safeguard

module

v0.5.0 Latest Latest Go to latest Published: Nov 30, 2021 License: MIT

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jw-s/safeguard

Links

Open Source Insights

README ¶

safeguard

Safeguard is a custom admission controller for kubernetes used to enforce protection on kubernetes resources.

Usage

Configure safeguard.yml with your own ca bundle base64 encoded.
Modify secret.yml with your own tls.crt and tls.key

NOTE: the certificates have to be signed by the same CA as your api server!
Run the following;

kubectl create -f safeguard.yml -n NAMESPACE
kubectl create -f contrib/secret.yml -n NAMESPACE
kubectl create -f contrib/deployment.yml -n NAMESPACE # this should be in the same namespace as the secret
kubectl create -f contrib/service.yml -n NAMESPACE # this should be in the same namespace as the deployment

Decorate your resources with the following annotation to protect them.

---
apiVersion: v1
kind: Service
metadata:
  name: example
  annotations:
    safeguard.jw-s.com/protected: 'true'
...

Try to delete the protected resource!

Development

Prerequistities

Go 1.12.x
Make

go get -d github.com/jw-s/safeguard
cd $GOPATH/src/github.com/jw-s/safeguard
make build

Directories ¶

Path	Synopsis
cmd
pkg
route
service
util

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL