Releases: whtssub/kubectl-snapshot
Release list
v0.2.4
v0.2.4 — Distribution
Shell completion
# bash (~/.bashrc)
source <(kubectl snapshot completion bash)
# zsh (~/.zshrc)
source <(kubectl snapshot completion zsh)
# fish (~/.config/fish/config.fish)
kubectl snapshot completion fish | source
# PowerShell ($PROFILE)
kubectl snapshot completion powershell | Out-String | Invoke-ExpressionSARIF output for GitHub Code Scanning
analyze --output sarif emits SARIF 2.1.0 compatible with the GitHub Code Scanning upload action. Each pod/node/workload/storage issue becomes a result with a rule ID, severity level, and logical resource location.
# .github/workflows/cluster-scan.yml
- run: kubectl snapshot analyze snap.json --output sarif > results.sarif
- uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results.sarifRules emitted: snapshot/pod-issue (error), snapshot/node-issue (error), snapshot/workload-issue (warning/error), snapshot/storage-issue (warning/error), snapshot/warning-event (note).
Krew and Homebrew distribution
GoReleaser now auto-publishes the krew manifest to whtssub/krew-index and the Homebrew formula to whtssub/homebrew-tap on every release.
# Homebrew
brew install whtssub/tap/kubectl-snapshot
# krew (after kubernetes-sigs/krew-index PR is accepted)
kubectl krew install snapshotChecksums verification
Every release ships checksums.txt. Verify your download:
curl -LO https://github.com/whtssub/kubectl-snapshot/releases/download/v0.2.4/kubectl-snapshot_Linux_x86_64.tar.gz
curl -LO https://github.com/whtssub/kubectl-snapshot/releases/download/v0.2.4/checksums.txt
# Linux
sha256sum --check --ignore-missing checksums.txt
# macOS
shasum -a 256 --check --ignore-missing checksums.txtInternals
internal/cli/completion.go— Cobra's built-inGenBashCompletionV2/GenZshCompletion/GenFishCompletion/GenPowerShellCompletionWithDescinternal/snapshot/sarif.go—renderSARIF(),sarifRulescatalogue,extractResourceFromIssue()helper.goreleaser.yaml— addedbrews:section (whtssub/homebrew-tap), removedskip_upload: truefromkrews:.github/workflows/release.yml— usesGH_PATsecret for cross-repo writes; falls back toGITHUB_TOKEN
Note: To enable automatic krew and Homebrew pushes, add a
GH_PATsecret to this repo — a PAT withcontents:writeonwhtssub/krew-indexandwhtssub/homebrew-tap.
v0.2.3
v0.2.3 — Multi-snapshot / trending
New commands
kubectl snapshot history
Lists all previously captured snapshots from a local index (~/.kubectl-snapshot/history.json).
The index is maintained automatically — every successful capture adds an entry.
Use --no-index to skip indexing a specific capture, or --index <path> to use a custom index file.
# List all indexed snapshots (newest first)
kubectl snapshot history
kubectl snapshot history --index /custom/path/history.json
kubectl snapshot trend [snapshot.json ...]
Compares pod counts, node counts, total restarts, and warning event counts across two or more snapshots.
Pass files explicitly or omit them to read the last N entries from the history index.
# Compare two specific snapshots
kubectl snapshot trend before.json after.json
# Compare the 5 most recent captures from history
kubectl snapshot trend --last 5
# Compare 3 snapshots from a custom index
kubectl snapshot trend --index /custom/path/history.json --last 3
New flags
capture --selector/-l <selector>
Scopes a capture to resources matching a Kubernetes label selector — forwarded to every API list call.
kubectl snapshot capture -o snap.json --selector app=frontend
kubectl snapshot capture -o snap.json -l env=prod
analyze --namespace/-n <namespace>
Restricts the analysis report to a single namespace.
Cluster-scoped records (nodes, PersistentVolumes, etc.) are always included regardless of this filter.
kubectl snapshot analyze snap.json --namespace production
kubectl snapshot analyze snap.json -n staging
Internals
internal/snapshot/history.go—LoadIndex,SaveIndex,AddToIndex,DefaultIndexPathinternal/snapshot/trend.go—ComputeTrend,RenderTrend,TrendPoint,TrendReportinternal/snapshot/io.go— addedStatBundlehelper for recording file sizes in the history index- Namespace filter applied before both the pre-pass index-building loop and the main analysis loop so cross-reference indexes (service set, network policy map) are also namespace-scoped
Install
# krew
kubectl krew install snapshot
# direct (linux/amd64)
curl -L https://github.com/whtssub/kubectl-snapshot/releases/download/v0.2.3/kubectl-snapshot_Linux_x86_64.tar.gz | tar xz
mv kubectl-snapshot ~/.local/bin/v0.2.2
v0.2.2 Richer Analysis
Five new analysis signals and reporting improvements on top of v0.2.1.
🔍 New Analysis Signals
Ingress Backend Integrity ([INGRESS])
inspectIngress cross-references each Ingress backend (default + per-path) against captured Services in the same namespace. Misconfigured ingresses pointing to non-existent services now surface in WORKLOAD ISSUES:
[INGRESS] sre-lab/api-ingress path=/ missing-service=ghost-service
[INGRESS] sre-lab/api-ingress default-backend missing-service=fallback
NetworkPolicy Gap Detection ([NETPOL])
detectNetworkPolicyGaps flags namespaces with running workloads but no NetworkPolicy applying to ingress traffic — these pods have implicit allow-all ingress and are unmonitored. Honors the spec default that omitted policyTypes means ["Ingress"]. Job-owned and Succeeded pods are excluded from the exposed-pod count.
[NETPOL] sre-lab no-ingress-policy 12 pods exposed (implicit allow-all)
📊 New Reporting Modes
--output json
Machine-readable structured report for piping into alerting tools, dashboards, or CI. Empty issue arrays serialize as [] (never null). Honors --no-resource-mix, --no-warning-events, and --severity-threshold (sets filtered: true with a reason field).
kubectl snapshot analyze snap.json --output json | jq '.incident'
{
"score": 43,
"severity": "HIGH"
}
kubectl snapshot analyze snap.json --output json | jq '.podIssues[]'Schema: { metadata, incident, podIssues, nodeIssues, workloadIssues, storageIssues, warningEvents?, resourceCounts? }.
--since <duration>
Filter warning events by age. Cutoff is bundle.CapturedAt - duration, so analysis is reproducible regardless of when it's run. Events without timestamps aren't dropped (could be untimestamped cluster events). Tries lastTimestamp, then eventTime, then firstTimestamp.
kubectl snapshot analyze snap.json --since 1h
kubectl snapshot analyze snap.json --since 30m
kubectl snapshot analyze snap.json --since 24h --output json🛡 Test Coverage
Added explicit tests for PIDPressure and NetworkUnavailable node conditions (both already detected, just previously untested). All four pressure types — MemoryPressure, DiskPressure, PIDPressure, and NetworkUnavailable — are now locked in by tests.
🔧 Internals
- Pre-pass: A pre-pass before the main inspection loop builds three cross-reference indexes on the analysis state:
serviceSet,nsHasIngressNetpol, andnsActivePodCount. This adds one extra walk overbundle.Records, which is computationally cheap. - JSON Pathing: The JSON path branches after score computation but before any text formatting—ensuring text and JSON paths stay independent.
- Exported Types: New types exported for downstream consumers:
AnalysisResult,AnalysisMetadata, andIncidentScore.
📦 Install
macOS arm64
tar -xzf kubectl-snapshot_v0.2.2_darwin_arm64.tar.gz
mv kubectl-snapshot ~/.local/bin/Linux amd64
tar -xzf kubectl-snapshot_v0.2.2_linux_amd64.tar.gz
mv kubectl-snapshot ~/.local/bin/From source:
go install https://github.com/whtssub/kubectl-snapshot/cmd/kubectl-snapshot@v0.2.2v0.2.1
Changelog
- 0113198 Merge dev into main: v0.2.1 batch — job analysis, CLI tests, Makefile targets, docs
- f83b78b build: add test, fmt, lint, coverage Makefile targets
- 8599fdc feat: add -v/--version flags and ensure v prefix in version output
- c3bd70c feat: add inspectJob and inspectCronJob to incident analysis
- 6780778 fix: skip succeeded pods and cronjob-owned pods from incident analysis
v0.2.0
Changelog
- 983f647 add CapturedResources and SkippedResources to bundle metadata
- 7b861d4 add gzip compression to WriteBundleWithOptions and magic-byte auto-detect in ReadBundle
- fee63a8 add unit tests for capture, diff, analyze, io, and GVR resolution
- cc5ce18 add workload, storage, and HPA incident signals with weighted severity scoring
- 1aedeb6 automate local cluster testing with sample panic scenarios
- 8715620 expand capture to 24 resource types with short-name aliases and GVR triple support
- 64bb07d feat: add ReplicaSet replica mismatch detection
- a2833bd feat: colorized output with section icons and numbered lists
- cc3568a feat: severity-aware output limits and colorized severity label
- 25bb9e9 fix: cap restart contribution at 50 to prevent score inflation
- 1581702 fix: deduplicate deployment signals, use replica count over condition
- ff0ba16 fix: skip job-owned pods from incident analysis
- bc2047f improve cli readablity
- 544c4c8 initialize repo
- f0feccb main cmd files for cluster diagnosis
- 64f2410 scaffolfing
- effd9e8 update docs
- 47ae47b updates for cross platform distribution
- 9bc7984 versioning the local testing scenarios
- a0fa7ca wire --resources and --compress flags; inject version/commit/date via ldflags