kubesync

Find secrets and sync them with Google Secrets Manager

Usage

cat <<EOF >./kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
  - "https://github.com/ahanafy/kubesync/deploy/release.yaml"
EOF

Development

Install ko

go install github.com/google/ko@latest

Test .dockerignore file

rsync -avn . /dev/shm --exclude-from .dockerignore

Setup and publish

export KO_DOCKER_REPO=ghcr.io/ahanafy/kubesync
# export KO_DOCKER_REPO=ko.local
# microk8s
# export KO_DOCKER_REPO=localhost:32000
# microk8s ctr images ls
ko build .

Local build/publish

ko resolve --local -f build/deploy.yaml > release.yaml;
IMAGENAME=$(cat release.yaml | yq -N '.spec.template.spec.containers[0] | with_entries( select( .value != null ) ) .image');
docker save $IMAGENAME > tmp-image.tar;
microk8s ctr image import tmp-image.tar;
microk8s ctr images ls | grep $IMAGENAME;
rm -f tmp-image.tar;
kubectl apply -f release.yaml;

Troubleshooting the image

To troubleshoot a distroless container, you can use an ephemeral pod like so:

kubectl debug -it $(kubectl get pod -l app=kubesync -o=name) --image=busybox

Name		Name	Last commit message	Last commit date
Latest commit History 147 Commits
.github		.github
.vscode		.vscode
build		build
config		config
deploy		deploy
internal		internal
scripts		scripts
.dockerignore		.dockerignore
.gitignore		.gitignore
README.md		README.md
createSA.sh		createSA.sh
go.mod		go.mod
go.sum		go.sum
main.go		main.go
secret.yaml		secret.yaml

ahanafy/kubesync

Folders and files

Latest commit

History

Repository files navigation

kubesync

Usage

Development

Install ko

Test .dockerignore file

Setup and publish

Local build/publish

Troubleshooting the image

About

Topics

Resources

Stars

Watchers

Forks

Languages