k8s-platform-lcm

module

v0.0.0-...-ce22054 Latest Latest Go to latest Published: May 13, 2022 License: MIT

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/arminc/k8s-platform-lcm

Links

Open Source Insights

README ¶

Kubernetes platform lifecycle management

This project helps you keep track of all your software and tools that are used or running in and around your Kubernetes platform. It helps you with part of the lifecycle management to keep your software up to data for feature completeness, security or compliance reasons.

Features

Keep track of versions of all the running containers (including init containers) inside the Kubernetes
Keep track of new image versions. Supporting Quay, Gcr, Docker hub, Jfrog Artifactory by default
Works with private registries and private images
Allow overriding of the registry to search latest versions from another registry
Keep track of image vulnerabilities using Jfrog Xray
Possibility to provide local tool versions (like terraform) and find the new versions on GitHub
Keep track of Helm chart deployments and track new versions of the charts
Present the information command line
Present the information trough a web UI
Export prometheus metrics
Filter out vulnerabilties which are accepted

Help (how to run)

For all the configuration options please have a look at the exampleConfig.yaml.

When running lcm you can provide certain flags which are not available in the config. The application assumes there is a config.yaml available in the same folder.

./lcm --help
usage: lcm [<flags>]

Kubernetes platform lifecycle management

Flags:
  --help                  Show context-sensitive help (also try --help-long and --help-man).
  --version               Show application version.
  --config="config.yaml"  Provide the path to the config file. Default is config.yaml which is in the same folder as lcm
  --local                 Run locally, default expected behavior is to run in the Kubernetes cluster
  --verbose               Show more information. This overrides the config setting
  --debug                 Show debug information, debug includes verbose. This overrides the config setting
  --jsonLogging           Log in json format
  --logFile=LOGFILE       Log file path
  --server                Start the server
  --metrics               Start the metric server (runs on port 9572)
  --vul                   Print all vulnerabilities at the end

Note: If you are using --server option please make sure the templates and static folder are next to the binary so it can serve the page.

Docker

Docker image is available at arminc/lcm:VERSION or arminc/lcm:latest. It is packaged with the template and css. Run it as following, and add any necessary flags you want or use the yaml file.

docker run -it -v $(pwd)/config.yaml:/config.yaml -p 7321:7321 arminc/lcm:latest --local --server

Example output

Command Line

+---------------------------------------+-------------------+----------+-------+
|                 IMAGE                 |      VERSION      |  LATEST  | CVES  |
+---------------------------------------+-------------------+----------+-------+
| library/alpine                        |      3.10.1       |  3.10.3  | ERROR |
| openpolicyagent/kube-mgmt             |        0.9        |   0.10   | 0     |
| openpolicyagent/opa                   |      0.14.1       |  0.15.1  | 0     |
| velero/velero                         |      v1.1.0       |  v1.2.0  | 0     |
+---------------------------------------+-------------------+----------+-------+
+----------------------------+------------+----------+
|           CHART            |  VERSION   |  LATEST  |
+----------------------------+------------+----------+
| opa                        |   0.12.0   |  1.13.1  |
| velero                     |   2.5.0    |  2.7.0   |
+----------------------------+------------+----------+
+---------------------+---------+----------+
|        TOOL         | VERSION |  LATEST  |
+---------------------+---------+----------+
| derailed/popeye     | v0.4.1  |  v0.5.0  |
| hashicorp/terraform | 0.11.14 | v0.12.18 |
+---------------------+---------+----------+

Metric output

chart_info{chart="polaris",latestVersion="1.1.0",version="0.10.1"} 0
image_info{image="storageos/csi-provisioner",latestVersion="v1.4.0",registry="docker.io",version="v1.4.0"} 1
tool_info{latestVersion="v0.12.26",tool="hashicorp/terraform",version="0.11.14"} 0

Web UI

Directories ¶

Path	Synopsis
cmd
lcm
internal
config
registries
versioning
pkg
github Package github is used to access GitHub to find latest version in repositories	Package github is used to access GitHub to find latest version in repositories
kubernetes
trivy Package trivy is used to access trivy server to find vulnerabilities for images	Package trivy is used to access trivy server to find vulnerabilities for images
versioning Package versioning is used to handle SemVer	Package versioning is used to handle SemVer
vulnerabilities
xray Package xray is used to access Xray to find vulnerabilities for images	Package xray is used to access Xray to find vulnerabilities for images

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL