    chore(deps): bump google.golang.org/api from 0.102.0 to 0.103.0

    Bumps google.golang.org/api from 0.102.0 to 0.103.0.

    Release notes

    Sourced from google.golang.org/api's releases.

    v0.103.0

    0.103.0 (2022-11-08)

    Features

    Changelog

    Sourced from google.golang.org/api's changelog.

    0.103.0 (2022-11-08)

    Features

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • setup-kong-license silently fails

    setup-kong-license silently fails

    Is there an existing issue for this?

    • [X] I have searched the existing issues

    Current Behavior

    setup-kong-license silently fails. Possibly being a reason for failure of TestKongEnterprisePostgres test.

    From the pipeline run https://github.com/Kong/kubernetes-testing-framework/actions/runs/3299432277/jobs/5454573296

    echo "encrypted=$(gpg --symmetric --batch --passphrase  --output - <(echo ${KONG_LICENSE_DATA}) | base64 -w0)" >> $GITHUB_OUTPUT
  shell: /usr/bin/bash -e {0}
  env:
    KONG_LICENSE_DATA: {"license":{"payload":{"admin_seats":"5","customer":"automation","dataplanes":"100","license_creation_date":"[2](https://github.com/Kong/kubernetes-testing-framework/actions/runs/3299432277/jobs/5454573296#step:3:2)022-10-10","license_expiration_date":"2022-11-20","license_key":"***","product_subscription":"Konnect Enterprise","support_plan":"None"},"signature":"***","version":"1"}}
gpg: directory '/home/runner/.gnupg' created
gpg: keybox '/home/runner/.gnupg/pubring.kbx' created
gpg: error creating passphrase: Invalid passphrase
gpg: symmetric encryption of '/dev/fd/6[3](https://github.com/Kong/kubernetes-testing-framework/actions/runs/3299432277/jobs/5454573296#step:3:3)' failed: Invalid passphrase

    Expected Behavior

    Should work

    Steps To Reproduce

    Detected during pipeline run

    Kong Kubernetes Testing Framework Version

    No response

    Kubernetes version

    No response

    Anything else?

    No response

  • Need a method to test/wait for service to be access inside cluster

    Need a method to test/wait for service to be access inside cluster

    Is there an existing issue for this?

    • [X] I have searched the existing issues

    Problem Statement

    When we deploy some addons or services, we need a tool to detect or wait for the service to be ready to serve. For example, when we deploy kuma addon in the cluster, we need to wait for kuma's webhook service to be ready before we create CRDs in kuma. So, we need a method to test whether a service could be accessed inside the testing kubernetes cluster.

    Proposed Solution

    • provide a solution that runs a Job with some images to test the TCP connection periodically, and complete the job when the TCP connection is created.

    Additional information

    No response

    Acceptance Criteria

    could call a method in KTF to test if a service/address could be accessed in the test cluster by:

    • [x] (At least) TCP connection
    • [ ] GET/POST to an HTTP URL
    • [ ] TLS connection (with CA/client cert)
    • [ ] GET/POST by an HTTPS URL (with a CA/client cert)
  • fix: remove cluster init token check

    fix: remove cluster init token check

    Back when we first made KTF we added a check to wait for the service account that would be used for testing until it's Secret was generated. Modern versions of Kubernetes since v1.24.0 have a different implementation for ServiceAccounts which doesn't make this secret available like it used to be. As such this patch removes the check as it is irrelevant going forward and is breaking recent deployments.

  • fix(kong addon): kong addon uses udpProxy from helm chart instead of workaround

    fix(kong addon): kong addon uses udpProxy from helm chart instead of workaround

    This PR removed the udp hack and instead uses udpProxy defined in our helm charts. Support for udpProxy in helm charts have been added by https://github.com/Kong/charts/commit/016ace388a56fe64ee9f3975b7507d289a9ebbd3

    Fixes https://github.com/Kong/kubernetes-testing-framework/issues/392

  • chore(deps): bump github.com/docker/docker from 20.10.19+incompatible to 20.10.20+incompatible

    chore(deps): bump github.com/docker/docker from 20.10.19+incompatible to 20.10.20+incompatible

    Bumps github.com/docker/docker from 20.10.19+incompatible to 20.10.20+incompatible.

    Release notes

    Sourced from github.com/docker/docker's releases.

    v20.10.20

    This release of Docker Engine contains partial mitigations for a Git vulnerability (CVE-2022-39253), and has updated handling of image:tag@digest image references.

    The Git vulnerability allows a maliciously crafted Git repository, when used as a build context, to copy arbitrary filesystem paths into resulting containers/images; this can occur in both the daemon, and in API clients, depending on the versions and tools in use.

    The mitigations available in this release and in other consumers of the daemon API are partial and only protect users who build a Git URL context (e.g. git+protocol://). As the vulnerability could still be exploited by manually run Git commands that interact with and check out submodules, users should immediately upgrade to a patched version of Git to protect against this vulernability. Further details are available from the GitHub blog ("Git security vulnerabilities announced").

    Client

    • Added a mitigation for CVE-2022-39253, when using the classic Builder with a Git URL as the build context.

    Daemon

    • Updated handling of image:tag@digest references. When pulling an image using the image:tag@digest ("pull by digest"), image resolution happens through the content-addressable digest and the image and tag are not used. While this is expected, this could lead to confusing behavior, and could potentially be exploited through social engineering to run an image that is already present in the local image store. Docker now checks if the digest matches the repository name used to pull the image, and otherwise will produce an error.

    Builder

    • Updated handling of image:tag@digest references. Refer to the "Daemon" section above for details.
    • Added a mitigation to the classic Builder and updated BuildKit to v0.8.3-31-gc0149372, for CVE-2022-39253.
    Commits
    • 03df974 Merge pull request #6 from moby/ghsa-ambiguous-pull-by-digest
    • 3adff51 Merge pull request #9 from moby/update_buildkit
    • d7c33ad Merge pull request #8 from moby/20.10_fix_git_file_leak
    • 2f3bf18 [20.10] vendor moby/buildkit v0.8.3-31-gc0149372
    • 4b9902b Validate digest in repo for pull by digest
    • c0d1188 builder: make git config isolation opt-in
    • 9f5f3ab builder: isolate git from local system
    • 10db4c2 builder: explicitly set CWD for all git commands
    • 8816c3c builder: modernize TestCheckoutGit
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • chore(deps): bump github.com/kong/deck from 1.14.0 to 1.15.1

    chore(deps): bump github.com/kong/deck from 1.14.0 to 1.15.1

    Bumps github.com/kong/deck from 1.14.0 to 1.15.1.

    Release notes

    Sourced from github.com/kong/deck's releases.

    v1.15.1

    See the changelog.

    v1.15.0

    See the changelog.

    Changelog

    Sourced from github.com/kong/deck's changelog.

    [v1.15.1]

    Release date: 2022/09/27

    Fixes

    • Fix decK dump when running against Konnect #758

    [v1.15.0]

    Release date: 2022/09/26

    Added

    • Add support for Kong Gateway 3.0.
    • Add support to 2.x to 3.x format migration. #753
    • Add support to the new Kong expressions flavor fields. #752

    Fixes

    • Make sure decK runs against Kong Gateway if a non-default --kong-addr is provided, even if some lingering Konnect environment variables are present. #738
    • deck validate with --online flag is not currently supported with Konnect cloud. A clear error message is provided when this command is invoked. #718
    • Improve error message when workspace is used in Konnect mode. #696
    Commits
    • bb70f8f fix: dump with Konnect is missing Kong version
    • c7262ae fix: improve errors when running against Konnect with workspace config
    • 1b875f7 chore: bump changelog for v1.15.0
    • 8284013 fix: make sure online validate fails when running against Konnect
    • addfd48 fix: correct order of precedence to gate Konnect mode
    • 5dcabf7 refactor: rework how 3.x warnings are organized
    • 2fd4d25 feat: check routes' paths with 'validate' subcommand too
    • 42250af feat: add capability to convert from 2.x to 3.x format
    • 444cbc7 refactor: use utils.Kong300Version instead of local definitions
    • 6b73563 feat: emit warnings if regex-like routes are used with prefix path format
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • feature: add job to test connectivity to tcp service

    feature: add job to test connectivity to tcp service

    Try to add a job to test connectivity to a TCP service inside a k8s cluster to solve #331. DONE in this PR:

    • create a image retries to connect to a TCP address and push it to Kong repo
    • KTF provide a method to wait for a TCP address to be connected by the image above

    TODO:

    • support more parameters (connect timeout/retry interval or retry times)
    • discuss about other kinds of "tests", http/https/tls/udp ?
  • Environment Diagnostics

    Environment Diagnostics

    Problem Statement

    When tests using KTF fail (particularly E2E tests in KIC) on conditions that aren't met currently the way to investigate this is to reproduce the problem locally and investigate the cluster there. This however is problematic when we get a transient failure or flake. The purpose of this issue is to enable the creation of diagnostic dumps for KTF clusters so that users like KIC can take and collect a dump before the cluster is cleaned up as a part of the CI run.

    Additional information

    Potentially taking a backup of the entire API with something like velero might be viable. I do remember in the past seeing tools that will let you host a dump of the API server and interrogate it with kubectl, though I've forgotten the name of that tool and can't find it. Suffice to say when we implement this we should be certain to check the open source ecosystem for existing tools.

    Acceptance Criteria

    • [x] when a KTF environment fails to create a diagnostic bundle is automatically generated
    • [x] as a user of the go library I can trigger a diagnostic dump for the cluster which returns the file(s) to me to collect as an artifact in CI
    • [x] diagnostic dumps should contain as much API state as possible
    • [x] diagnostic dumps should contain pod logs
  • Confirm occupied IP ranges are released in Cleanup of GKE cluster

    Confirm occupied IP ranges are released in Cleanup of GKE cluster

    Is there an existing issue for this?

    • [X] I have searched the existing issues

    Problem Statement

    As described in https://github.com/Kong/kubernetes-ingress-controller/issues/3326, gcloud limited number ofIP ranges in a subnet. To prevent failures caused by the limit of IP range, we should confirm that occupied ranges is released after the Cleanup of cluster is finished,

    Proposed Solution

    • Verify whether occupied IP ranges is released after successfully cleaned up the cluster in GKE
    • If not guaranteed that occupied IP ranges is released after cleanup of cluster, we add poll and wait step in cluster cleanup after calling API to delete cluster.

    Additional information

    No response

    Acceptance Criteria

    • [ ] For GKE cluster, IP ranges (and possibly other resource with limitations) are released after clean up of cluester succeeded.
  • Addons installed by helm are prone to external services errors during installation

    Addons installed by helm are prone to external services errors during installation

    Problem statement

    Whenever addons that utilize helm for installation (kong and kuma) they are prone to failure due to hosting services that host the helm charts.

    Exemplar failure:

    === FAIL: test/integration  (0.00s)
INFO: setting up test environment
INFO: configuring cluster for testing environment
INFO: no existing cluster found, deploying using Kubernetes In Docker (KIND)
INFO: build a new KIND cluster with version 1.25.3
INFO: building test environment
WARNING: failure occurred, performing test cleanup
Error: tests failed: failed to deploy addon kong: Error: INSTALLATION FAILED: failed to fetch https://github.com/Kong/charts/releases/download/kong-2.13.1/kong-2.13.1.tgz : 503 Service Unavailable

    https://github.com/Kong/kubernetes-ingress-controller/actions/runs/3691517677/jobs/6249752001#step:6:48

    This causes the tests to fail.

    Proposed solution

    Introduce a (configurable?) retry mechanism which will retry whenever an error like this is received during helm chart installation.

  • Separate enterprise and non-enterprise tests so that outside contributions can run non-ee pipeline to completion

    Separate enterprise and non-enterprise tests so that outside contributions can run non-ee pipeline to completion

    Problem statement

    Since we do not want to expose our secrets to outside world and make them available in CI workflows that run for outside contributions we need a mechanism/structure to adhere to, thanks to which we'll be able to separate enterprise and non-enterprise tests which in turn will allow us to make ee tests conditional (similarly to what has been done for go-kong: https://github.com/Kong/go-kong/pull/247)

  • Introduce a retry mechanism for fetching files from the internet

    Introduce a retry mechanism for fetching files from the internet

    Problem statement

    Sometimes the framework can receive a 4xx or 5xx HTTP error code when requesting a file (like a manifest) in order to deploy/teardown an add-on. These in most cases are intermittent and should be retried since as a developer I do not want to have my full suite of tests to fail because Github returned a 503.

    Example of a failed CI: https://github.com/Kong/kubernetes-testing-framework/actions/runs/3647089054/jobs/6158901046

    === RUN   TestKongWithNodePort
    kongaddon_test.go:243: configuring the testing environment, with the kong addon using NodePort service type for proxy
    kongaddon_test.go:248: building the testing environment and Kubernetes cluster
20[22](https://github.com/Kong/kubernetes-testing-framework/actions/runs/3647089054/jobs/6158901046#step:6:23)/12/08 09:48:52 well-defined vars that were never replaced: SERVICE_NAME,SERVICE_NAMESPACE
    kongaddon_test.go:250: 
        	Error Trace:	/home/runner/work/kubernetes-testing-framework/kubernetes-testing-framework/test/integration/kongaddon_test.go:[25](https://github.com/Kong/kubernetes-testing-framework/actions/runs/3647089054/jobs/6158901046#step:6:26)0
        	Error:      	Received unexpected error:
        	            	failed to deploy addon kong: Error: INSTALLATION FAILED: failed to fetch https://github.com/Kong/charts/releases/download/kong-2.13.1/kong-2.13.1.tgz : 503 Service Unavailable
        	            	: exit status 1
        	Test:       	TestKongWithNodePort
--- FAIL: TestKongWithNodePort (138.36s)
  • chore(deps): bump sigs.k8s.io/kustomize/kyaml from 0.13.9 to 0.13.10

    chore(deps): bump sigs.k8s.io/kustomize/kyaml from 0.13.9 to 0.13.10

    Bumps sigs.k8s.io/kustomize/kyaml from 0.13.9 to 0.13.10.

    Release notes

    Sourced from sigs.k8s.io/kustomize/kyaml's releases.

    kyaml/v0.13.10

    #4727: Improve invalid node kind errors #4754: Stop using deprecated ioutil functions #4758: Emit a warning when using missing field in FunctionSpec #4764: Update internal go-yaml fork to v3.0.1, picking up bug fixes and a panic fix that has an associated CVE #4806: update golangci-lint version to v1.49.0 #4820: preallocate memory for performance improvements #4830: update kyaml's dependency swag to v0.22.3

    Commits
    • 62f0dab Merge pull request #4876 from KnVerey/new_token
    • d642b95 Regenerate token and encrypt without newline
    • d49f6e1 Merge pull request #4875 from KnVerey/new_token
    • 0de4e0b Third try new token without newline
    • 54569e4 Merge pull request #4874 from KnVerey/token_again
    • b2dc884 New token, hopefully without trailing whitespace error
    • 314b8fb Implement localizeFile() skeleton for patches (#4865)
    • c0840b6 Merge pull request #4873 from KnVerey/new_token
    • 1eccbc4 Rotate token for cloud build
    • f79e16b Improve localizer readability (#4860)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Release uses an unsupported action

    Release uses an unsupported action

    Release workflow uses an unsupported release action: actions/create-release@v1.

    Because it uses the deprecated set-output command, we'll have to approach this sooner or later.

    Exemplar CI failure: https://github.com/Kong/kubernetes-testing-framework/actions/runs/3628481705/jobs/6119549896#step:5:12

Related tags
DevOps Tools docker kubernetes golang kong gotest
Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.
 Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.

sigstore-scaffolding This repository contains scaffolding to make standing up a full sigstore stack easier and automatable. Our focus is on running on

Dec 27, 2022
Linux Controllers for Kubernetes

Tambourine Kubelet replacement with Built in Linux extensions Development Success: Install, Manage, and Observe a new systemd service from Kubernetes.

Jun 2, 2021
Kong Api Gateway Plugins for golang

Prerequisites: Windows Docker. Build Command: docker build -t kong-plugins . Run Command: docker run -ti --rm --name kong-plugins -e "KONG_DATABASE=of

Aug 3, 2022
Go library to create resilient feedback loop/control controllers.

Gontroller A Go library to create feedback loop/control controllers, or in other words... a Go library to create controllers without Kubernetes resour

Jan 1, 2023
Write controller-runtime based k8s controllers that read/write to git, not k8s

Git Backed Controller The basic idea is to write a k8s controller that runs against git and not k8s apiserver. So the controller is reading and writin

Dec 10, 2021
ControllerMesh is a solution that helps developers manage their controllers/operators better.
 ControllerMesh is a solution that helps developers manage their controllers/operators better.

ControllerMesh ControllerMesh is a solution that helps developers manage their controllers/operators better. Key Features Canary update: the controlle

Jan 6, 2023
Controller-check - Run checks against K8s controllers to verify if they meets certain conventions

controller-check Run checks against K8s controllers to verify if they meets cert

Jan 4, 2022
In this repository, the development of the gardener extension, which deploys the flux controllers automatically to shoot clusters, takes place.

Gardener Extension for Flux Project Gardener implements the automated management and operation of Kubernetes clusters as a service. Its main principle

Dec 3, 2022
TriggerMesh open source event-driven integration platform powered by Kubernetes and Knative.

TriggerMesh open source event-driven integration platform powered by Kubernetes and Knative. TriggerMesh allows you to declaratively define event flows between sources and targets as well as add even filter, splitting and processing using functions.

Dec 30, 2022
A demo repository that shows CI/CD integration using DroneCI + ArgoCD + Kubernetes.
 A demo repository that shows CI/CD integration using DroneCI + ArgoCD + Kubernetes.

CI/CD Demo This is the demo repo for my blog post. This tutorial shows how to build CI/CD pipeline with DroneCI and ArgoCD. In this demo, we use Drone

Oct 18, 2022
Prevent Kubernetes misconfigurations from ever making it (again 😤) to production! The CLI integration provides policy enforcement solution to run automatic checks for rule violations. Docs: https://hub.datree.io
 Prevent Kubernetes misconfigurations from ever making it (again 😤) to production! The CLI integration provides policy enforcement solution to run automatic checks for rule violations. Docs: https://hub.datree.io

What is Datree? Datree helps to prevent Kubernetes misconfigurations from ever making it to production. The CLI integration can be used locally or in

Jan 1, 2023
Kubernetes IN Docker - local clusters for testing Kubernetes
 Kubernetes IN Docker - local clusters for testing Kubernetes

kind is a tool for running local Kubernetes clusters using Docker container "nodes".

Jan 5, 2023
Kubernetes IN Docker - local clusters for testing Kubernetes
 Kubernetes IN Docker - local clusters for testing Kubernetes

Please see Our Documentation for more in-depth installation etc. kind is a tool for running local Kubernetes clusters using Docker container "nodes".

Feb 14, 2022
the simplest testing framework for Kubernetes controller.

KET(Kind E2e Test framework) KET is the simplest testing framework for Kubernetes controller. KET is available as open source software, and we look fo

Dec 10, 2022
Kubernetes OS Server - Kubernetes Extension API server exposing OS configuration like sysctl via Kubernetes API

KOSS is a Extension API Server which exposes OS properties and functionality using Kubernetes API, so it can be accessed using e.g. kubectl. At the moment this is highly experimental and only managing sysctl is supported. To make things actually usable, you must run KOSS binary as root on the machine you will be managing.

May 19, 2021
An Easy to use Go framework for Kubernetes based on kubernetes/client-go

k8devel An Easy to use Go framework for Kubernetes based on kubernetes/client-go, see examples dir for a quick start. How to test it ? Download the mo

Mar 25, 2022
A best practices Go source project with unit-test and integration test, also use skaffold & helm to automate CI & CD at local to optimize development cycle

Dependencies Docker Go 1.17 MySQL 8.0.25 Bootstrap Run chmod +x start.sh if start.sh script does not have privileged to run Run ./start.sh --bootstrap

Apr 4, 2022
Progressive delivery Kubernetes operator (Canary, A/B Testing and Blue/Green deployments)
 Progressive delivery Kubernetes operator (Canary, A/B Testing and Blue/Green deployments)

flagger Flagger is a progressive delivery tool that automates the release process for applications running on Kubernetes. It reduces the risk of intro

Jan 5, 2023
Frisbee is a Kubernetes-native platform for exploring, testing, and benchmarking distributed applications.
 Frisbee is a Kubernetes-native platform for exploring, testing, and benchmarking distributed applications.

Why Frisbee ? Frisbee is a next generation platform designed to unify chaos testing and perfomance benchmarking. We address the key pain points develo

Dec 14, 2022