Kubediff: a tool for Kubernetes to show differences between running state and version controlled configuration.

Overview

Kubediff

Kubediff is a tool for Kubernetes to show you the differences between your running configuration and your version controlled configuration.

Kubediff can be run from the command line:

$ ./kubediff
usage: kubediff [-h] [--kubeconfig KUBECONFIG] [--context CONTEXT] [--namespace NAMESPACE] [--json] [--no-error-on-diff] [paths ...]

     _          _             _  _   __   __
    | |__ _  _ | |__  ___  __| |(_) / _| / _|
    | / /| || || '_ \/ -_)/ _` || ||  _||  _|
    |_\_\ \_,_||_.__/\___|\__,_||_||_|  |_|

    Compare yaml files in path(s) to running state in kubernetes and print the
    differences. This is useful to ensure you have applied all your changes
    to the appropriate environment. This tools runs kubectl, so unless your
    ~/.kube/config is configured for the correct environment, you will need
    to supply the kubeconfig for the appropriate environment.

positional arguments:
  paths                  path(s) from which kubediff will look for configuration files

optional arguments:
  -h, --help            show this help message and exit
  --kubeconfig KUBECONFIG, -k KUBECONFIG
                        path to kubeconfig
  --context CONTEXT, -c CONTEXT
                        name of kubeconfig context to use
  --namespace NAMESPACE, -n NAMESPACE
                        Namespace to assume for objects where it is not specified (default = Kubernetes default for current context)
  --json, -j            output in json format
  --no-error-on-diff, -e
                        don't exit with 2 if diff exists

For example:

$ ./kubediff k8s
Checking ReplicationController 'kubediff'
 *** .spec.template.spec.containers[0].args[0]: '-repo=https://github.com/weaveworks/kubediff' != '-repo=https://github.com/
   
    '
Checking Secret 'kubediff-secret'
Checking Service 'kubediff'

   

Make sure the dependencies are installed first:

$ pip install -r requirements.txt

Kubediff can also be run as a service on Kubernetes, periodically downloading the latest configuration from Github, comparing it to the running configuration. In this mode Kubediff will also offers a very simple UI showing the output and export the result to Prometheus, all courtesy to prom-run.

To deploy to Kubernetes, you much first make a copy of the YAML files in k8s and update the following fields:

  • kubediff-rc.yaml the first argument to git-sync must be the location of the config repo, and the last argument to kubediff must the the location in this repo of your config.
  • kubediff-secret.yaml the username and password must be set to valid github OAuth token.

Once you have updated the config, the following commands should bring up the service:

$ kubectl create -f k8s
replicationcontroller "kubediff" created
secret "kubediff-secret" created
service "kubediff" created

And to view the UI, run the follow command and go to http://localhost:4040

`$ kubectl port-forward $(kubectl get pod --selector=name=kubediff -o jsonpath={.items..metadata.name}) 4040:80`

Kubediff Screenshot

This service exports the exit code of the kubediff as a Prometheus metric; a suitable alert can be setup for persistent differences:

ALERT Kubediff
  IF          max(command_exit_code{job="kubediff"}) != 0
  FOR         2h
  LABELS      { severity="warning" }
  ANNOTATIONS {
    summary = "Kubediff has detected a difference in running config.",
    description = "Kubediff has detected a difference in running config.",
  }

These alerts can be sent to Slack, for example:

Slack Alert

compare-images

To quickly see how two sets of configurations differ, purely in terms of images:

$ ./compare-images ../service-conf/k8s/dev/ ../service-conf/k8s/prod/
Image                          dev                   prod
-----------------------------  --------------------  --------------------
quay.io/weaveworks/grafana     master-0fc7cc2        master-08fd09d
quay.io/weaveworks/prometheus  master-0fc7cc2        master-4fb2aed
quay.io/weaveworks/ui-server   master-2899c36        master-45d67b3
tomwilkie/prometheus           frankenstein-8a5ec1b  frankenstein-ebe5808
weaveworks/scope               master-1a1021c        master-14d0e4e

Build

mkdir -p $GOPATH/src/github.com/prometheus && cd "$_"
git clone [email protected]:prometheus/client_golang.git
mkdir -p $GOPATH/src/github.com/weaveworks && cd "$_"
git clone [email protected]:weaveworks/kubediff.git
cd kubediff
make

Getting Help

If you have any questions about, feedback for or problems with kubediff:

Weaveworks follows the CNCF Code of Conduct. Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting a Weaveworks project maintainer, or Alexis Richardson ([email protected]).

Your feedback is always welcome!

Comments
  • Kubediff find differences on missing defaults

    Kubediff find differences on missing defaults

    kubediff should ignore the differences on missing defaults in the .yaml files. Poking through the source code you're getting the object (kubectl get), whilst instead should do something similar to kubectl diff

    opened by nmiculinic 13
  • Only redact Kinds starting

    Only redact Kinds starting "Secret.", avoiding SealedSecret and similar

    Fixes the error below for e.g. SealedSecret.v1alpha1.bitnami.com

    Traceback (most recent call last):
      File "/Users/po/src/kubediff/kubediff", line 48, in <module>
        main()
      File "/Users/po/src/kubediff/kubediff", line 42, in main
        failed = check_files(args, printer, config)
      File "/Users/po/src/kubediff/kubedifflib/_diff.py", line 246, in check_files
        differences += check_file(printer, path, config)
      File "/Users/po/src/kubediff/kubedifflib/_diff.py", line 174, in check_file
        printer.diff(path, difference)
      File "/Users/po/src/kubediff/kubedifflib/_diff.py", line 214, in diff
        self._write('%s', difference.to_text(self._current.kind))
      File "/Users/po/src/kubediff/kubedifflib/_diff.py", line 35, in to_text
        message = self.message % ((len(self.args[0]) * '*'), (len(self.args[1]) * '*'))
    TypeError: object of type 'NoneType' has no len()
    
    opened by puzza007 10
  • Skip yaml document if it's empty

    Skip yaml document if it's empty

    I'm trying to kubediff the changes between the output of helm template and the running helm release.

    In some cases, helm template can generate empty yaml documents, which are not handled by kubediff.

    opened by eviln1 7
  • 'make' fails

    'make' fails

    kubediff on  master via 🐍 v3.8.10 
    ❯ make
    touch .ensure-pip
    touch .ensure-virtualenv
    virtualenv .env
    created virtual environment CPython3.8.10.final.0-64 in 133ms
      creator CPython3Posix(dest=/home/daniel/dev/kubediff/.env, clear=False, global=False)
      seeder FromAppData(download=False, pip=latest, setuptools=latest, wheel=latest, pkg_resources=latest, via=copy, app_data_dir=/home/daniel/.local/share/virtualenv/seed-app-data/v1.0.1.debian.1)
      activators BashActivator,CShellActivator,FishActivator,PowerShellActivator,PythonActivator,XonshActivator
    .env/bin/pip install -e .
    Obtaining file:///home/daniel/dev/kubediff
    Collecting PyYAML
      Using cached PyYAML-5.4.1-cp38-cp38-manylinux1_x86_64.whl (662 kB)
    Collecting attrs
      Using cached attrs-21.2.0-py2.py3-none-any.whl (53 kB)
    Processing /home/daniel/.cache/pip/wheels/8e/70/28/3d6ccd6e315f65f245da085482a2e1c7d14b90b30f239e2cf4/future-0.18.2-py3-none-any.whl
    Installing collected packages: PyYAML, attrs, future, kubedifflib
      Running setup.py develop for kubedifflib
    Successfully installed PyYAML-5.4.1 attrs-21.2.0 future-0.18.2 kubedifflib
    .env/bin/pip install -r requirements.txt
    Requirement already satisfied: attrs in ./.env/lib/python3.8/site-packages (from -r requirements.txt (line 1)) (21.2.0)
    Requirement already satisfied: pyyaml in ./.env/lib/python3.8/site-packages (from -r requirements.txt (line 2)) (5.4.1)
    Collecting tabulate
      Using cached tabulate-0.8.9-py3-none-any.whl (25 kB)
    Requirement already satisfied: future in ./.env/lib/python3.8/site-packages (from -r requirements.txt (line 4)) (0.18.2)
    Installing collected packages: tabulate
    Successfully installed tabulate-0.8.9
    .env/bin/pip install -r dev-requirements.txt
    Collecting flake8
      Using cached flake8-3.9.2-py2.py3-none-any.whl (73 kB)
    Requirement already satisfied: future in ./.env/lib/python3.8/site-packages (from -r dev-requirements.txt (line 2)) (0.18.2)
    Collecting hypothesis
      Downloading hypothesis-6.20.1-py3-none-any.whl (371 kB)
         |████████████████████████████████| 371 kB 3.0 MB/s 
    Collecting pytest
      Using cached pytest-6.2.5-py3-none-any.whl (280 kB)
    Collecting tox
      Using cached tox-3.24.3-py2.py3-none-any.whl (85 kB)
    Collecting mccabe<0.7.0,>=0.6.0
      Using cached mccabe-0.6.1-py2.py3-none-any.whl (8.6 kB)
    Collecting pycodestyle<2.8.0,>=2.7.0
      Using cached pycodestyle-2.7.0-py2.py3-none-any.whl (41 kB)
    Collecting pyflakes<2.4.0,>=2.3.0
      Using cached pyflakes-2.3.1-py2.py3-none-any.whl (68 kB)
    Requirement already satisfied: attrs>=19.2.0 in ./.env/lib/python3.8/site-packages (from hypothesis->-r dev-requirements.txt (line 3)) (21.2.0)
    Collecting sortedcontainers<3.0.0,>=2.1.0
      Using cached sortedcontainers-2.4.0-py2.py3-none-any.whl (29 kB)
    Collecting packaging
      Using cached packaging-21.0-py3-none-any.whl (40 kB)
    Collecting pluggy<2.0,>=0.12
      Using cached pluggy-1.0.0-py2.py3-none-any.whl (13 kB)
    Collecting iniconfig
      Using cached iniconfig-1.1.1-py2.py3-none-any.whl (5.0 kB)
    Collecting py>=1.8.2
      Using cached py-1.10.0-py2.py3-none-any.whl (97 kB)
    Collecting toml
      Using cached toml-0.10.2-py2.py3-none-any.whl (16 kB)
    Collecting virtualenv!=20.0.0,!=20.0.1,!=20.0.2,!=20.0.3,!=20.0.4,!=20.0.5,!=20.0.6,!=20.0.7,>=16.0.0
      Using cached virtualenv-20.7.2-py2.py3-none-any.whl (5.3 MB)
    Collecting six>=1.14.0
      Using cached six-1.16.0-py2.py3-none-any.whl (11 kB)
    Collecting filelock>=3.0.0
      Using cached filelock-3.0.12-py3-none-any.whl (7.6 kB)
    Collecting pyparsing>=2.0.2
      Using cached pyparsing-2.4.7-py2.py3-none-any.whl (67 kB)
    Collecting distlib<1,>=0.3.1
      Using cached distlib-0.3.2-py2.py3-none-any.whl (338 kB)
    Collecting backports.entry-points-selectable>=1.0.4
      Using cached backports.entry_points_selectable-1.1.0-py2.py3-none-any.whl (6.2 kB)
    Collecting platformdirs<3,>=2
      Using cached platformdirs-2.3.0-py3-none-any.whl (13 kB)
    Installing collected packages: mccabe, pycodestyle, pyflakes, flake8, sortedcontainers, hypothesis, pyparsing, packaging, pluggy, iniconfig, py, toml, pytest, distlib, backports.entry-points-selectable, filelock, platformdirs, six, virtualenv, tox
    Successfully installed backports.entry-points-selectable-1.1.0 distlib-0.3.2 filelock-3.0.12 flake8-3.9.2 hypothesis-6.20.1 iniconfig-1.1.1 mccabe-0.6.1 packaging-21.0 platformdirs-2.3.0 pluggy-1.0.0 py-1.10.0 pycodestyle-2.7.0 pyflakes-2.3.1 pyparsing-2.4.7 pytest-6.2.5 six-1.16.0 sortedcontainers-2.4.0 toml-0.10.2 tox-3.24.3 virtualenv-20.7.2
    touch .env/.deps-uptodate
    .env/bin/py.test --junitxml="junit.xml"
    ==================================================================================== test session starts ====================================================================================
    platform linux -- Python 3.8.10, pytest-6.2.5, py-1.10.0, pluggy-1.0.0
    rootdir: /home/daniel/dev/kubediff
    plugins: hypothesis-6.20.1
    collected 13 items                                                                                                                                                                          
    
    kubedifflib/tests/test_diff.py .............                                                                                                                                          [100%]
    
    ===================================================================================== warnings summary ======================================================================================
    .env/lib/python3.8/site-packages/past/builtins/misc.py:45
      /home/daniel/dev/kubediff/.env/lib/python3.8/site-packages/past/builtins/misc.py:45: DeprecationWarning: the imp module is deprecated in favour of importlib; see the module's documentation for alternative uses
        from imp import reload
    
    -- Docs: https://docs.pytest.org/en/stable/warnings.html
    ------------------------------------------------------------------ generated xml file: /home/daniel/dev/kubediff/junit.xml ------------------------------------------------------------------
    =============================================================================== 13 passed, 1 warning in 4.44s ===============================================================================
    .env/bin/flake8 kubediff
    CGO_ENABLED=0 GOOS=linux go build ./vendor/github.com/tomwilkie/prom-run
    vendor/github.com/tomwilkie/prom-run/main.go:16:2: cannot find package "github.com/prometheus/client_golang/prometheus" in any of:
    	/usr/lib/go-1.13/src/github.com/prometheus/client_golang/prometheus (from $GOROOT)
    	/home/daniel/go/src/github.com/prometheus/client_golang/prometheus (from $GOPATH)
    vendor/github.com/tomwilkie/prom-run/main.go:17:2: cannot find package "github.com/sirupsen/logrus" in any of:
    	/usr/lib/go-1.13/src/github.com/sirupsen/logrus (from $GOROOT)
    	/home/daniel/go/src/github.com/sirupsen/logrus (from $GOPATH)
    make: *** [Makefile:49: prom-run] Fehler 1
    
    kubediff on  master [?] via 🐍 v3.8.10 took 14s 
    ❯ 
    
    
    bug enhancement 
    opened by dholbach 5
  • Handle Kubernetes apiVersion

    Handle Kubernetes apiVersion

    Fixes #50

    kubectl get deployment foo may fetch an old version of the object, whereas kubectl get deployment foo.v1.apps will fetch the requested version.

    See https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#get

    opened by bboreham 5
  • Add --context parameter for easier switch between kubeconfig context

    Add --context parameter for easier switch between kubeconfig context

    At my org we work with several clusters in parallel, each in their own Kubeconfig context. Some of our admins are used to passing the --context param to kubectl. Being able to specify the context as a parameter to kubeconfig would be a big timesaver for them.

    The parameter is simply sent through to kubectl, not much logic here, works essentially like --kubeconfig.

    opened by mgarstecki 4
  • .yaml file extension requirement not clear

    .yaml file extension requirement not clear

    I had to grep around to find this one ... I'd been naming my files .yml, which kubediff didn't deal with so well. Some kind of output or a note about it in the help would be nice.

    On the other hand, thank you for this tool!

    opened by robertlabrie 4
  • Catch KeyErrors when trying to load manifest

    Catch KeyErrors when trying to load manifest

    If any YAML file is not a Kubernetes object manifest file, kubediff fails with an exception. This PR allows for processing to continue and the YAML file is simply passed over.

    enhancement blocked-rebase 
    opened by TimJones 3
  • Ignore spurious diffs in cpu resource requests/limits

    Ignore spurious diffs in cpu resource requests/limits

    There are multiple possible formats for the same semantic value (eg. 50m vs 0.05) for cpu resources, and the k8s server may return one even if you apply the other. This creates a diff that can't be resolved by applying.

    We solve this problem by ignoring the diff if the values have the same meaning. To facilitate this we introduce a generic method for adding 'tolerations' to the diffs. Since it would be complex and annoying to add the special case all the way down the stack at the place the diff is detected, we instead remove any tolerable diffs as a seperate step after all diffs for a file have been generated.

    I've used globbing of paths for simplicity, as it allows you to easily say "anything ending with" or "all paths under", etc. without resorting to full regex, which I think would be less readable in most cases.

    Fixes #33

    opened by ekimekim 3
  • Bump golang.org/x/tools from 0.1.6 to 0.1.7

    Bump golang.org/x/tools from 0.1.6 to 0.1.7

    Bumps golang.org/x/tools from 0.1.6 to 0.1.7.

    Commits
    • 0df0ca0 internal/typeparams: hide go1.18 API usage behind a build constraint
    • 7898fe6 internal/lsp/analysis: move implementmissing logic into undeclared
    • da36f79 go/internal/gcimporter: skip typeparam import tests on unified builders
    • 64bbad1 internal/lsp/debug: improve readability of session options
    • b182fde go/analysis/passes/tests: check example output
    • ba6b94c internal/lsp: add fields to anonymous struct info
    • 939195f go/ssa: skip the "constraints" package in TestStdlib
    • e1e06b8 go/internal/gcimporter: temporarily skip the contraints package on the
    • 6d1e33f internal/lsp: handle panic in hoverRune by using token.Pos
    • c8db761 internal/lsp/cache: keep going on failed analyzers
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 2
  • Bump flask from 0.12.4 to 1.0 in /tools/scheduler

    Bump flask from 0.12.4 to 1.0 in /tools/scheduler

    Bumps flask from 0.12.4 to 1.0.

    Release notes

    Sourced from flask's releases.

    1.0

    The Pallets team is pleased to release Flask 1.0. [Read the announcement on our blog.](https://www.palletsprojects.com/blog/flask-1-0-released/

    There are over a year's worth of changes in this release. Many features have been improved or changed. Read the changelog to understand how your project's code will be affected.

    JSON Security Fix

    Flask previously decoded incoming JSON bytes using the content type of the request. Although JSON should only be encoded as UTF-8, Flask was more lenient. However, Python includes non-text related encodings that could result in unexpected memory use by a request.

    Flask will now detect the encoding of incoming JSON data as one of the supported UTF encodings, and will not allow arbitrary encodings from the request.

    Install or Upgrade

    Install from PyPI with pip:

    pip install -U Flask
    
    Changelog

    Sourced from flask's changelog.

    Version 1.0

    Released 2018-04-26

    • Python 2.6 and 3.3 are no longer supported.
    • Bump minimum dependency versions to the latest stable versions: Werkzeug >= 0.14, Jinja >= 2.10, itsdangerous >= 0.24, Click >= 5.1. :issue:2586
    • Skip :meth:app.run <Flask.run> when a Flask application is run from the command line. This avoids some behavior that was confusing to debug.
    • Change the default for :data:JSONIFY_PRETTYPRINT_REGULAR to False. :func:~json.jsonify returns a compact format by default, and an indented format in debug mode. :pr:2193
    • :meth:Flask.__init__ <Flask> accepts the host_matching argument and sets it on :attr:~Flask.url_map. :issue:1559
    • :meth:Flask.__init__ <Flask> accepts the static_host argument and passes it as the host argument when defining the static route. :issue:1559
    • :func:send_file supports Unicode in attachment_filename. :pr:2223
    • Pass _scheme argument from :func:url_for to :meth:~Flask.handle_url_build_error. :pr:2017
    • :meth:~Flask.add_url_rule accepts the provide_automatic_options argument to disable adding the OPTIONS method. :pr:1489
    • :class:~views.MethodView subclasses inherit method handlers from base classes. :pr:1936
    • Errors caused while opening the session at the beginning of the request are handled by the app's error handlers. :pr:2254
    • Blueprints gained :attr:~Blueprint.json_encoder and :attr:~Blueprint.json_decoder attributes to override the app's encoder and decoder. :pr:1898
    • :meth:Flask.make_response raises TypeError instead of ValueError for bad response types. The error messages have been improved to describe why the type is invalid. :pr:2256
    • Add routes CLI command to output routes registered on the application. :pr:2259
    • Show warning when session cookie domain is a bare hostname or an IP address, as these may not behave properly in some browsers, such as Chrome. :pr:2282
    • Allow IP address as exact session cookie domain. :pr:2282
    • SESSION_COOKIE_DOMAIN is set if it is detected through SERVER_NAME. :pr:2282
    • Auto-detect zero-argument app factory called create_app or make_app from FLASK_APP. :pr:2297
    • Factory functions are not required to take a script_info parameter to work with the flask command. If they take a single parameter or a parameter named script_info, the

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 2
  • Bump alpine from 3.15.0 to 3.17.0

    Bump alpine from 3.15.0 to 3.17.0

    Bumps alpine from 3.15.0 to 3.17.0.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies docker 
    opened by dependabot[bot] 0
  • Bump actions/checkout from 2 to 3.1.0

    Bump actions/checkout from 2 to 3.1.0

    Bumps actions/checkout from 2 to 3.1.0.

    Release notes

    Sourced from actions/checkout's releases.

    v3.1.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/actions/checkout/compare/v3.0.2...v3.1.0

    v3.0.2

    What's Changed

    Full Changelog: https://github.com/actions/checkout/compare/v3...v3.0.2

    v3.0.1

    v3.0.0

    • Updated to the node16 runtime by default
      • This requires a minimum Actions Runner version of v2.285.0 to run, which is by default available in GHES 3.4 or later.

    v2.4.2

    What's Changed

    Full Changelog: https://github.com/actions/checkout/compare/v2...v2.4.2

    v2.4.1

    • Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory

    v2.4.0

    • Convert SSH URLs like org-<ORG_ID>@github.com: to https://github.com/ - pr

    v2.3.5

    Update dependencies

    v2.3.4

    v2.3.3

    ... (truncated)

    Changelog

    Sourced from actions/checkout's changelog.

    v3.1.0

    v3.0.2

    v3.0.1

    v3.0.0

    v2.3.1

    v2.3.0

    v2.2.0

    v2.1.1

    • Changes to support GHES (here and here)

    v2.1.0

    v2.0.0

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 0
  • Bump actions/setup-python from 2 to 4.1.0

    Bump actions/setup-python from 2 to 4.1.0

    Bumps actions/setup-python from 2 to 4.1.0.

    Release notes

    Sourced from actions/setup-python's releases.

    v4.1.0

    In scope of this pull request we updated actions/cache package as the new version contains fixes for caching error handling. Moreover, we added a new input update-environment. This option allows to specify if the action shall update environment variables (default) or not.

    Update-environment input

        - name: setup-python 3.9
          uses: actions/setup-python@v4
          with:
            python-version: 3.9
            update-environment: false
    

    Besides, we added such changes as:

    v4.0.0

    What's Changed

    • Support for python-version-file input: #336

    Example of usage:

    - uses: actions/setup-python@v4
      with:
        python-version-file: '.python-version' # Read python version from a file
    - run: python my_script.py
    

    There is no default python version for this setup-python major version, the action requires to specify either python-version input or python-version-file input. If the python-version input is not specified the action will try to read required version from file from python-version-file input.

    • Use pypyX.Y for PyPy python-version input: #349

    Example of usage:

    - uses: actions/setup-python@v4
      with:
        python-version: 'pypy3.9' # pypy-X.Y kept for backward compatibility
    - run: python my_script.py
    
    • RUNNER_TOOL_CACHE environment variable is equal AGENT_TOOLSDIRECTORY: #338

    • Bugfix: create missing pypyX.Y symlinks: #347

    • PKG_CONFIG_PATH environment variable: #400

    • Added python-path output: #405

    ... (truncated)

    Commits
    • c4e89fa Improve readme for 3.x and 3.11-dev style python-version (#441)
    • 0ad0f6a Merge pull request #452 from mayeut/fix-env
    • f0bcf8b Merge pull request #456 from akx/patch-1
    • af97157 doc: Add multiple wildcards example to readme
    • 364e819 Merge pull request #394 from akv-platform/v-sedoli/set-env-by-default
    • 782f81b Merge pull request #450 from IvanZosimov/ResolveVersionFix
    • 2c9de4e Remove duplicate code introduced in #440
    • 412091c Fix tests for update-environment==false
    • 78a2330 Merge pull request #451 from dmitry-shibanov/fx-pipenv-python-version
    • 96f494e trigger checks
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 0
  • Bump docker/login-action from 1 to 2

    Bump docker/login-action from 1 to 2

    Bumps docker/login-action from 1 to 2.

    Release notes

    Sourced from docker/login-action's releases.

    v2.0.0

    • Node 16 as default runtime by @​crazy-max (#161)
      • This requires a minimum Actions Runner version of v2.285.0, which is by default available in GHES 3.4 or later.
    • chore: update dev dependencies and workflow by @​crazy-max (#170)
    • Bump @​actions/exec from 1.1.0 to 1.1.1 (#167)
    • Bump @​actions/io from 1.1.1 to 1.1.2 (#168)
    • Bump minimist from 1.2.5 to 1.2.6 (#176)
    • Bump https-proxy-agent from 5.0.0 to 5.0.1 (#182)

    Full Changelog: https://github.com/docker/login-action/compare/v1.14.1...v2.0.0

    v1.14.1

    • Revert to Node 12 as default runtime to fix issue for GHE users (#160)

    v1.14.0

    • Update to node 16 (#158)
    • Bump @​aws-sdk/client-ecr from 3.45.0 to 3.53.0 (#157)
    • Bump @​aws-sdk/client-ecr-public from 3.45.0 to 3.53.0 (#156)

    v1.13.0

    • Handle proxy settings for aws-sdk (#152)
    • Workload identity based authentication docs for GCR and GAR (#112)
    • Test login against ACR (#49)
    • Bump @​aws-sdk/client-ecr from 3.44.0 to 3.45.0 (#132)
    • Bump @​aws-sdk/client-ecr-public from 3.43.0 to 3.45.0 (#131)

    v1.12.0

    • ECR: only set credentials if username and password are specified (#128)
    • Refactor to use aws-sdk v3 (#128)

    v1.11.0

    • ECR: switch implementation to use the AWS SDK (#126)
    • ecr input to specify whether the given registry is ECR (#123)
    • Test against Windows runner (#126)
    • Update instructions for Google registry (#127)
    • Update dev workflow (#111)
    • Small changes for GHCR doc (#86)
    • Update dev dependencies (#85)
    • Bump ansi-regex from 5.0.0 to 5.0.1 (#101)
    • Bump tmpl from 1.0.4 to 1.0.5 (#100)
    • Bump @​actions/core from 1.4.0 to 1.6.0 (#94 #103)
    • Bump codecov/codecov-action from 1 to 2 (#88)
    • Bump hosted-git-info from 2.8.8 to 2.8.9 (#83)
    • Bump node-notifier from 8.0.0 to 8.0.2 (#82)
    • Bump ws from 7.3.1 to 7.5.0 (#81)
    • Bump lodash from 4.17.20 to 4.17.21 (#80)
    • Bump y18n from 4.0.0 to 4.0.3 (#79)

    v1.10.0

    • GitHub Packages Docker Registry deprecated (#78)

    ... (truncated)

    Commits
    • 49ed152 Merge pull request #161 from crazy-max/node16-runtime
    • b61a9ce Node 16 as default runtime
    • 3a136a8 Merge pull request #182 from docker/dependabot/npm_and_yarn/https-proxy-agent...
    • b312880 Update generated content
    • 795794e Bump https-proxy-agent from 5.0.0 to 5.0.1
    • 1edf618 Merge pull request #179 from docker/dependabot/github_actions/codecov/codecov...
    • 8e66ad4 Bump codecov/codecov-action from 2 to 3
    • 7c79b59 Merge pull request #176 from docker/dependabot/npm_and_yarn/minimist-1.2.6
    • 24a38e0 Bump minimist from 1.2.5 to 1.2.6
    • 70e1ff8 Merge pull request #170 from crazy-max/eslint
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 0
  • Bump github/codeql-action from 1 to 2

    Bump github/codeql-action from 1 to 2

    Bumps github/codeql-action from 1 to 2.

    Changelog

    Sourced from github/codeql-action's changelog.

    2.1.8 - 08 Apr 2022

    • Update default CodeQL bundle version to 2.8.5. #1014
    • Fix error where the init action would fail due to a GitHub API request that was taking too long to complete #1025

    2.1.7 - 05 Apr 2022

    • A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. #1018

    2.1.6 - 30 Mar 2022

    • [v2+ only] The CodeQL Action now runs on Node.js v16. #1000
    • Update default CodeQL bundle version to 2.8.4. #990
    • Fix a bug where an invalid commit_oid was being sent to code scanning when a custom checkout path was being used. #956
    Commits
    • 2c03704 Allow the version of the ML-powered pack to depend on the CLI version
    • dd6b592 Simplify ML-powered query status report definition
    • a90d8bf Merge pull request #1011 from github/henrymercer/ml-powered-queries-pr-check
    • dc0338e Use latest major version of actions/upload-artifact
    • 57096fe Add a PR check to validate that ML-powered queries are run correctly
    • b0ddf36 Merge pull request #1012 from github/henrymercer/update-actions-major-versions
    • 1ea2f2d Merge branch 'main' into henrymercer/update-actions-major-versions
    • 9dcc141 Merge pull request #1010 from github/henrymercer/stop-running-ml-powered-quer...
    • ea751a9 Update other Actions from v2 to v3
    • a2949f4 Update actions/checkout from v2 to v3
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 0
  • kubediff doesn't seem to be able to compare helm files

    kubediff doesn't seem to be able to compare helm files

    I'm using the helm template in git and then the k8s environment has installed the app via helm, kubediff doesn't seem to render the helm file, only the native yaml file can be compared image image

    opened by zerunhu 0
Owner
Weaveworks
weaving containers into applications
Weaveworks
Google Kubernetes Engine (GKE) with a Snyk Kubernetes controller installed/configured for Snyk App

Google Kubernetes Engine (GKE) with a Snyk Kubernetes controller installed/configured for Snyk App This example provisions a Google Kubernetes Engine

Pas Apicella 2 Feb 9, 2022
Coding For Entrepreneurs 100 Jan 1, 2023
A charmed operator for running PGbouncer on kubernetes.

operator-template Description TODO: Describe your charm in a few paragraphs of Markdown Usage TODO: Provide high-level usage, such as required config

Canonical 1 Dec 1, 2022
Kube kombu - Running kombu consumers with support of liveness probe for kubernetes

Setup and Running Kombu consumers Steps: Install python 3.9 or greater on your s

Anmol Porwal 5 Dec 10, 2022
A Blazing fast Security Auditing tool for Kubernetes

A Blazing fast Security Auditing tool for kubernetes!! Basic Overview Kubestriker performs numerous in depth checks on kubernetes infra to identify th

Vasant Chinnipilli 934 Jan 4, 2023
Caboto, the Kubernetes semantic analysis tool

Caboto Caboto, the Kubernetes semantic analysis toolkit. It contains a lightweight Python library for semantic analysis of plain Kubernetes manifests

Michael Schilonka 8 Nov 26, 2022
This repository contains code examples and documentation for learning how applications can be developed with Kubernetes

BigBitBus KAT Components Click on the diagram to enlarge, or follow this link for detailed documentation Introduction Welcome to the BigBitBus Kuberne

null 51 Oct 16, 2022
sysctl/sysfs settings on a fly for Kubernetes Cluster. No restarts are required for clusters and nodes.

SysBindings Daemon Little toolkit for control the sysctl/sysfs bindings on Kubernetes Cluster on the fly and without unnecessary restarts of cluster o

Wallarm 19 May 6, 2022
Rancher Kubernetes API compatible with RKE, RKE2 and maybe others?

kctl Rancher Kubernetes API compatible with RKE, RKE2 and maybe others? Documentation is WIP. Quickstart pip install --upgrade kctl Usage from lazycls

null 1 Dec 2, 2021
Copy a Kubernetes pod and run commands in its environment

copypod Utility for copying a running Kubernetes pod so you can run commands in a copy of its environment, without worrying about it the pod potential

Memrise 4 Apr 8, 2022
Checkmk kube agent - Checkmk Kubernetes Cluster and Node Collectors

Checkmk Kubernetes Cluster and Node Collectors Checkmk cluster and node collecto

tribe29 GmbH 15 Dec 26, 2022
A basic instruction for Kubernetes setup and understanding.

A basic instruction for Kubernetes setup and understanding Module ID Module Guide - Install Kubernetes Cluster k8s-install 3 Docker Core Technology mo

null 648 Jan 2, 2023
A tool to convert AWS EC2 instances back and forth between On-Demand and Spot billing models.

ec2-spot-converter This tool converts existing AWS EC2 instances back and forth between On-Demand and 'persistent' Spot billing models while preservin

jcjorel 152 Dec 29, 2022
Official Python client library for kubernetes

Kubernetes Python Client Python client for the kubernetes API. Installation From source: git clone --recursive https://github.com/kubernetes-client/py

Kubernetes Clients 5.4k Jan 2, 2023
A Kubernetes operator that creates UptimeRobot monitors for your ingresses

This operator automatically creates uptime monitors at UptimeRobot for your Kubernetes Ingress resources. This allows you to easily integrate uptime monitoring of your services into your Kubernetes deployments.

Max 49 Dec 14, 2022
A Simple script to hunt unused Kubernetes resources.

K8SPurger A Simple script to hunt unused Kubernetes resources. Release History Release 0.3 Added Ingress Added Services Account Adding RoleBindding Re

Yogesh Kunjir 202 Nov 19, 2022
Run Oracle on Kubernetes with El Carro

El Carro is a new project that offers a way to run Oracle databases in Kubernetes as a portable, open source, community driven, no vendor lock-in container orchestration system. El Carro provides a powerful declarative API for comprehensive and consistent configuration and deployment as well as for real-time operations and monitoring.

Google Cloud Platform 205 Dec 30, 2022
Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions

Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions

Arie Bregman 35.1k Jan 2, 2023
Chartreuse: Automated Alembic migrations within kubernetes

Chartreuse: Automated Alembic SQL schema migrations within kubernetes "How to automate management of Alembic database schema migration at scale using

Wiremind 8 Oct 25, 2022