Skip to content

theelderbeever/kubectl-guardrails

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
.devcontainer
.devcontainer
 
 
.github
.github
 
 
docs
docs
 
 
src
src
 
 
.env.local
.env.local
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
README.md
README.md
 
 

Repository files navigation

kubectl-guardrails

As developers, we often find ourselves rapidly executing `kubectl`` commands, sometimes overlooking the crucial detail of the context in use. On occasion, this oversight leads to the alarming realization that we've been operating in the production cluster – a situation ripe for unwelcome surprises. Hello bad day...

This is where kubectl guardrails comes into play. Designed with a focus on safeguarding critical environments, kubectl guardrails empowers developers to establish protective measures around the contexts and subcommands that matter most. Its purpose is twofold: to provide an uninterrupted workflow for routine commands and to introduce a critical checkpoint for potentially hazardous operations.

For instance, encountering a yes/no prompt for a simple get pods command can disrupt your workflow. However, the ability to enforce a confirmation step before executing a delete <resource> command in a sensitive context like production is invaluable. It's a strategic balance between maintaining efficiency and preventing the kind of accidents that turn an ordinary day into a nightmare.

Workflow

kubectl-guardrails workflow

Example

kubectl delete pods hello
================ Context ==================

Current Context: Prod-Cluster

================ Dry Run ==================

pod "hello" deleted (dry run)

===========================================

Would you like to proceed? (y/N): ykubectl delete pods hello

pod "hello" deleted

Install

  1. Download the latest release to a place on your path OR cargo install --git https://github.com/theelderbeever/kubectl-guardrails.git
  2. Create your ~/.kube/guardrails file as shown in the Configuration section.
  3. (Optional) In your .bashrc/.zshrc add alias "kubectl=kubectl guardrails"

Configuration

contexts:
  - name: Prod-Cluster # This should match a context in your `KUBECONFIG` file
    prompts:
      - name: apply
      - name: delete
        dry-run: true

Opening in Codespaces

  1. On the GitHub repository page, click the Code button.
  2. In the drop-down menu, select Open with Codespaces.
  3. Click New codespace to create a new Codespace environment.

Working in the Dev Container

Once the Codespace is created, you will be inside the devcontainer environment. This environment is pre-configured with all the necessary dependencies and tools required for the project.

  • Development Container: The workspace includes a development container which encapsulates all necessary dependencies and configurations. This ensures a consistent development environment across different machines.
  • Kubernetes Cluster (kind): A local Kubernetes cluster is set up using kind (Kubernetes in Docker) for testing and development purposes. This allows you to deploy and test your applications in a containerized environment.

Exposing Kubernetes Apps

To expose a Kubernetes application (e.g., a pod named hello) on your local machine, use the kubectl port-forward command. This allows you to access the app via a specified port on your localhost. The following command forwards port 8080 on your local machine to port 8080 of the hello pod:

kubectl port-forward hello 8080

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

31 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases 2

v0.2.0 Latest
Jan 30, 2024
+ 1 release

Packages

No packages published

Contributors 2

  •  
  •  

Languages