awesome-kubernetes-configuration-management icon indicating copy to clipboard operation
awesome-kubernetes-configuration-management copied to clipboard

verified publisher icon ndrpnt

Metadata

A taxonomy of Kubernetes configuration management tools

Awesome Kubernetes Configuration Management

This list is incomplete. Feel free to contribute and help expand it.

Configuration Management

  • Generation (G): Given some non-Kubernetes configuration, returns Kubernetes manifests.
  • Mutation (M): Given Kubernetes manifests, returns (possibly different) Kubernetes manifests.
  • Validation (V): Given Kubernetes manifests, returns validation results.
  • Deployment (D): Given Kubernetes manifest, makes Kubernetes API calls.
  • Sharing (S): Enables the packaging and/or distribution of Kubernetes manifests.
  • In cluster (I): Runs in cluster.
  • Local (L): Runs locally.
Features Languages Notes
Acorn DI
Ansible GDL YAML, Jinja2, Python (for plugins) Related: Kubernetes Collection;
Argo CD DI
autoapply DI YAML
Bazel DL Starlark Related: rules_gitops, rules_k8s;
Bicep GDSL Bicep Related: Kubernetes provider, Kubernetes type definitions;
cdk8s GSL TypeScript, Python, Java, Go Related: cdk8s+;
Checkov VIL YAML, Python
compose2kube GL YAML Abandoned;
Config Sync DI
Conftest VL Rego Related: Kubernetes policies;
Crossplane GDI Related: Ansible provider, Argo CD provider, Helm provider, Kubernetes provider, Terraform provider;
CUE GVSL CUE
Datree VIL JSON schema, Rego
dekorate GL Java
Dhall GSL Dhall Related: dhall-kubernetes;
dxcfg GL JavaScript, TypeScript Abandoned;
Flux v1 DI Abandoned;
Flux v2 DI Related: Weave GitOps;
Gatekeeper MVI Rego External data support;
Glasskube DSI
Helm GDSL Go Template
Helmfile DL YAML
Helmsman DL TOML
Helmwave DL YAML
Isopod GVDL Starlark
jk GL JavaScript, TypeScript Abandoned;
Jsonnet GML Jsonnet Related: kube-libsonnet, k8s-gen, k8s-libsonnet;
jsPolicy MVI JavaScript, TypeScript "Controller policies" support;
k-rail MVI any (gRPC) Abandoned;
k8comp GL ERB (Ruby templating) Abandoned;
k8spkg MDL Abandoned;
kadet GL Python
Kapitan GML YAML, Jsonnet, Jinja2, Python
kapp DL
kapp-controller DI
Kasane ML YAML, Jsonnet Abandoned;
KCL GMVSL KCL Related: Run KCL scripts as KRM functions;
Kedge GDL YAML Abandoned;
Keel DI Updates container image version;
kenv ML YAML Abandoned; Injects environment variables in Pods;
Keptn DI
khelm GML
ko MDL Limited to Go applications;
Kompose GL YAML
konfd GI Go template Abandoned;
Kosko GVL JavaScript, TypeScript
KOTS DSIL
kpt GMVDSL YAML, Go, Typescript, Starlark, any (w/o SDK)
kr8 GL Jsonnet
kraan DI
krane GDL ERB (Ruby templating)
Kratix GDI
ksonnet GVDSL Jsonnet Abandoned; Related: ksonnet-lib;
ktmpl GL Abandoned;
kube-applier DI Abandoned;
kubeapply GDL YAML, Starlark Related: Terraform provider;
kubecfg GDL Jsonnet
Kubeconform VL
kubectl GVDL
kubegen GL YAML, JSON, HCL Abandoned;
KubeLinter VL YAML
kubenix GL Nix Related: GTrunSec/kubenix, blaggacao/kubenix, xtruder/kubenix;
Kubescape VIL Rego External data support;
Kubeval VL Abandoned;
Kubewarden MVI any (WebAssembly)
Kusion GVDL KCL
kustomize ML YAML
kustomizer GMSL
kvert GL edn (Clojure) Abandoned;
Kyverno GMVIL YAML, CEL External data support;
Lingon GL Go Abandoned;
Meshery GDI YAML
Microconfig GL
mimic GL Go
Monokle GVDL
NAML GDL Go
Nickel GVL Nickel
OpenCompose GL Abandoned;
Pkl GSL Pkl Related: Kubernetes Pkl templates, Kubernetes Pkl examples, Other Pkl (Kubernetes) packages;
Polaris MVIL YAML, JSON Schema
Project Syn GMDSIL YAML, Jsonnet, Jinja2, Python Related: Commodore, Lieutenant API, Lieutenant Operator, Steward;
Pulumi GDL JavaScript, TypeScript, Python, Go, C#, Visual Basic, F#, Java, YAML Related: Kubernetes provider, Operator;
Radius DI Bicep
Score GL YAML Related: Helm integration;
Ship DL Abandoned;
shipcat GDL YAML Abandoned;
Shipit DL ERB (Ruby templating)
Skycfg GL Starlark, Go
specctl GL YAML Supports generating manifests from docker compose files, and ECS Fargate task and service definitions;
Tanka GDSL Jsonnet
Terraform GDL HCL Related: Kubernetes provider, k8s provider, Kustomize provider, Helm provider;
Tilt GMDL Starlark
Timoni GDSL CUE
Tye GDL Limited to .NET applications;
Untrak L YAML Abandoned; Garbage collect untracked resources;
ValidatingAdmissionPolicy VI CEL
werf GDSL YAML
YAMLScript GL YAMLScript
ytt GMVL YAML, Starlark

Secret Management

  • In cluster (I): Runs in cluster.
  • Local (L): Runs locally.
  • Application (A): Runs side-by-side with the application.
Features Notes
agebox L
aws-secret-operator I
Azure Key Vault to Kubernetes (akv2k8s) IA
BlackBox L
conjur-authn-k8s-client A
ejson L Related: ejson2env;
External Secrets I
git-crypt L
git-encrypt L Abandoned;
git-secret L
helm-secrets L
Hiera eyaml L
Infisical Secrets Operator I Related: Infisical;
Kamus IA
Keyringer L Abandoned;
Kube-secret-syncer I
Murmur A
pass L
Piggy A
Rot L
Sealed Secrets I
Secrets Store CSI Driver I Related: AWS Secrets Manager and Systems Manager Parameter Store provider, Azure Key Vault provider, Google Secret Manager provider, HashiCorp Vault provider, CyberArk Conjur provider (WIP);
secure_yaml L Abandoned;
SOPS L Related: KSOPS (kustomize KRM exec plugin), Helm Sops, SOPS secrets operator, SOPS Operator;
Teller L Related: Helm-teller;
Tesoro I Abandoned;
transcrypt L
vals A
Vault Secrets Operator (HashiCorp) I
Vault Secrets Operator (Rico Berger) I
vault-k8s A
yaml-crypt L

Metadata

19
Stars
1
Forks
Watchers

Owner

verified publisher icon ndrpnt

Metadata

A taxonomy of Kubernetes configuration management tools

Back