Skip to content
/ kubectl-explorer Public

Detects orphan configmaps and secrets in a Kubernetes cluster

License

Apache-2.0 license
59 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Pscheidl/kubectl-explorer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

57 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
cfgmap.yaml
cfgmap.yaml
 
 
deployment.yaml
deployment.yaml
 
 

Repository files navigation

Kubectl explorer plugin - orphan detection

Rust build & tests

A kubectl plugin to explore orphan configmaps and secrets. Can be used standalone.

New issues or any kind of feedback are most welcome.

Orphan detection

Discovers and prints out any Configmaps and Secrets not linked to any of the following resources:

  1. Deployments,
  2. ReplicaSets,
  3. StatefulSets,
  4. DaemonSets,
  5. Jobs,
  6. CronJobs,
  7. ReplicationControllers,
  8. Pods,
  9. Ingresses,
  10. ServiceAccounts.

Usage

The recommended way is to use kubectl-explore as a kubectl plugin. Alternatively, because every kubectl plugin is a standalone binary, it can be used directly.

Kubectl plugin

  1. Download a pre-compiled binary, or compile from the source.
  2. Add kubectl-explore to path, e.g. to add temporarily use export PATH="/path/to/kubectl-explore:$PATH".
  3. Invoke kubectl plugin list - kubectl-explore should be on the list, automatically discovered by kubectl.

To see all configuration options, invoke kubectl-explore orphans -h. Default context and namespace found in $KUBECONFIG is used, unless specified otherwise.

kubectl explore orphans
Searching for unused ConfigMaps and Secrets in the 'default' namespace
configmaps:
- test
secrets: []

Standalone

Pre-compiled x86_64-unknown-linux-gnu binaries are available. Compiling and running "from the source" is also an option.

> kubectl-explore orphans -h
Options:
  -k, --kubeconfig <PATH_TO_KUBECONFIG>
          Path to a KUBECONFIG file. When not set, env is used.
  -n, --namespace <NAMESPACE>
          Namespace to search in.
  -o, --output <OUTPUT>
          Output format. YAML by default. [default: yaml] [possible values: yaml, json]
  -h, --help
          Print help

E.g. kubectl-explore -k /etc/rancher/k3s/k3s.yaml -n default -o json to explicitly specify the KUBECONFIG and the namespace. If KUBECONFIG is not specified, the KUBECONFIG env variable is looked for. When not found, an error is thrown. If namespace is not defined, the default namespace from KUBECONFIG is used.

For a list of all commands and general help, invoke kubectl-explore -h.

(Optional) compiling and running from source

  1. Install Rust
  2. Simply invoke cargo run -- -h (add the --release flag for optimal performance) to obtain instructions.

> cargo run -- -h

Testing

Run tests using cargo test. Tests require:

  1. Running Kubernetes cluster with supported API version 1_26,
  2. KUBECONFIG environment variable set.

An easy way to obtain a Kubernetes cluster is k3s.io - curl -sfL https://get.k3s.io | sh -. After installation, export KUBECONFIG=/etc/rancher/k3s/k3s.yaml and make sure to chown or chmod the $KUBECONFIG file for current user to be able to read it.

About

Detects orphan configmaps and secrets in a Kubernetes cluster

Topics

kubernetes rust kubernetes-tools

Resources

Readme

License

Apache-2.0 license
Activity

Stars

59 stars

Watchers

4 watching

Forks

4 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages