Skip to content

Instantly share code, notes, and snippets.

@george-angel
Last active July 23, 2020 12:22
Show Gist options
  • Save george-angel/56ed5c30d43776e59cc49aec511fe5c6 to your computer and use it in GitHub Desktop.
Save george-angel/56ed5c30d43776e59cc49aec511fe5c6 to your computer and use it in GitHub Desktop.
2020-07 kube-applier spec

kube-applier v3

server

applied namespace

  • roleBinding KA's/SA as ns admin
  • secret called kube-applier.io
  • CRD instance

refs

repository

You can specify the git repository describing your namespace

repository_path

Path to the namespace definition within your repository

git-token

One git token you provide that both grants access to your base repository and any private bases you might pull via Kuatomize

Problems

  • How do you auth to multiple private repositories, go-git suggests using personal tokens to auth for clone. We allow each namespace to specify a single token. And suggest they use a user account (human or machine).
  • Obscure last-applied annotation from Secret resources
  • Work out how to "watch" with go-git
  • go-git doesn't implement filters right now, won't work with strongobx: go-git/go-git#95
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment